Hi
From what I can see, ISS is just trying to sell there wares.
I think they acted irresponcibly, by informing all the the
hackers who didn't know about the exploit.
I suppose ISS was thinking about there intrests before
the interests of the people with apache software. I will
avoid ISS {Internet Security Systems} in the future for
their childish behavior.
Because ISS jumped the gun, everyone who supplies Apache
has to scramble to see if there, software is affected and
then fix there software and provide an update or patch. The
reason different vendors may need to provide there own patch
is because they often use some of their own patches on the
software they supply to make it integrate into their package
system or to secure the software until it is included in the
official release.
The problem was found on Windows platforms, but if it
affects Redhat we will have to trust that they are checking
their "port" of apache on each platform the support to see
if the problem exists. If Redhat finds a vulnerability I
trust they will provide a notice and upgrade.
It would be nice to know what platforms are known to have
the problem. Since the alert is already out, releasing the
known platforms can not cause any more grief.
Guy
Steveo wrote:
> http://news.com.com/2100-1001-936924.html?tag=fd_top
>
> Does anyone know anything about this apache advisory?
>
> Steveo
> [EMAIL PROTECTED]
> www.linuxhaiku.com
>
>
>
> _______________________________________________
> Seawolf-list mailing list
> [EMAIL PROTECTED]
> https://listman.redhat.com/mailman/listinfo/seawolf-list
>
>
_______________________________________________
Seawolf-list mailing list
[EMAIL PROTECTED]
https://listman.redhat.com/mailman/listinfo/seawolf-list
