found 490777 5.0.32-7 thanks also sprach Steve Langasek <[EMAIL PROTECTED]> [2008.07.14.1535 +0200]: > > Even if there is no exploitable security hole at the moment, > > it's a hole nevertheless. I don't trust mysqld at all, so if > > I hadn't inspected this system closely before taking it live, > > I would have been hit by something unexpected. > > "I don't trust mysqld" is not a proven security hole. <shrug>
It's not an exploitable one. But it's a hole if contrary to the configuration I suddenly have a daemon publicly accessible. > which is not an ancestor of the lenny package; you might want to fix that up > with a 'found' command referencing an appropriate lenny version which also > shows this bug. Done. > > No idea. I thought since I found it on etch, I'd tag it etch. Does > > 'etch' suggest 'etch-only' ?? > > Yes. You should not use suite tags in the general case. Okay, thanks. I'll refrain from their use in the future. Sorry for the lapse. -- .''`. martin f. krafft <[EMAIL PROTECTED]> : :' : proud Debian developer, author, administrator, and user `. `'` http://people.debian.org/~madduck - http://debiansystem.info `- Debian - when you have better things to do than fixing systems "i love deadlines. i like the whooshing sound they make as they fly by." -- douglas adams
digital_signature_gpg.asc
Description: Digital signature (see http://martin-krafft.net/gpg/)
