Hi, > 'got a mail about this mountd bug today. you see the list of vendors - > but as you can see: debian is missing. why? how can we get on this > list next time? > > ----- Forwarded message from [EMAIL PROTECTED] ----- > Appendix A - Vendor Information > > Below is a list of the vendors who have provided information for this > advisory. We will update this appendix as we receive additional > information. If you do not see your vendor's name, the CERT/CC did not > hear from that vendor. Please contact the vendor directly.
I am not quite sure, but it seems that this mountd bug had been fixed in the latest netstd release (http://www.de.debian.org/Lists-Archives/debian-security-announce-9809/msg00000 .html) Obviously there is some need to improve the efficiency of information spreading about security issues. The debian security web page is also outdated. Cheers, Thomas
