"The only really new thing is the man page
vulnerability in Red Hat, which if exploited could allow a user to
gain "man" privileges, which doesn't sound to bad until you realize
that root will probably run "man" and then bad things might happen.
In other news we have Apache 1.3.20, mostly for some bugs in the
Windows/OS/2 port, but, in any event upgrading is advisable. We
also have two new source code vulnerability scanners, RATS and
flawfinder. If you're a programer you should probably take a look
at these (and ITS4). Otherwise it's mostly vendors playing catch-up
with Mandrake and TurboLinux fixing older problem or reissuing
We lead off with general advisories and exploit code, then move
to vendor advisories. Most items appear in alphabetical order. If
we're missing a Linux vendor's advisory, please tell us - ditto for
any Linux-related security alerts. The long strings of hex in front
of package names are MD5 signatures."
Some of the products that appear on this site are from companies from which QuinStreet receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. QuinStreet does not include all companies or all types of products available in the marketplace.