Security Incidents mailing list archives

Re: Compromised...

From: rich () PARANOID ORG (Rich Burroughs)
Date: Wed, 9 Feb 2000 15:33:57 -0800


On Tue, 8 Feb 2000, Joshua Krage wrote:

but it
hampers the easy "stay up-to-date" by upgrading to the latest releases
whenever they come out.  Its hard to tell your community 'make sure you
upgrade to BIND 8.2.2-P5', or even 'upgrade to the latest vendor release',
because now either statement will cause confusion when users compare
notes.


I'm not sure that I see the problem here. The security updates were in
8.2.2-P3. If people are using RedHat, that is the latest package
available. RedHat has never made a practice of rolling a new package every
time there is a bug in a piece of software or a newer version released,
and I don't think it's reasonable to expect them to. If there were a
known security update they would have released a new RPM.

RedHat users should be directed to check the errata and security
announcements at RedHat's site.

Rich

Current thread:

Re: Compromised..., (continued)
- - - Re: Compromised... Japheth (Feb 07)
    - Re: Compromised... Simon Britnell (Feb 08)
    - Re: Compromised... technot (Feb 09)
    - Re: Compromised... Sebastian (Feb 09)
    - Prank phone calls related to recent break-ins? Nate Carlson (Feb 09)
    - Question about event log events JF Prieur (Feb 08)
    - Re: Compromised... Jose Nazario (Feb 07)
    - Re: Compromised... Jim Kinney (Feb 07)
    - Re: Compromised... Jon Lewis (Feb 07)
    - Re: Compromised... Joshua Krage (Feb 08)
    - Re: Compromised... Rich Burroughs (Feb 09)
    - Re: Compromised... Lane Davis (Feb 07)
    - Re: Compromised... Marianovich Felix (Feb 08)
    - Re: Compromised... Sebastian (Feb 08)
    - 195.0.0.0/8 Scan Source amused () POBOX COM (Feb 10)
    - hacked Anton (Feb 14)
    - Re: Compromised... Stephen J. Friedl (Feb 14)
    - Re: Compromised... Derek Vadala (Feb 14)
    - Re: Compromised... Alexandru Popa (Feb 14)