“It’s Christmas Day; stop reading this and go play with your new
toys. I mean it. Anyway, this week it’s more of the same, which is
really starting to get on my nerves. Can’t programmers learn basic
security fundamentals like how to create tmp files? A huge number
of vulnerable programs, including two security ones, GnuPG and
stunnel, as well as Zope (they’ve had a couple kicks at the can –
probably not the last we’ll hear of them).”
“We lead off with general advisories and exploit code, then move
to vendor advisories. Most items appear in alphabetical order. If
we’re missing a Linux vendor’s advisory, please tell us – ditto for
any Linux-related security alerts. The long strings of hex in front
of package names are MD5 signatures.”