Security Portal: Weekly Linux Security Digest 2000/11/20 to 2000/11/26Nov 27, 2000, 08:40 (0 Talkback[s])
(Other stories by Kurt Seifried)
"A busy week for Debian, Conectiva and others. Problems in tcpdump, ethereal, pine, joe, and Gaim. Most vendors are still playing catch-up, and on some issues, such as pine, it is unclear who is suffering exactly what problem - remote DoS, code execution, etc. The good news (as almost always) is that some vendors have gotten quite a bit better at producing security advisories, giving credit, and getting them out timely. Now if only Debian would number its advisories (hint, hint)."
"We lead off with general advisories and exploit code, then move to vendor advisories. Most items appear in alphabetical order. If we're missing a Linux vendor's advisory, please tell us - ditto for any Linux-related security alerts. The long strings of hex in front of package names are MD5 signatures."