On Tue, 2004-04-13 at 10:07, StoneBeat wrote: > I have a doubt, imagine that tomorrow someone discovered that OpenSSH shipped > with Fedora Core 1 had a remote exploitable vulnerability. > > How would i be able to get the patch for this vulnerability ? > > would i be able to get patched using "yum update" ? > > would Redhat / Fedora publish an Update in > http://fedora.redhat.com/updates/released/ ? > > > El Lunes 12 Abril 2004 22:03, Bill Nottingham escribió: > > Christofer C. Bell (cbell@xxxxxxxxxxxx) said: > > > What does "support" mean for Fedora Core 1 software? I'm not trying to > > > sound like sour grapes, but I'm honestly curious. I've submitted a > > > couple of bug reports (and submitted the fix with one of them) and so far > > > both have come back closed with "fixed in rawhide." > > > > > > I guess I don't know what this means, exactly. > > > > Rawhide means that it's fixed in the development tree. If this > > is done before FC2 is finalized, this generally means that it will be > > fixed in FC2. > > > > Bill In a word yes. The Linux community as a whole has had patches out faster than any other O.S. Also Red Hat has been prompt to post these patches when available. Also, just because a 'vulnerability' is found doesn't mean it is actually exploitable. A lot of these are problems such as buffer overflows or bad special character parsing. At best they allow a chance for exploitation and usually require a fair amount of programming skill, time, and failed attempts for a cracker, usually through zombies. Most crackers would move on to an easier target unless you are the 'specific' target. The reality of system compromises are from an internal nature S.A. my old employer would remove all sensitive data from hard drives, but left user names and passwords on the disk. Not until I took my PHLAK disk and went through the disk with the office manager did this change! Users are forever downloading worms, trojans, and viruses on systems. Uneducated users they are the greatest liability to security. If your system is updated, say monthly, and your firewall properly set up and maintained, the major issue becomes users. -- jludwig <wralphie@xxxxxxxxxxx>
