---

Security Portal: Weekly Linux Security Digest 2000/07/31 to 2000/08/06

A busy week – LIDS, Netscape, Mailman, NFS, kon2, gpm and
several other programs were found to contain security problems,
some of them very nasty.
A few weeks ago I slagged Mandrake
Software. Well, I’m not going to apologize, but I will say this:
Mandrake has significantly improved its security advisories. They
are now issued regularly, contain solid information in regard to
the problem and how to fix. My remaining complaint would be that
they have no vendor site for updates, but rely on third-party
mirrors. This is somewhat mitigated by the update tool, but I still
feel that vendors should not rely on the good will of third parties
to distribute fixes. Reliability aside, there are trust issues to
be considered.”

“We lead off with general advisories and exploit code, then move
to vendor ad. Most items appear in alphabetical order. If we’re
missing a Linux vendor’s advisory, please tell us – ditto for any
Linux-related security alerts. The long strings of hex in front of
package names are MD5 signatures.”

Complete
Story

Get the Free Newsletter!

Subscribe to Developer Insider for top news, trends, & analysis