Hello, > > Wed Aug 21 13:10:46 1996 Guy Maor <[EMAIL PROTECTED]> > > (Debian 1.1.6) > > o Added mount 2.5l-1 > > Fixes major security hole. > > It seems to me that Bernd Eckenfels did not known about the mount security > hole.
Sure I did, thats why I told the user to upgrade. I had never a suid mount on my system. (oh.. I know, not important, but I have to watch my reputation here :) Anyway: > As I know, the unique place where you can know that there are some > packages that MUST be updated due to security holes are linux-security, > perhaps linux-alert (but I do not sign it), and debian-users. We tried to get an annoucement about security bugs together for debian-announce (for the lpr bug, for example), but the problem with this is, that the persons who have time to write an alert usually dont know what neeeds to be put into the alert, and the ppl who know about the whole dont have the time to write something. Anyway.. you will see all security FAQ updates concerning debian crossmailed to debian-announce. Mailing the Log with security upgrades to the stable tree will be a good idea, too. We should to that for rex. > about security-hole updated packages in debian-announce. Yes, we talked about this already. Greetings Bernd -- (OO) -- [EMAIL PROTECTED] -- ( .. ) [EMAIL PROTECTED],linux.de,debian.org} http://home.pages.de/~eckes/ o--o *plush* 2048/93600EFD [EMAIL PROTECTED] +4972573817 BE5-RIPE (O____O) If privacy is outlawed only Outlaws have privacy -- TO UNSUBSCRIBE FROM THIS MAILING LIST: e-mail the word "unsubscribe" to [EMAIL PROTECTED] . Trouble? e-mail to [EMAIL PROTECTED]
