The debian-private mailing list leak, part 1. Volunteers have complained about Blackmail. Lynchings. Character assassination. Defamation. Cyberbullying. Volunteers who gave many years of their lives are picked out at random for cruel social experiments. The former DPL's girlfriend Molly de Blanc is given volunteers to experiment on for her crazy talks. These volunteers never consented to be used like lab rats. We don't either. debian-private can no longer be a safe space for the cabal. Let these monsters have nowhere to hide. Volunteers are not disposable. We stand with the victims.
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Work Done By Red Hat

The C library fixes the following items that have come up recently,
some Linux specific some more generic. Notably:

o	The bugs in assuming the resolver returned 4 byte long IP addresses
o	export YPDOMAIN=somedomain;su
o	Attacks on programs using NLS via your own message catalogs
o	The buffer overrun problems in libresolv+
o	Some other tiny (and probably not exploitable) libc items.

Can I urge the other vendors to check the diffs made to this C library.
Even if you are running libc5.4.x you don't (to my knowledge) have all
the fixes you need.

I'm also discussing things with Dan Farmer as regards Satan v2 and Linux
tests. It will hopefully be checking things like old NetKit's and the like
as a result you may see more support traffic when it is released I guess.

I'll try and work things so that there is advanced warning and see I can
persuade Dan to let vendors get final beta's so that Satan just does its
intended task of waking up people who should have upgraded things.

Alan

> rpm -Uvh ftp://ftp.redhat.com/updates/4.0/i386/libc-5.3.12-17.i386.rpm
[and source rpm of course]


--
Please respect the confidentiality of material on the debian-private list.
TO UNSUBSCRIBE FROM THIS MAILING LIST: e-mail the word "unsubscribe" to
debian-private-REQUEST@lists.debian.org . Trouble? e-mail to Bruce@Pixar.com