LinuxSecurity.com: Linux Security Week, June 12th 2000Jun 12, 2000, 11:17 (0 Talkback[s])
(Other stories by Benjamin D. Thomas)
"This week was quite an active week, not the least of which was a very serious Linux kernel security bug was recently discovered that allows local users to gain root access. The problem exists in the Linux kernel capability model that affects all 2.2.x kernels. To ensure that this vulnerability cannot be exploited by programs running on Linux, users are advised to update to kernel version 2.2.16 immediately."
"Security updates for KDE, inn, mailx and qpop were all issued by many vendors. Some vendors also reported vulnerabilities with a flaw in the SSL transaction handling of Netscape."
"Keep in mind that simply because your vendor has not released an update that another vendor may have does not mean your system is not vulnerable."