Security Portal: Weekly Linux Security Digest 2000/08/28 to 2000/09/03Sep 05, 2000, 19:33 (0 Talkback[s])
(Other stories by Kurt Seifried)
"The big news this week is a potential glibc hole, for which no exploit code exists - but vendors are issuing fixes. (Dontcha love Linux security? We know there might be an exploitable issue under certain rare circumstances; nobody has seen exploit code yet, but here's the fix). The other is mgetty - in certain configurations it can be used to overwrite files. Vendors have been issuing updates. In general, the rest is catch-up with older problems like Zope, Netscape and Xchat."
"We lead off with general advisories and exploit code, then move to vendor ad. Most items appear in alphabetical order. If we're missing a Linux vendor's advisory, please tell us - ditto for any Linux-related security alerts. The long strings of hex in front of package names are MD5 signatures. Exploits are housed in /research/exploits/linux/."