|
ru.linux
- RU.LINUX ---------------------------------------------------------------------
From : Sergey Lentsov 2:4615/71.10 19 Apr 2001 17:11:22
To : All
Subject : URL: http://lwn.net/2001/0419/security.php3
--------------------------------------------------------------------------------
[1][LWN Logo]
[2]Click Here
[LWN.net]
Sections:
[3]Main page
Security
[4]Kernel
[5]Distributions
[6]On the Desktop
[7]Development
[8]Commerce
[9]Linux in the news
[10]Announcements
[11]Linux History
[12]Letters
[13]All in one big page
See also: [14]last week's Security page.
Security
News and Editorials
Red Hat mkpasswd limitations. A limitation in the Red Hat mkpasswd
command was [15]discussed on BugTraq this week. Mkpasswd is an expect
script that can be used to generate random passwords. Similar to a
recently reported problem with a password generator for the Palm, it
seems that mkpasswd uses an inadequate seed, based on the process ID,
which results in a much smaller pool of passwords than is expected.
Of course, the smaller the pool of passwords, the easier it is to
brute-force a password.
In addition to the importance of using a good random seed in the
password generator, the need to reseed was also discussed. Using the
Tcl 8 rand() function as an example, it was shown that seeding only
once produce in the range of 22,000 passwords before duplicates began
to occur. The Tcl 8 rand() function uses the system clock for a seed.
Alternately using a weaker seed but reseeding with each invocation,
more than 45,000 passwords were generated without a duplicate
occurring.
We expect an update for the Red Hat mkpasswd command will be provided
in the near future. Meanwhile, sites that use password generators to
assign passwords may want to look more closely at the algorithms upon
which they are depending.
Disabling Module Loading Caveat. A piece of information was
accidentally left out of [16]last week's lead-in editorial, which
talked about using the capability bounding set to disable the loading
of kernel modules. In June of 2000, Patrick Reynolds sent in a
[17]Letter to the Editor pointing out that "/proc/sys/kernel/cap-bound
maps directly to the cap_bset variable in kernel memory". As a result,
unless CAP_SYS_RAWIO is disabled (it controls access to /dev/mem), it
is possible to use /dev/mem to load new code into the kernel (this
will require access to a valid System.map file).
Unfortunately, disabling /dev/mem will break many things, including X
and potentially many other user-space programs.
The use of capability bounding sets will still assist in protecting
systems from many current rootkits that use loadable kernel modules,
but, as common with most security issues, they only provide a partial
solution. (Thanks to Neale Pickett for pointing out our error in
omitting this information last week).
Carko distributed-denial-of-service tool. A new distributed
denial-of-service tool, named [18]Carko, was reported on various
systems this week. Carko is a clone of stacheldraht+antigl+yps, with
apparently as little as [19]one source code line difference. However,
it has been updated to leverage much newer vulnerabilities, in
particular a [20]buffer overflow in snmpXdmid under Solaris.
Although Carko is not currently targeting Linux vulnerabilities, it is
a reminder that the problem of distributed denial-of-service attacks
has not been resolved. For now, the best defense for all of us is not
only to close all vulnerabilities on our own systems in a timely
manner, but also to encourage and support everyone else we know to do
likewise. Carko is spreading because the availability of hosts with
open vulnerabilities is vast.
CRYPTO-GRAM newsletter. Bruce Schneier's [21]CRYPTO-GRAM newsletter
for April is out. It covers computer security from a military
defensive point of view, the fake Microsoft certificates, and more.
Microsoft: Closed source is more secure (SecurityFocus). SecurityFocus
has put up [22]a report from Microsoft security head Steve Lipner's
talk at the RSA Conference. "Lipner slammed the open source
development process, suggesting that the often-voluntary nature of
creating works like the Linux operating system make it less
disciplined, and less secure. 'The open source model tends to
emphasize design and development. Testing is boring and expensive.'"
Reading through the comments posted to SecurityFocus revealed little
support for Lipner's words, but that could be expected from an
audience that is both security-savvy and extremely familiar with Open
Source software. The most relevant comment we found was from "Will"
who [23]pointed out that the majority of advisories from Microsoft
credit people outside their own staff for finding the security holes.
That indicates that a "dedicated, trained, full time and paid" staff
isn't the answer either. Neither closed source nor Open Source
software is as secure as it needs to become.
Security Reports
Linux Kernel 2.4 Netfilter/IPTables vulnerability.
Under Linux 2.4, IPTables is used for building firewalls. It is
implemented under the NetFilter framework, a raw framework for
filtering and mangling packets. A [24]vulnerability has been reported
in the manner that the RELATED state is implemented which can be
exploited to potentially bypass a firewall and access ports that are
assumed to be protected.
The NetFilter team has provided [25]a patch for Linux 2.4.3. Note that
the patch may be subject to future revision; a URL is provided where
the latest version can be found. Presumably the patch, or its future
incarnation, will be provided in an upcoming version of 2.4.
Meanwhile, the original posting provides details that network
engineers will want to examine to improve and tighten the use of the
RELATED state.
Samba 2.0.8 security issue.
Andrew Tridgell posted a note to BugTraq that [26]Samba 2.0.8 has been
released to address a significant security vulnerability that allows
local users to corrupt local devices (such as raw disks).
* [27]Trustix
* [28]Debian
* [29]Immunix
* [30]Caldera
cfingerd format string vulnerability.
A [31]format string vulnerability has been reported in cfingerd
("Configurable Finger Daemon") which can be used remotely to gain root
privileges and execute arbitrary code. An exploit for this
vulnerability has been published and a patch to fix the problem is
available.
[32]Debian
Debian Security Advisory for exuberant-ctags.
Colin Phipps discovered that the exuberant-ctags package, as
distributed with Debian GNU/Linux 2.2, [33]creates temporary files
insecurely. This has been fixed in version 1:3.2.4-0.1 of the Debian
package, and upstream version 3.5. Other distributions that ship this
package will also be impacted
bubblemon kmem permissions vulnerability.
[34]bubblemon, an application that displays CPU and memory load as
bubbles in a jar of water, is installed setgid kmem under FreeBSD. As
a result, it can be [35]exploited to execute arbitrary commands under
group kmem. It has not been reported whether or not the same problem
crops up on other BSD systems or on Linux. A new version, Bubblemon
1.32, has been released with a fix for the problem.
web scripts.
The following web scripts were reported to contain vulnerabilities:
* [36]Crosswind's Cyberscheduler is reported to contain a buffer
overflow in the variable that holds the time zone information. An
exploit for the problem has been published and a fix is reportedly
available on the [37]Crosswind website.
Commercial products.
The following commercial products were reported to contain
vulnerabilities:
* [38]Lightwave ConsoleServer 3200, a console switch, discloses
sensitive information to non-authenticated users. A hardware
upgrade (a new network card using embedded Linux) to resolve the
problem is scheduled for this summer. Until then, the only
workaround is to firewall the device to prevent connections from
outside the local network.
* A format string vulnerability has been reported in [39]Hylafax
hfaxd. Successful exploitation of the vulnerability will allow an
attacker to gain root privileges. Hylafax has released patches to
fix the problem.
* [40]Cisco VPN 3000 Concentrator is vulnerable to a
denial-of-service attack based on its inability to properly handle
specific malformed IP packets. Upgraded firmware to correct the
problem is available.
* [41]NCM Content Management System contains a perl script,
content.pl, which does insufficient input checking. As a result,
it can be exploited to execute arbitrary SQL queries. An upgrade
to fix the problem has been released.
* [42]Trend Micro Interscan Viruswall, a software scanning package
that watches SMTP, FTP and HTTP transfers, contains multiple CGI
programs that have buffer overflows in them. As a result, the
package can be exploited remotely to gain root access. An upgrade
to fix the problem has been made available.
* The [43]Cisco Catalyst 5000 Series has been reported vulnerable to
a network storm as a result of receiving a 802.1x frame on an STP
block port. Software updates for the problem are either available
now or promised in the near future.
Updates
Netscape 4.76 GIF comment vulnerability.
Check the [44]April 12th LWN Security Summary for the original report.
The vulnerability can be used to embed executable Javascript in GIF
comments which are then executed by the viewer when loading the GIF
file. This has been fixed in Netscape 4.77, which is available for
download from ftp.netscape.com.
This week's updates:
* [45]Red Hat, includes support for new 7.1 distribution
* [46]Immunix
* [47]Conectiva
Previous updates:
* [48]Red Hat (April 12th)
ntp remotely exploitable static buffer overflow.
An exploit for a static buffer overflow in the Network Time Protocol
(ntp) was published on April 4th. This exploit can allow a remote
attacker to crash the ntp daemon and possibly execute arbitrary
commands on the host. Patches and new packages to fix this problem
came out quickly. It is recommended that you upgrade your ntp package
immediately. If you cannot, disabling the service until you can is a
good idea. For more details and links to related posts, check BugTraq
ID [49]2540.
This week's updates:
* [50]KRUD
* [51]FreeBSD
* [52]Progeny
Previous updates:
* [53]Caldera (April 12th)
* [54]Conectiva (April 12th)
* [55]Debian (April 12th)
* [56]Debian, original patch to ntp introduced a potential
denial-of-service problem, fixed in new updates to ntp. (April
12th)
* [57]Engarde (April 12th)
* [58]Immunix (April 12th)
* [59]Linux-Mandrake (April 12th)
* [60]NetBSD (April 12th)
* [61]Progeny (April 12th)
* [62]Red Hat (April 12th)
* [63]Slackware (April 12th)
* [64]SuSE (April 12th)
* [65]Trustix (April 12th)
IP Filter fragment caching vulnerability.
Check the [66]April 12th LWN Security Summary for the original report.
[67]IP Filter 3.4.17 has been released with a fix for the problem.
BugTraq ID [68]2545.
This week's updates:
* [69]FreeBSD
Multiple FTP daemon globbing vulnerability.
Check the [70]April 12th LWN Security Summary for the original report.
This week's updates:
* [71]FreeBSD
Previous updates:
* [72]NetBSD
ptrace/execve/procfs race condition in the Linux kernel 2.2.18.
Exploits were released the week of [73]March 29th for a
[74]ptrace/execve/procfs race condition in the Linux kernel 2.2.18. As
a result, an upgrade to Linux 2.2.19 is recommended.
Last week, Alan Cox put up the [75]Linux 2.2.19 release notes, finally
giving the specifics on all the security-related fixes in 2.2.19 (all
thirteen of them!) and giving credit to the [76]Openwall project and
Chris Evans, for the majority of the third-party testing and auditing
work that turned up these bugs. Fixes for the same bugs have also been
ported forward into the 2.4.X kernel series.
This week's updates:
* [77]Debian
* [78]Red Hat
* [79]Linux-Mandrake
Previous updates:
* [80]Immunix (March 29th)
* [81]Linux 2.2.19 release notes
* [82]Caldera, 2.2.19 security fixes (April 5th) backported to
2.2.10 and 2.2.14, the kernels used in various Caldera products
* [83]Trustix (April 12th)
* [84]Progeny (April 12th)
* [85]Progeny, advisory updated due to error in update instructions.
(April 12th)
OpenSSH 2.5.2p2 released.
[86]OpenSSH 2.5.2p2 was announced the week of [87]March 29th. It
contains a number of fixes (including improvements in the defenses
against the passive analysis attacks discussed in the [88]March 22nd
LWN security page) and quite a few new features as well.
This week's updates:
* [89]Progeny
Previous updates:
* [90]Linux-Mandrake (March 29th)
* [91]Conectiva (March 29th)
* [92]Immunix (March 29th)
* [93]Red Hat (RH 7 only) (March 29th)
* [94]Trustix (April 5th)
* [95]Red Hat, links updated as a result of a directory restructure
on the update site (April 5th)
* [96]Slackware changelog notice
pico symbolic link vulnerability.
Check the [97]December 14th, 2000 LWN Security Summary for the initial
report of this problem. Note that this has also been reported as a
[98]pine vulnerability, but the vulnerable component is still pico,
not pine. Check BugTraq ID [99]2097 for more details.
This is the first distribution update we've seen for this
four-month-old vulnerability.
This week's update:
* [100]Red Hat
* [101]Immunix
Resources
New Security Mailing Lists. In an apparent effort to lessen the load
on the BugTraq mailing list, Security Focus has announced [102]four
new mailinglists:
* SECTOOLS - For the announcement of new or updated (free) security
tools.
* SECPAPERS - For the announcement of new security papers, articles,
& books.
* SECEVENTS - For the announcement or call for papers for events
(e.g. conferences, symposia, etc).
* SECPROD - For the announcement of new or updated security
products.
Hacker Tools and Their Signatures, Part One: bind8x.c. Toby Miller has
started a series of articles detailing hacker exploits/tools and their
signatures. The first article in this series focuses on [103]bind8x.c.
"The discussion will cover the details of bind8x.c and provide
signatures that will assist an IDS analyst in detecting it. This paper
assumes that the reader has some basic knowledge of TCP/IP and
understands the tcpdump format".
Adore Detection. Duncan Simpson [104]wrote in this week to point out a
couple of tools that can be used to detect the Adore worm, including
rkscan and checkps 1.3.2. "Checkps 1.3.2 in kill scanning mode should
now detect adore due to two additional tests as to whether a pid
really exists (adore "fixes" the kill system call)".
Events
Upcoming Security Events.
Date Event Location
April 20 - 22, 2001 [105]First annual iC0N security conference
Cleveland, Ohio, USA
April 22 - 25, 2001 [106]Techno-Security 2001 Myrtle Beach, SC, USA
April 24 - 26, 2001 [107]Infosecurity Europe 2001 London, Britain, UK
May 13 - 16, 2001 [108]2001 IEEE Symposium on Security Oakland, CA,
USA
May 13 - 16, 2001 [109]CHES 2001 Paris, France
May 29, 2001 [110]Security of Mobile Multiagent Systems(SEMAS-2001)
Montreal, Canada
May 31 - June 1, 2001 [111]The first European Electronic Signatures
Summit London, England, UK
June 1 - 3, 2001 [112]Summercon 2001 Amsterdam, Netherlands
June 4 - 8, 2001 [113]TISC 2001 Los Angeles, CA, USA
June 5 - 6, 2001 [114]2nd Annual IEEE Systems, Man, and Cybernetics
Information Assurance Workshop United States Military Academy,
Westpoint, New York, USA
June 11 - 13, 2001 [115]7th Annual Information Security Conference:
Securing the Infocosm: Security, Privacy and Risk Orlando, FL, USA.
June 17 - 22, 2001 [116]13th Annual Computer Security Incident
Handling Conference (FIRST 2001) Toulouse, France
For additional security-related events, included training courses
(which we don't list above) and events further in the future, check
out Security Focus' [117]calendar, one of the primary resources we use
for building the above list. To submit an event directly to us, please
send a plain-text message to [118]lwn@lwn.net.
Section Editor: [119]Liz Coolbaugh
April 19, 2001
[120]Click Here
Secured Distributions:
[121]Engarde Secure Linux
[122]Immunix
[123]Nexus
[124]SLinux [125]NSA Security Enhanced
[126]Trustix
Security List Archives
[127]Bugtraq Archive
[128]Firewall Wizards Archive
[129]ISN Archive
Distribution-specific links
[130]Caldera Advisories
[131]Conectiva Updates
[132]Debian Alerts
[133]Kondara Advisories
[134]Esware Alerts
[135]LinuxPPC Security Updates
[136]Mandrake Updates
[137]Red Hat Errata
[138]SuSE Announcements
[139]Yellow Dog Errata
BSD-specific links
[140]BSDi
[141]FreeBSD
[142]NetBSD
[143]OpenBSD
Security mailing lists [144]Caldera
[145]Cobalt
[146]Conectiva
[147]Debian
[148]Esware
[149]FreeBSD
[150]Kondara
[151]LASER5
[152]Linux From Scratch
[153]Linux-Mandrake
[154]NetBSD
[155]OpenBSD
[156]Red Hat
[157]Slackware
[158]Stampede
[159]SuSE
[160]Trustix
[161]turboLinux
[162]Yellow Dog
Security Software Archives
[163]munitions
[164]ZedZ.net (formerly replay.com)
Miscellaneous Resources
[165]CERT
[166]CIAC
[167]Comp Sec News Daily
[168]Crypto-GRAM
[169]LinuxLock.org
[170]Linux Security Audit Project
[171]LinuxSecurity.com
[172]OpenSSH
[173]OpenSEC
[174]Security Focus
[175]SecurityPortal
[176]Next: Kernel
[177]Eklektix, Inc. Linux powered! Copyright Л 2001 [178]Eklektix,
Inc., all rights reserved
Linux (R) is a registered trademark of Linus Torvalds
References
1. http://lwn.net/
2. http://ads.tucows.com/click.ng/pageid=001-012-132-000-000-002-000-000-012
3. http://lwn.net/2001/0419/
4. http://lwn.net/2001/0419/kernel.php3
5. http://lwn.net/2001/0419/dists.php3
6. http://lwn.net/2001/0419/desktop.php3
7. http://lwn.net/2001/0419/devel.php3
8. http://lwn.net/2001/0419/commerce.php3
9. http://lwn.net/2001/0419/press.php3
10. http://lwn.net/2001/0419/announce.php3
11. http://lwn.net/2001/0419/history.php3
12. http://lwn.net/2001/0419/letters.php3
13. http://lwn.net/2001/0419/bigpage.php3
14. http://lwn.net/2001/0412/security.php3
15. http://lwn.net/2001/0419/a/mkpasswd.php3
16. http://lwn.net/2001/0412/security.php3
17. http://lwn.net/2000/0629/backpage.php3
18. http://lwn.net/2001/0419/a/carko.php3
19. http://lwn.net/2001/0419/a/carko3.php3
20. http://lwn.net/2001/0419/a/carko2.php3
21. http://lwn.net/2001/0419/a/cryptogram.php3
22. http://www.securityfocus.com/news/191
23.
http://www.securityfocus.com/frames/?content=/templates/article.html%3Fid%3D191%
26cid%3D5280
24. http://lwn.net/2001/0419/a/netfilter.php3
25. http://lwn.net/2001/0419/a/sec-iptables.php3
26. http://lwn.net/2001/0419/a/samba-2.0.8.php3
27. http://lwn.net/2001/0419/a/trustix-samba2.0.8.php3
28. http://lwn.net/2001/0419/a/deb-samba2.0.8.php3
29. http://lwn.net/2001/0419/a/immunix-samba2.0.8.php3
30. http://lwn.net/2001/0419/a/caldera-samba.php3
31. http://www.securityfocus.com/bid/2576
32. http://lwn.net/2001/0419/a/deb-cfingerd.php3
33. http://lwn.net/2001/0419/a/deb-ctags.php3
34. http://freshmeat.net/projects/bubblemon/
35. http://lwn.net/2001/0419/a/bubblemon.php3
36. http://lwn.net/2001/0419/a/cyberscheduler.php3
37. http://www.crosswind.com/home.htm
38. http://www.securityfocus.com/bid/2578
39. http://www.securityfocus.com/bid/2574
40. http://www.securityfocus.com/bid/2573
41. http://www.securityfocus.com/bid/2584
42. http://www.securityfocus.com/bid/2579
43. http://lwn.net/2001/0419/a/cisco-catalyst5000.php3
44. http://lwn.net/2001/0412/security.php3#netscapegif
45. http://lwn.net/2001/0419/a/rh-7.1-netscape.php3
46. http://lwn.net/2001/0419/a/im-netscape.php3
47. http://lwn.net/2001/0419/a/con-netscape.php3
48. http://lwn.net/2001/0412/a/rh-netscape.php3
49. http://www.securityfocus.com/bid/2540
50. http://lwn.net/2001/0419/a/krud-ntp.php3
51. http://lwn.net/2001/0419/a/fb-ntp.php3
52. http://lwn.net/2001/0419/a/progeny-ntp.php3
53. http://lwn.net/2001/0412/a/cald-ntpd.php3
54. http://lwn.net/2001/0412/a/con-xntp.php3
55. http://lwn.net/2001/0412/a/deb-ntp.php3
56. http://lwn.net/2001/0412/a/db-ntp-2.php3
57. http://lwn.net/2001/0412/a/engarde-xntp.php3
58. http://lwn.net/2001/0412/a/im-ntp-xntp3.php3
59. http://lwn.net/2001/0412/a/lm-ntp-xntp3.php3
60. http://lwn.net/2001/0412/a/nb-ntp.php3
61. http://lwn.net/2001/0412/a/progeny-ntpd.php3
62. http://lwn.net/2001/0412/a/rh-xntp.php3
63. http://lwn.net/2001/0412/a/sl-xntp.php3
64. http://lwn.net/2001/0412/a/suse-xntp.php3
65. http://lwn.net/2001/0412/a/trustix-xntp.php3
66. http://lwn.net/2001/0412/security.php3#bsdipfilter
67. http://freshmeat.net/releases/45473/
68. http://www.securityfocus.com/bid/2545
69. http://lwn.net/2001/0419/a/fb-ipfilter.php3
70. http://lwn.net/2001/0412/security.php3#bsdftp
71. http://lwn.net/2001/0419/a/fb-ftp.php3
72. http://lwn.net/2001/0419/a/nb-ftp.php3
73. http://lwn.net/2001/0329/security.php3#kernelptrace
74.
http://securityfocus.com/frames/?content=/templates/archive.pike%3Flist%3D1%26ti
d%3D172196%26fromthread%3D0%26threads%3D1%26start%3D2001-03-25%26end%3D2001-03-3
1%26
75. http://www.linux.org.uk/VERSION/relnotes.2219.html
76. http://www.openwall.com/
77. http://lwn.net/2001/0419/a/deb-kernel.php3
78. http://lwn.net/2001/0419/a/rh-2.2.19.php3
79. http://lwn.net/2001/0419/a/lm-kernel-adv.php3
80. http://lwn.net/2001/0329/a/im-kernel.php3
81. http://www.linux.org.uk/VERSION/relnotes.2219.html
82. http://lwn.net/2001/0405/a/caldera-backport.php3
83. http://lwn.net/2001/0412/a/trustix-kernel.php3
84. http://lwn.net/2001/0412/a/progeny-ptrace.php3
85. http://lwn.net/2001/0412/a/progeny-ptrace2.php3
86. http://lwn.net/2001/0419/a/openssh-2.5.2p2.php3
87. http://lwn.net/2001/0329/security.php3#openssh
88. http://lwn.net/2001/0322/security.php3#sshpassive
89. http://lwn.net/2001/0419/a/progeny-openssh.php3
90. http://lwn.net/2001/0329/a/lm-openssh.php3
91. http://lwn.net/2001/0329/a/con-openssh.php3
92. http://lwn.net/2001/0329/a/im-openssh.php3
93. http://lwn.net/2001/0329/a/rh-openssh.php3
94. http://lwn.net/2001/0405/a/tr-openssh.php3
95. http://lwn.net/2001/0405/a/rh-openssh2.php3
96. http://www.slackware.com/changelog/current.php?cpu=i386
97. http://lwn.net/2000/1214/security.php3#pico
98. http://www.securityfocus.com/archive/1/150150
99. http://www.securityfocus.com/bid/2097
100. http://lwn.net/2001/0419/a/rh-pine.php3
101. http://lwn.net/2001/0419/a/im-pine.php3
102. http://lwn.net/2001/0419/a/newmailinglists.php3
103. http://lwn.net/2001/0419/security.php3
104. http://lwn.net/2001/0419/a/adoredetection.php3
105. http://lwn.net/2001/0208/a/iC0N.php3
106. http://www.techsec.com/html/Conferences.html
107. http://www.infosec.co.uk/page.cfm
108. http://www.ieee-security.org/TC/sp2001.html
109. http://www.ece.wpi.edu/Research/crypt/ches/start.html
110. http://www.dfki.de/~kuf/semas/
111.
http://www.iqpc.com/cgi-bin/templates/98485262029583740234300003/genevent.html?e
vent=1525&topic=
112. http://www.summercon.org/announcements/
113. http://www.tisc2001.com/
114. http://www.itoc.usma.edu/Workshop/2001/Workshop2001.htm
115.
http://www.gartner.com/IndexHomePage.jsp?landPage=/2_events/conferences_briefing
s/conferences/sec7.jsp
116. http://www.first.org/conference/2001/
117. http://securityfocus.com/calendar
118. mailto:lwn@lwn.net
119. mailto:lwn@lwn.net
120. http://ads.tucows.com/click.ng/buttonpos=lwnbuttonsecurity
121. http://www.engardelinux.org/
122. http://www.immunix.org/
123. http://Nexus-Project.net/
124. http://www.slinux.org/
125. http://www.nsa.gov/selinux/
126. http://www.trustix.com/
127. http://www.securityfocus.com/bugtraq/archive/
128. http://www.nfr.net/firewall-wizards/
129. http://www.jammed.com/Lists/ISN/
130. http://www.calderasystems.com/support/security/
131. http://www.conectiva.com.br/atualizacoes/
132. http://www.debian.org/security/
133. http://www.kondara.org/errata/k12-security.html
134. http://www.esware.com/actualizaciones.html
135. http://linuxppc.org/security/advisories/
136. http://www.linux-mandrake.com/en/fupdates.php3
137. http://www.redhat.com/support/errata/index.html
138. http://www.suse.de/security/index.html
139. http://www.yellowdoglinux.com/resources/errata.shtml
140. http://www.BSDI.COM/services/support/patches/
141. http://www.freebsd.org/security/security.html
142. http://www.NetBSD.ORG/Security/
143. http://www.openbsd.org/security.html
144. http://www.calderasystems.com/support/forums/announce.html
145. http://www.cobalt.com/support/resources/usergroups.html
146. http://distro.conectiva.com.br/atualizacoes/
147. http://www.debian.org/MailingLists/subscribe
148. http://www.esware.com/lista_correo.html
149. http://www.freebsd.org/handbook/eresources.html#ERESOURCES-MAIL
150. http://www.kondara.org/mailinglist.html.en
151. http://l5web.laser5.co.jp/ml/ml.html
152. http://www.linuxfromscratch.org/services/mailinglistinfo.php
153. http://www.linux-mandrake.com/en/flists.php3
154. http://www.netbsd.org/MailingLists/
155. http://www.openbsd.org/mail.html
156. http://www.redhat.com/mailing-lists/
157. http://www.slackware.com/lists/
158. http://www.stampede.org/mailinglists.php3
159. http://www.suse.com/en/support/mailinglists/index.html
160. http://www.trustix.net/support/
161. http://www.turbolinux.com/mailman/listinfo/tl-security-announce
162. http://lists.yellowdoglinux.com/ydl_updates.shtml
163. http://munitions.vipul.net/
164. http://www.zedz.net/
165. http://www.cert.org/nav/alerts.html
166. http://ciac.llnl.gov/ciac/
167. http://www.MountainWave.com/
168. http://www.counterpane.com/crypto-gram.html
169. http://linuxlock.org/
170. http://lsap.org/
171. http://linuxsecurity.com/
172. http://www.openssh.com/
173. http://www.opensec.net/
174. http://www.securityfocus.com/
175. http://www.securityportal.com/
176. http://lwn.net/2001/0419/kernel.php3
177. http://www.eklektix.com/
178. http://www.eklektix.com/
--- ifmail v.2.14.os7-aks1
* Origin: Unknown (2:4615/71.10@fidonet)
Вернуться к списку тем, сортированных по: возрастание даты уменьшение даты тема автор
| Тема: |
Автор: |
Дата: |
|
URL: http://lwn.net/2001/0419/security.php3 |
Sergey Lentsov |
19 Apr 2001 17:11:22 |
|
|
