LinuxSecurity.com: Linux Security Week, June 19th 2000Jun 19, 2000, 10:37 (0 Talkback[s])
(Other stories by Benjamin D. Thomas)
"After two weeks of constant advisories, its comforting to see the amount of activity die down. This week, various advisories exists for the Document Template package, BRU Backup Utility, Kerberos 5, and a bug on FreeBSD/Alpha systems that weakens its encryption. Take time to Review your system for these packages and update immediately if affected. Keep in mind that simply because your vendor has not released an update that another vendor may have does not mean your system is not vulnerable."
"In the news, OpenBSD Announces its release of version 2.7, Mimestar "Shoots Down Intruders" by releasing Version 3.0.7 of SecureNet PRO, and the U.S. House gives its "OK" to the digital signature bill."
"This week a number of interesting papers were released. Some of those include "Open Sources, Security by Default," "Bruce Schneier's Crypto-Gram," and "The Secrets of Snoop," a paper discussing the use of various sniffers. "Open Sources, Security by Default" discusses actions taken by the OpenBSD team, and Theo De Raadt, the founder of OpenBSD. With the release of OpenBSD 2.7, the goal was to "remove most of the extraneous, unnecessary, and insecure protocols from the OS, tightened up the default configuration, and then hunt for bugs ruthlessly." The Internet as a whole would be a much more secure if other vendors would follow this example."