[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [suse-security] SuSE Security Announcement: postgresql (SuSE-SA:2002:038)
On Die, 22 Okt 2002, Joerg Henner wrote:
>>2) Pending vulnerabilities in SuSE Distributions and Workarounds:
>> - mod_php4
>> There was a mistake in Advisory SuSE-SA:2002:036 in section
>> "Affected products". SuSE 7.0 and 7.1 are _not_ vulnerable.
>> - kon2
>> There is a vulnerability in kon2, a Japanese input manager for the
>> VGA console, that can be exploited by local users to obtain root
>> privilege. We recommend to un-install kon2.
>are those the "one and only" PENDINGS @SuSE ???
> - CAN-2002-0370,
> CERT/CC-Bug-ID: VU#383779,
> Lotus-Bug-ID: SPR# KSPR5CJV2G,
> Verity-Bug-ID: 76316
> - CAN-2002-0839
>And what are with those "pendings" listet in previous Announcements:
>Why not listing "pending vulnerabilities" at www.suse.de ???
As i looked around, i found some strange things at:
Alot of SA (SuSE-Announcements) are published. BUT, many of the listed
"pendings" still *NOT* published after more then 2-3 weeks or particular
also more then one month !!!!
Date: Mon Sep 30 17:00:00 CEST 2002
...lists a lot of "pendings", which are not listet anymore (nor in newer
Announcements, nor at "http://www.suse.de/de/security/")
Any comments around ? I'm still waiting for a "SuSE Statement"....
Jörg Henner Fon: +49 (7 11) 48 90 83 - 0
ETES - EDV-Systemhaus GbR Fax: +49 (7 11) 48 90 83 - 50
Libanonstrasse 58 A * D-70184 Stuttgart Web: http://www.etes.de
Inflex - eMail Scanning and Protection
Queries to: postmaster@xxxxxxx
Check the headers for your unsubscription address
For additional commands, e-mail: suse-security-help@xxxxxxxx
Security-related bug reports go to security@xxxxxxx, not here