Re: nfs security problem, debian missing
Hi,
> 'got a mail about this mountd bug today. you see the list of vendors -
> but as you can see: debian is missing. why? how can we get on this
> list next time?
>
> ----- Forwarded message from win-sec-ssc@cert.dfn.de -----
> Appendix A - Vendor Information
>
> Below is a list of the vendors who have provided information for this
> advisory. We will update this appendix as we receive additional
> information. If you do not see your vendor's name, the CERT/CC did not
> hear from that vendor. Please contact the vendor directly.
I am not quite sure, but it seems that this mountd bug had been fixed
in the latest netstd release
(http://www.de.debian.org/Lists-Archives/debian-security-announce-9809/msg00000
.html)
Obviously there is some need to improve the efficiency of information
spreading about security issues. The debian security web page is also
outdated.
Cheers, Thomas
Reply to: