Openssl
I don't normally run mod_ssl so didn't pay attention.. but if you're running it (and RedHat gives you mod_ssl by default, yucky yuck) and have openssl v 0.9.6c or lower.. you're vulnerable to .cinic worm. So go patch up.
May I just add.. RedHat is a pain to patch if you don't use an rpm..
Comments
And RPMs are a pain, so....
Posted by: Jeremy Zawodny | January 6, 2003 12:49 PM
So, of course I went with lesser evil and built from source :)
Posted by: kasia | January 6, 2003 01:49 PM
I also hate RPMs. It's what drew me to Gentoo. SuSE was a great distro, but I hate RPMs. Gentoo builds everything from source and I just find it nice...:)
Posted by: Techie2000 | January 6, 2003 03:33 PM
Install apt-rpm* so it's just a matter of:
apt-get update
apt-get dist-upgrade
easy :)
* http://apt-rpm.tuxfamily.org/
Posted by: Gav | January 6, 2003 04:55 PM
You have 226,571 config files that need updating. Type emerge --help config for details.
Hmm... time to clean up /etc
(no, I don't really have that many files that need updating)
Posted by: Matt | January 6, 2003 06:15 PM
ROFL. Time to get to work. I actually like their config protection system...
Posted by: Techie2000 | January 6, 2003 08:04 PM
RedHat's openssl is actually secure and all. Instead of upping the version to a current one their policy is usually to backport only the security patches. On a side note, net-snmp got upped from 5.0.1 to 5.0.6 recently contrary to the normal policy. :)
Posted by: kajtzu | January 9, 2003 04:20 PM