americanintel
Verified User
While I have removed the kernel from the skip list in up2date there are still other issues that may or may not apply to DA as I understand that DA doesn't use some of the default packages from RH 9.0 (Apache..etc). Would you mind discussing this a bit and covering security fixes, when and how we are notified..etc? I receive the updates when DA is updated but is there a 'security list' available?
Skipped packages from my latest up2date today:
httpd-manual 2.0.40 21.9 Pkg name/pattern
[RHSA-2003:320-09] Updated httpd packages that fix two minor security issues in the Apache Web server are now available for Red Hat Linux 8.0 and 9.
lftp 2.6.3 4 Pkg name/pattern
[RHSA-2003:403-07] Updated lftp packages are now available that fix a buffer overflow security vulnerability.
php-imap 4.2.2 17.2 Pkg name/pattern
[RHSA-2003:204-11] Updated PHP packages for Red Hat Linux 8.0 and 9 are available that fix a number of bugs, as well as a minor security problem in the transparent session ID functionality.
php-ldap 4.2.2 17.2 Pkg name/pattern
[RHSA-2003:204-11] Updated PHP packages for Red Hat Linux 8.0 and 9 are available that fix a number of bugs, as well as a minor security problem in the transparent session ID functionality.
php-mysql 4.2.2 17.2 Pkg name/pattern
[RHSA-2003:204-11] Updated PHP packages for Red Hat Linux 8.0 and 9 are available that fix a number of bugs, as well as a minor security problem in the transparent session ID functionality.
sendmail-cf 8.12.8 9.90 Pkg name/pattern
[RHSA-2003:283-09] Updated Sendmail packages that fix a potentially-exploitable vulnerability are now available.
I realize these are being called out as my install probably had these versions installed (yep, DA will install nicely anyway.. installing it's own versions/packages).
Thanks,
Skipped packages from my latest up2date today:
httpd-manual 2.0.40 21.9 Pkg name/pattern
[RHSA-2003:320-09] Updated httpd packages that fix two minor security issues in the Apache Web server are now available for Red Hat Linux 8.0 and 9.
lftp 2.6.3 4 Pkg name/pattern
[RHSA-2003:403-07] Updated lftp packages are now available that fix a buffer overflow security vulnerability.
php-imap 4.2.2 17.2 Pkg name/pattern
[RHSA-2003:204-11] Updated PHP packages for Red Hat Linux 8.0 and 9 are available that fix a number of bugs, as well as a minor security problem in the transparent session ID functionality.
php-ldap 4.2.2 17.2 Pkg name/pattern
[RHSA-2003:204-11] Updated PHP packages for Red Hat Linux 8.0 and 9 are available that fix a number of bugs, as well as a minor security problem in the transparent session ID functionality.
php-mysql 4.2.2 17.2 Pkg name/pattern
[RHSA-2003:204-11] Updated PHP packages for Red Hat Linux 8.0 and 9 are available that fix a number of bugs, as well as a minor security problem in the transparent session ID functionality.
sendmail-cf 8.12.8 9.90 Pkg name/pattern
[RHSA-2003:283-09] Updated Sendmail packages that fix a potentially-exploitable vulnerability are now available.
I realize these are being called out as my install probably had these versions installed (yep, DA will install nicely anyway.. installing it's own versions/packages).
Thanks,