[prev in list] [next in list] [prev in thread] [next in thread]
List: stackguard
Subject: Re: [Fwd: [RHSA-2002:196-19] Updated xinetd packages fix denial of service vulnerability]
From: Seth Arnold <sarnold () wirex ! com>
Date: 2002-12-09 18:18:13
[Download RAW message or body]
On Mon, Dec 09, 2002 at 10:56:30AM +0100, Mads Peter Bach wrote:
> I've just been looking through some RedHat advisories, and found this one,
> where there doesn't seem to have been released a new Immunix xinetd. Since
> the Immunix xinetd appears to have been patched, I'd like to know if an
> updated version in planned?
Luckily, this vulnerability was introduced after xinetd 2.3.3; our
version in 7+-beta/ is currently patched for all known vulnerabilities
against it. (Deciding to stick with this version of xinetd was reached
in consultation with Solar Designer; he performed significant audits
against xinetd and felt recent versions introduced enough problems
without enough benefit that he suggested we just stay at 2.3.3 for the
time being, until there is a clearly good reason to upgrade further.)
Thanks Mads :)
> Advisory ID: RHSA-2002:196-19
--
"I'm not sure which upsets me more: that people are so unwilling
to accept responsibility for their own actions, or that they are
so eager to regulate everyone else's." -- Kee Hinckley
[Attachment #3 (application/pgp-signature)]
_______________________________________________
Immunix-users mailing list
Immunix-users@mail.wirex.com
http://mail.wirex.com/mailman/listinfo/immunix-users
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic