[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [suse-security] SuSE Security Announcement: postgresql (SuSE-SA:2002:038)



On Die, 22 Okt 2002, Joerg Henner wrote:

>>______________________________________________________________________________
>>
>>2)  Pending vulnerabilities in SuSE Distributions and Workarounds:
>>
>>    - mod_php4
>>      There was a mistake in Advisory SuSE-SA:2002:036 in section
>>      "Affected products". SuSE 7.0 and 7.1 are _not_ vulnerable.
>>
>>    - kon2
>>      There is a vulnerability in kon2, a Japanese input manager for the
>>      VGA console, that can be exploited by local users to obtain root
>>      privilege. We recommend to un-install kon2.
>>
>>__________________________________________________________________________
>
>Hi,
>
>are those the "one and only" PENDINGS @SuSE ???
>
>What about:
>
>=> ZIP
>   - CAN-2002-0370,
>     CERT/CC-Bug-ID: VU#383779,
>     Lotus-Bug-ID: SPR# KSPR5CJV2G,
>     Verity-Bug-ID: 76316
>
>=> Apache
>   - CAN-2002-0839 
>
>
>And what are with those "pendings" listet in previous Announcements:
>
>MSG-ID: 20021014181528.A10008@xxxxxxx
>
>Why not listing "pending vulnerabilities" at www.suse.de ???

As i looked around, i found some strange things at:

http://www.suse.de/de/security/

Alot of SA (SuSE-Announcements) are published. BUT, many of the listed
"pendings" still *NOT* published after more then 2-3 weeks or particular
also more then one month !!!!

For Example:

        Announcement-ID:        SuSE-SA:2002:034
        Date:                   Mon Sep 30 17:00:00 CEST 2002

...lists a lot of "pendings", which are not listet anymore (nor in newer
Announcements, nor at "http://www.suse.de/de/security/";)


Any comments around ? I'm still waiting for a "SuSE Statement"....



Greetings,
-- 
Jörg Henner                              Fon:  +49 (7 11) 48 90 83 - 0
ETES - EDV-Systemhaus GbR                Fax:  +49 (7 11) 48 90 83 - 50
Libanonstrasse 58 A * D-70184 Stuttgart  Web: http://www.etes.de


______________________________________
Inflex - eMail Scanning and Protection
Queries to: postmaster@xxxxxxx

-- 
Check the headers for your unsubscription address
For additional commands, e-mail: suse-security-help@xxxxxxxx
Security-related bug reports go to security@xxxxxxx, not here