“It was another busy week for Linux. Those format strings
are coming out of the woodwork. The big news this week is that
the Linux Security List is up and running. In addition to weekly
summaries, you can now get “real-time” Linux security updates from
SecurityPortal. Go to
http://www.securityportal.com/list/linux-security/ for more
information. Red Hat 7.0 is out – I will be taking bets for the
date, time and nature of its first security announcement (joke, I’m
terrible at math). I am dropping Corel from the list; they have
issued about one security update in total, and in general do not
seem to care much about security (yes, they have security problems
– like everyone else, they use glibc, and so on). Added are
YellowDog and LinuxPPC (both PPC-oriented distributions).”
“We lead off with general advisories and exploit code, then move
to vendor advisories. Most items appear in alphabetical order. If
we’re missing a Linux vendor’s advisory, please tell us – ditto for
any Linux-related security alerts. The long strings of hex in front
of package names are MD5 signatures.”