Re: [suse-sles-e] Security note: Multiple vulnerabilities in Suse ksh(93)

From: Marcus Meissner (meissner_at_suse.de)
Date: Tue Apr 10 2007 - 23:13:13 CEST

• Next message: J.H.M. Dassen (Ray): "Re: [suse-sles-e] sles10 yast nccc with w3m"
• Previous message: Marcus Meissner: "Re: [suse-sles-e] How long does Suse need to respond to security vulnerabilities? (was: Fwd: Security note: Multiple vulnerabilities in Suse ksh(93))"
• In reply to: Felix Schulte: "[suse-sles-e] Security note: Multiple vulnerabilities in Suse ksh(93)"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: Tue, 10 Apr 2007 23:13:13 +0200
From: Marcus Meissner <meissner@suse.de>
Message-ID: <20070410211313.GE32643@suse.de>
Subject: Re: [suse-sles-e] Security note: Multiple vulnerabilities in Suse ksh(93)

On Mon, Apr 02, 2007 at 04:22:25PM +0200, Felix Schulte wrote:
> AT&T released
> [https://mailman.research.att.com/pipermail/ast-users/2007q1/001715.html]
> new binaries and sources of ksh(93) which include two major fixes for
> security vulnerabilities:
> 07-03-06 Several serious bugs with the restricted shell were reported
> and fixed.
> ...
> 06-10-13 The klockwork.com software detected a few coding errors that
> have been fixed.
>
> Is anyone doing patches for Suse 10.2? It looks Suse still ships a
> vulnerable version.

I have opened a bugreport for this now, 263053.

We release security fix and critical bugfix updates for openSUSE 10.2.

Ciao, Marcus

---------------------------------------------------------------------
To unsubscribe, e-mail: suse-sles-e-unsubscribe@suse.com
For additional commands, e-mail: suse-sles-e-help@suse.com

• Next message: J.H.M. Dassen (Ray): "Re: [suse-sles-e] sles10 yast nccc with w3m"
• Previous message: Marcus Meissner: "Re: [suse-sles-e] How long does Suse need to respond to security vulnerabilities? (was: Fwd: Security note: Multiple vulnerabilities in Suse ksh(93))"
• In reply to: Felix Schulte: "[suse-sles-e] Security note: Multiple vulnerabilities in Suse ksh(93)"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.7 : Wed Apr 11 2007 - 01:16:54 CEST