SuSE releases critical patches
Results 1 to 5 of 5

Thread: SuSE releases critical patches

  1. #1
    AO French Antique News Whore
    Join Date
    Aug 2001
    Posts
    2,126

    SuSE releases critical patches

    Novell's SuSE has released a number of "highly critical" patches, according to a report released Monday.

    The patches are designed to address vulnerabilities that can be exploited for cross-site scripting attacks, remote system access, exposure of sensitive information, spoofing and denial-of-service attacks, according to the report from security information provider Secunia.

    The vulnerabilities were found in SuSE' eMail Server 3.x, Linux Database Server, Linux Enterprise Server 9 and Linux Office Server.

    One issue that particularly concerns Secunia is SuSE's method of sending out weekly scheduled patches.

    "SuSE started a new policy of bundling their updates, so that creates some confusion over what is highly critical and needs to be addressed first," said Thomas Kristensen, Secunia's chief technology officer. "Microsoft has scheduled updates too, but there is one patch for one product. SuSE bundles in multiple patches for multiple products."

    SuSE could not be immediately reached for comment.

    Last month, SuSE, along with several other Linux companies, issued patches for several vulnerabilities. In the case of SuSE, the software seller issued updates to resolve a vulnerability that could allow malicious code to create a local denial-of-service attack using a specially created Acrobat document.
    Source : http://news.zdnet.com/2100-1009_22-5565997.html
    Secunia Advisories : http://secunia.com/advisories/14149/
    Novell Security Announcement : http://www.novell.com/linux/security...005_03_sr.html
    -Simon \"SDK\"

  2. #2
    Senior Member gore's Avatar
    Join Date
    Oct 2002
    Location
    Michigan
    Posts
    7,177
    SUSE couldn't be reached my ass. I talk to both the SUSE team and the Novell guys and I've never once had a problem with a reply.


    Anyone who has ever read the SUSE lists for security knows the reason they put patches into one email is so they don't SPAM. It's not hard, the top of the mail has a message showing what happened, what is patched, and even where in the mail any particular patch is going to be.

  3. #3
    Just a Virtualized Geek MrLinus's Avatar
    Join Date
    Sep 2001
    Location
    Redondo Beach, CA
    Posts
    7,324
    Gore, it just means they didn't have an official immediate response. It doesn't mean they didn't get them. The PR team didn't have anything ready. So relax.
    Goodbye, Mittens (1992-2008). My pillow will be cold without your purring beside my head
    Extra! Extra! Get your FREE copy of Insight Newsletter||MsMittens' HomePage

  4. #4
    Senior Member gore's Avatar
    Join Date
    Oct 2002
    Location
    Michigan
    Posts
    7,177
    Oh, OK. I mis-read. Which isn't shocking, been a rough two weeks on me, like, VERY. I'm in need of a break and a few choice things. It is going to be over tommorrow though, back to a Dr so I can get what I need badly. I've been on edge all week. And learning a new OS...... My graphics class I had to take so I would have enough credits for full time is an all Mac lab.

    I've never used a Mac so I sat down at the one with the 30 inch flat screen Mac LCD Monitor and the dual 1 GHz G4 or something processors and the 1 GB of RAM.

    Somehow, I made this thing lag while doing a simple painting style thing. the OS seems to take a lot of RAM up. Damn was I happy to find the bash shell.... Which for some reason, I could read everything the admin had put in his home directory. Kind of... Heh.

    I think I should just try and get a Mac Mini. I don't care if the thing is slow I just need to use it and figure it out.

    I should buy one, the Mac Mini addresses the problem that all Macs have, they cost to much.

  5. #5
    AO Ancient: Team Leader
    Join Date
    Oct 2002
    Posts
    5,197
    The patches are designed to address vulnerabilities that can be exploited for cross-site scripting attacks, remote system access, exposure of sensitive information, spoofing and denial-of-service attacks, according to the report from security information provider Secunia.
    I dunno.... That looks like a list that Windows puts out... Monthly now because everyone was bitching about the frequency......

    I shall go no further with this thought process other than to say I typed the first two sentences a whole two minutes ago, fell off my barstool laughing, got up and tried to take a swill of beer, laughed while drinking, dropped my beer while choking, was given the Heimlich Manoevre by a particularly attractive young bar "wench", got back up, composed myself ordered a new beer, wiped the old beer from the keyboard and screen, re-composed myself and began typing again...... All in all it was a disaster.... But I am still laffing about it.....

    When will the OS providers _ever_ get it _right_ for all the users out there?
    Don\'t SYN us.... We\'ll SYN you.....
    \"A nation that draws too broad a difference between its scholars and its warriors will have its thinking done by cowards, and its fighting done by fools.\" - Thucydides

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •