Some security issues by oreilly

Dagmar d'Surreal dagmar.wants at
Wed Jun 18 15:13:55 PDT 2003

On Wed, 2003-06-18 at 03:27, Dan Osterrath wrote:
> Just found that:
> Interesting for (B)LFS might be the section with linux kernel 2.4 and gnu zip.
> Can anyone confirm these issues and does know, which versions are vulnerable?

Which ones are you referring to?  There's a list of several things
there, and most of them _do_ apply to LFS/BLFS, for instance...

Kernel, yup.

Kernel, yup.

Gzip, yup.

Eterm, yup.

I'm not going any further than those three because they're the majority
case, and basically, if you can't read, you shouldn't be using Linux. 
If you /really/ care, you'll subscribe yourself to Bugtraq.  (...and I'm
neck deep in an audit for some NT machines right now, which makes the
work involved in checking Unix machines seem an utter cakewalk.)

Just start at the CVE entries and follow all the references.  There
should be more than enough detail for you to determine if you have a
problem... that's the point of the advisories although CERT is a fair
bit better about being clear on matters.

The email address above is just as phony as it looks, and for obvious reasons.
Instant messaging contact nfo: AIM: evilDagmar  Jabber: evilDagmar at

Unsubscribe: send email to listar at
and put 'unsubscribe lfs-security' in the subject header of the message

More information about the lfs-security mailing list