[NBLUG/talk] reporting a bug in a major distro
Jeremy Turner
jeremy at linuxwebguy.com
Sat Aug 23 21:53:01 PDT 2003
On Sat, 2003-08-23 at 21:38, error wrote:
> What if I told you that I had found a huge bug in a major distro.
The beauty of open source is you know the email of the author. You can
send an email detailing the exact sequence and how you and root the
boxen.
If it indeed is a major security hole, the authors could make the
necessary changes (unless you included a patch to fix it) and push out
changes to the various distributions.
If, however, the flaw occurs in a distro-dependent app (like
SuSE/Mandrake/RedHat's various config tools) it would be more difficult
to contact the right people to get it fixed.
Redhat says [http://redhat.com/security]:
Please report any instances of security vulnerability with any Red Hat
product or service to the Red Hat Security Response Team,
secalert at redhat.com.
Maybe Mandrake/SuSE etc have something similar?
Jeremy
--
Jeremy Turner <jeremy at linuxwebguy.com>
The LinuxWebGuy
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://nblug.org/pipermail/talk/attachments/20030823/12a8040b/attachment.pgp
More information about the talk
mailing list