Re: BF kernels (was: [DSA 479-2] New Linux 2.4.18 packages fix local root exploit (i386))
On Sat, Apr 17, 2004 at 10:00:23AM -0400, Michael Stone wrote:
> On Thu, Apr 15, 2004 at 08:19:24PM +1000, Joshua Goodall wrote:
> >In other words, people are ready to pounce, and that short gap of time
> >after server installation and before installing patched code cannot be
> >considered "safe". Quite the opposite.
>
> Note that if you're doing a network install you can point to
> security.d.o and never have any vulnerable network services installed on
> the machine.
Let's rather say "never have any network services with known
vulnerabilities installed although an upgrade already is available".
But, well, that is already a little off topic.
Horst
--
Wenn Dein einziges Werkzeug ein Hammer ist, sieht jedes Problem aus
wie ein Nagel
Reply to: