Security Portal: Weekly Linux Security Digest 2000/07/31 to 2000/08/06Aug 07, 2000, 07:25 (0 Talkback[s])
(Other stories by Kurt Seifried)
"A busy week - LIDS, Netscape, Mailman, NFS, kon2, gpm and several other programs were found to contain security problems, some of them very nasty. A few weeks ago I slagged Mandrake Software. Well, I'm not going to apologize, but I will say this: Mandrake has significantly improved its security advisories. They are now issued regularly, contain solid information in regard to the problem and how to fix. My remaining complaint would be that they have no vendor site for updates, but rely on third-party mirrors. This is somewhat mitigated by the update tool, but I still feel that vendors should not rely on the good will of third parties to distribute fixes. Reliability aside, there are trust issues to be considered."
"We lead off with general advisories and exploit code, then move to vendor ad. Most items appear in alphabetical order. If we're missing a Linux vendor's advisory, please tell us - ditto for any Linux-related security alerts. The long strings of hex in front of package names are MD5 signatures."