“A new Linux 2.2 kernel is out that fixes several problems,
among them a driver that might let a user to write to kernel memory
(eeek!). IPTables in 2.4.x has been found to have a problem in the
code for FTP connection tracking, which might allow an attacker to
get around your firewall, a patch has been posted. Time for a
kernel upgrade (isn’t that always fun). For pity’s sake please be
careful when upgrading your kernel and follow the vendor
instructions!”
“Samba’s printing has a tmp vulnerability that has been fixed. A
new version of Samba, 2.2.0, has also been released, with many
improvements. VMWare also uses /tmp unsafely, do not run VMWare as
root if possible, and make sure you set your TCP and TMPDIR
variables to something safe. There is a bug in Netscape with
regards to JavaScript, attackers can potentially get code to run on
your machine and access some (limited) data. Hylafax also has a
problem, SuSE has issued an update, other vendors should follow. As
well two major new releases, Red Hat 7.1 and Mandrake 8.0, both of
which have made major efforts in the security arena to improve
themselves, hopefully we will see more of this. Mandrake has also
dropped support for 6.0, 6.1 and 7.0 with the release of 8.0,
however they still support 7.1, 7.2, 8.0 (of course) and corporate
server.”