-
February 7th, 2005, 10:52 PM
#1
SuSE releases critical patches
Novell's SuSE has released a number of "highly critical" patches, according to a report released Monday.
The patches are designed to address vulnerabilities that can be exploited for cross-site scripting attacks, remote system access, exposure of sensitive information, spoofing and denial-of-service attacks, according to the report from security information provider Secunia.
The vulnerabilities were found in SuSE' eMail Server 3.x, Linux Database Server, Linux Enterprise Server 9 and Linux Office Server.
One issue that particularly concerns Secunia is SuSE's method of sending out weekly scheduled patches.
"SuSE started a new policy of bundling their updates, so that creates some confusion over what is highly critical and needs to be addressed first," said Thomas Kristensen, Secunia's chief technology officer. "Microsoft has scheduled updates too, but there is one patch for one product. SuSE bundles in multiple patches for multiple products."
SuSE could not be immediately reached for comment.
Last month, SuSE, along with several other Linux companies, issued patches for several vulnerabilities. In the case of SuSE, the software seller issued updates to resolve a vulnerability that could allow malicious code to create a local denial-of-service attack using a specially created Acrobat document.
Source : http://news.zdnet.com/2100-1009_22-5565997.html
Secunia Advisories : http://secunia.com/advisories/14149/
Novell Security Announcement : http://www.novell.com/linux/security...005_03_sr.html
-
February 7th, 2005, 11:01 PM
#2
SUSE couldn't be reached my ass. I talk to both the SUSE team and the Novell guys and I've never once had a problem with a reply.
Anyone who has ever read the SUSE lists for security knows the reason they put patches into one email is so they don't SPAM. It's not hard, the top of the mail has a message showing what happened, what is patched, and even where in the mail any particular patch is going to be.
-
February 7th, 2005, 11:03 PM
#3
Gore, it just means they didn't have an official immediate response. It doesn't mean they didn't get them. The PR team didn't have anything ready. So relax.
-
February 7th, 2005, 11:09 PM
#4
Oh, OK. I mis-read. Which isn't shocking, been a rough two weeks on me, like, VERY. I'm in need of a break and a few choice things. It is going to be over tommorrow though, back to a Dr so I can get what I need badly. I've been on edge all week. And learning a new OS...... My graphics class I had to take so I would have enough credits for full time is an all Mac lab.
I've never used a Mac so I sat down at the one with the 30 inch flat screen Mac LCD Monitor and the dual 1 GHz G4 or something processors and the 1 GB of RAM.
Somehow, I made this thing lag while doing a simple painting style thing. the OS seems to take a lot of RAM up. Damn was I happy to find the bash shell.... Which for some reason, I could read everything the admin had put in his home directory. Kind of... Heh.
I think I should just try and get a Mac Mini. I don't care if the thing is slow I just need to use it and figure it out.
I should buy one, the Mac Mini addresses the problem that all Macs have, they cost to much.
-
February 7th, 2005, 11:33 PM
#5
The patches are designed to address vulnerabilities that can be exploited for cross-site scripting attacks, remote system access, exposure of sensitive information, spoofing and denial-of-service attacks, according to the report from security information provider Secunia.
I dunno.... That looks like a list that Windows puts out... Monthly now because everyone was bitching about the frequency......
I shall go no further with this thought process other than to say I typed the first two sentences a whole two minutes ago, fell off my barstool laughing, got up and tried to take a swill of beer, laughed while drinking, dropped my beer while choking, was given the Heimlich Manoevre by a particularly attractive young bar "wench", got back up, composed myself ordered a new beer, wiped the old beer from the keyboard and screen, re-composed myself and began typing again...... All in all it was a disaster.... But I am still laffing about it.....
When will the OS providers _ever_ get it _right_ for all the users out there?
Don\'t SYN us.... We\'ll SYN you.....
\"A nation that draws too broad a difference between its scholars and its warriors will have its thinking done by cowards, and its fighting done by fools.\" - Thucydides
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|