Re: Security/package update release frequency

Subject: Re: Security/package update release frequency
From: Dan Burcaw (dburcaw@terraplex.com)
Date: Wed Jul 26 2000 - 13:12:28 MDT

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
• Next message: Donald Cowart: "Multi-Boot RS/6000 Boxes."
• Previous message: Paul Schinder: "Re: Security/package update release frequency"
• In reply to: Kevin M. Myer: "Security/package update release frequency"
• Reply: Dan Burcaw: "Re: Security/package update release frequency"

We've just been super busy. There is a new kernel rpm set available.. see
ftp://ftp.terraplex.com/pub/updates/kernel

We haven't yet added this to the YUP update database.

You'll be happy to know that we just hired a developer who will be
assisting with package updates (including security).

I apologize for the lack of updates.. I'll get all the updates out
this week and we'll be sure to stay on top of them in the future. (the
addition of more staff will help this! :)

> Hi,
>
> I was wondering if anyone could comment on the apparent lack of
> security/package updates for the Champion Server 1.2 release. The last
> released update I can find was the etcskel package, dated May 7, 2000.
> In the meantime, a serious bug has been exposed in the Linux kernel (all
> versions <= 2.2.15), there have been theoretically exploitable NFS holes,
> the ability to eavesdrop of EMACS process communication by non priveleged
> users, etc. I am just wondering why Yellowdog has ceased to release
> updates? Is the release and development of Gone Home more important than
> the ongoing security of a distribution? Is the staff overworked and
> security falls by the wayside? Are we witnessing security through
> obscurity being played out, since the percentage of vulnerable x86
> machines is higher than the percentage of vulnerable PPC machines, simply
> because there are that many more x86 machines and shell code is a dime a
> dozen for that architecture?
>
> Just wondering - I keep checking for updates and see none and am wondering
> why that is the case.
>
> Kevin
>
> --
> Kevin M. Myer
> Systems Administrator
> Lancaster-Lebanon Intermediate Unit 13
> (717)-560-6140
>
>

Regards,
Dan

Terra Soft Solutions, Inc.
 http://www.terrasoftsolutions.com/

 Yellow Dog Linux
 "The Ultimate Companion for a Dedicated Server"
 http://www.yellowdoglinux.com/

 Black Lab Linux
 Advanced Workstations, Parallel, and Embedded Solutions
 http://www.blacklablinux.com/

• Next message: Donald Cowart: "Multi-Boot RS/6000 Boxes."
• Previous message: Paul Schinder: "Re: Security/package update release frequency"
• In reply to: Kevin M. Myer: "Security/package update release frequency"
• Reply: Dan Burcaw: "Re: Security/package update release frequency"

This archive was generated by hypermail 2a24 : Wed Jul 26 2000 - 13:12:32 MDT