Security Portal: Weekly Linux Security Roundup – 2000/04/03 to 2000/04/09

There were some newsworthy problems this week. gpm has a
hole in one of it’s setuid wrapper programs, allowing users to gain
root access; you’ll definitely want to make sure you’re not
Red Hat 6.2 was released, with some pretty
significant improvements security-wise, such as: far less patching
is required than 6.1 to secure, bind no longer runs as root by
default, and ipchains is a bit easier to manage (see “Tip of the
Week” for more).”

“We lead off with general advisories, then vendor advisories
(distributions, then any major software ones), then mailing list
related traffic, any interesting tidbits and then the Tip of the
Week. Most things are in alphabetical order. If we’re missing a
Linux vendor’s advisory please tell us, ditto for any Linux related
security alerts. The long strings of hex in front of package names
are MD5 signatures.”