From: Alexei_Roudnev (Alexei_Roudnev_at_exigengroup.com)
Date: Mon Apr 09 2007 - 21:38:09 CEST
Message-ID: <15cb01c77ade$9a4833e0$6f31a8c0@sjc.exigengroup.com> From: "Alexei_Roudnev" <Alexei_Roudnev@exigengroup.com> Date: Mon, 9 Apr 2007 12:38:09 -0700 Subject: Re: [suse-sles-e] Security note: Multiple vulnerabilities in Suse ksh(93)
These all are very low impact problems, because no one allows ksh access to
the users without FreSBD jail or Solaris partitioning or SuSe XEN.
-- Original Message -----
From: "Felix Schulte" <felix.schulte@gmail.com>
To: <suse-sles-e@suse.com>
Sent: Monday, April 02, 2007 7:22 AM
Subject: [suse-sles-e] Security note: Multiple vulnerabilities in Suse
ksh(93)
> AT&T released
[https://mailman.research.att.com/pipermail/ast-users/2007q1/001715.html]
> new binaries and sources of ksh(93) which include two major fixes for
> security vulnerabilities:
> 07-03-06 Several serious bugs with the restricted shell were reported
> and fixed.
> ...
> 06-10-13 The klockwork.com software detected a few coding errors that
> have been fixed.
>
> Is anyone doing patches for Suse 10.2? It looks Suse still ships a
> vulnerable version.
> --
> _ Felix Schulte
> _|_|_ mailto:felix.schulte@gmail.com
> (0 0)
> ooO--(_)--Ooo
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: suse-sles-e-unsubscribe@suse.com
> For additional commands, e-mail: suse-sles-e-help@suse.com
>
>
---------------------------------------------------------------------
To unsubscribe, e-mail: suse-sles-e-unsubscribe@suse.com
For additional commands, e-mail: suse-sles-e-help@suse.com
This archive was generated by hypermail 2.1.7 : Mon Apr 09 2007 - 23:44:31 CEST