Re: nfs security problem, debian missing
Hi, > 'got a mail about this mountd bug today. you see the list of vendors - > but as you can see: debian is missing. why? how can we get on this > list next time? > > - Forwarded message from [EMAIL PROTECTED] - > Appendix A - Vendor Information > > Below is a list of the vendors who have provided information for this > advisory. We will update this appendix as we receive additional > information. If you do not see your vendor's name, the CERT/CC did not > hear from that vendor. Please contact the vendor directly. I am not quite sure, but it seems that this mountd bug had been fixed in the latest netstd release (http://www.de.debian.org/Lists-Archives/debian-security-announce-9809/msg0 .html) Obviously there is some need to improve the efficiency of information spreading about security issues. The debian security web page is also outdated. Cheers, Thomas
nfs security problem, debian missing
'got a mail about this mountd bug today. you see the list of vendors - but as you can see: debian is missing. why? how can we get on this list next time? - Forwarded message from [EMAIL PROTECTED] - Appendix A - Vendor Information Below is a list of the vendors who have provided information for this advisory. We will update this appendix as we receive additional information. If you do not see your vendor's name, the CERT/CC did not hear from that vendor. Please contact the vendor directly. Caldera Compaq Computer Corporation Data General Corporation FreeBSD, Inc. Fujitsu Limited Fujitsu's UXP/V operating system is not vulnerable. Hewlett-Packard Company NCR The NetBSD Project The OpenBSD Project Red Hat Software, Inc. The Santa Cruz Operation, Inc. Sun Microsystems, Inc. [lots of information deleted...] -- see header pgp0uIsWZiPiK.pgp Description: PGP signature