I know, I saw this when browsing Linux Today. Heck of a way to have it
put to you. FWIW, I think Mandrake does offer the opportunities to secure
the box, w/ msec, the crypto installs, and the (hopefully) merger of msec
& Bastille. But w/ all the hoorah about new features, apparently some
packages are slipping thru the cracks as far as updates are
concerned. Correct me if I'm wrong here. The example that comes to my
mind, non-security related though, is kmail. Couple of patches old, even
with warnings on the kmail site to upgrade immediately. Well, nothings
perfect. I guess the positive side to it is that you _can_ fix it
yourself, if you want.
Monte
On Mon, 26 Jun 2000, Sergio P.Korlowsky wrote:
> Taken from:
> SecurityPortal.com -- June 26, 2000
>
> Weekly Linux Security Roundup
>
> - Vendors have finally caught up on the INN and Kernel issues. A lot
> moreexploit code has been released for a number of packages, so if you are not
> up to date you might want to spend the weekend installing AutoRPM or setting up
> a dpkg script. Mandrake also wins (hands down) the "easiest distribution to
> break into remotely" and "easiest distribution to break into locally", having
> finally released 8 fixes for very severe security bugs in 7.1 (their latest,
> not so greatest distribution).
>
> <http://securityportal.com/topnews/weekly/linux20000626.html>
>
>
> Its too sad to find out that Mandrake is also the easiest to break in...
> and NOT knowing from Mandrake... a single word!
>
> Sergio Korlowsky
>
--
__________________________________________________
Do You Yahoo!?
Talk to your friends online with Yahoo! Messenger.
http://im.yahoo.com
