[2199] in linux-security and linux-alert archive
[linux-security] Re: [RHSA-1999:029-01] Denial of service attack in in.telnetd
daemon@ATHENA.MIT.EDU (Rogier Wolff)
Fri Aug 20 18:44:22 1999
In-Reply-To: <37BD9E3B.A156C16C@nis.acs.uci.edu> from Dan Stromberg at "Aug 20, 99 11:28:11 am"
To: strombrg@nis.acs.uci.edu (Dan Stromberg)
Date: Sat, 21 Aug 1999 00:31:18 +0200 (MEST)
Cc: notting@redhat.com, linux-security@redhat.com
From: R.E.Wolff@BitWizard.nl (Rogier Wolff)
Resent-From: linux-security@redhat.com
Resent-Reply-To: linux-security@redhat.com
Dan Stromberg wrote:
>
> Is redhat 5.1 immune to the attack? Or is it no longer supported for
> patches? It seems strange that both 4.2 and 5.2 are vulnerable, but
You're allowed to lag one major behind. So while red Hat is releasing
6.0, 6.1, 6.2 etc, you're allowed to stay on 5.2. If you're on 5.1 or
5.0 you should always upgrade to 5.2. No way around it. That's what
they told me about a year ago.
The 5.x -> 5.2 upgrade is supposed to be relatively painless. If you
REALLY know what you're doing, you could only upgrade the essential
parts. (i.e. the packages that had security issues).
Roger.
--
** R.E.Wolff@BitWizard.nl ** http://www.BitWizard.nl/ ** +31-15-2137555 **
*-- BitWizard writes Linux device drivers for any device you may have! --*
------ Microsoft SELLS you Windows, Linux GIVES you the whole house ------
--
----------------------------------------------------------------------
Please refer to the information about this list as well as general
information about Linux security at http://www.aoy.com/Linux/Security.
----------------------------------------------------------------------
To unsubscribe:
mail -s unsubscribe linux-security-request@redhat.com < /dev/null
