> > As far as I know, now feel free to correct me if I'm wrong, but all the
>> distrobutions like 'Red Hat' which people on this list seem fond of have
the zlib exploit
>> present do they not?
>> Er, no. The zlib thing was fixed around the same time as CERT released
The CERT advisory from yesterday (CA-2002-07)?? RedHat's fix has been
available since the 22nd of March (RHSA-2002:026-43), SuSE's was out on the
11 March (SuSE-SA:2002:010)
Typically CERT will not release an advisory until there is a patch available
for all affected platforms, which implies that if you want a secure
environment you should choose a distro with some full time security staff
who deal with issues like this and who will keep you notified with timely
patches. Only on a bug with a high severity rating will any disto hold back
on a secuirty announcement while their competitors arrange a patch, CERT
always holds back - wider distribution audience.
Maintained by the ILUG website team. The aim of Linux.ie is to
support and help commercial and private users of Linux in Ireland. You can
display ILUG news in your own webpages, read backend
information to find out how. Networking services kindly provided by HEAnet, server kindly donated by
Dell. Linux is a trademark of Linus Torvalds,
used with permission. No penguins were harmed in the production or maintenance
of this highly praised website. Looking for the
Indian Linux Users' Group? Try here. If you've read all this and aren't a lawyer: you should be!