October 1st, 2005, 12:09 AM
Highly Critical Linux Secunia Advisory
SUSE has issued updates for multiple packages. These fix various vulnerabilities, which potentially can be exploited by malicious, local users to gain access to sensitive information or perform certain actions on a vulnerable system with escalated privileges, or by malicious people to conduct cross-site scripting attacks, cause a DoS (Denial of Service) or compromise a user's system.
Secunia - Advisories - SUSE Updates for Multiple Packages
October 1st, 2005, 01:14 AM
Hey thanks EG,
The patchin's were fairly quick and painless. I guess because I only had a few for 9.3 since I did it only about 12 days ago. SuSE 10.X is coming out real soon so bet I'll have to apply this and others as well. It was never too difficult to do anyway, however SuSE and some others definitely make it easier than it used to be.
Connection refused, try again later.
October 1st, 2005, 01:42 AM
That was a lot of text, they could have just said :
"SUSE fixes Firefox hole"...
Anyway, 10 is coming in about a week and right now 10.1 is in Alpha.
Oh, don't forget SUPER SUSE. Run RPMs without needing to install.
October 2nd, 2005, 12:44 PM
I think "Highly critical" is not really particularly accurate. Stop crying wolf.
Had you actually looked at any of the bugs, you'll see that they're mostly:
- In things that most people don't use
- Local privilege escalations
- Network denial of service (in some cases)
- Local denial of service
None if which are massively critical. The ssl one looks moderately inconvenient, as it's a network DoS, all the others require the user to use specific programs to be at all vulnerable.