[dundee] Concerning mailman security
gordon dunlop
zubenel at fedoraproject.org
Mon Aug 6 18:38:29 UTC 2012
On 6 August 2012 11:31, Nicholas Walker <tel0seh at googlemail.com> wrote:
> From the post you've linked, it seems that we're more likely to be very
> much out of date than the latter.
>
> That, and the fact the box that this list runs on is running software
> that is 6 years out of date. I wonder what vulns exist in the other
> services on the box, and what kernel version it is.
>
>
> The virtual machines of the servers are running on Debian Squeeze which
will be fully supported until 2014 ( the actual date of support finish is
yet to be announced). All update notifications, via a cron job, are emailed
to all Lug.org.uk admins and patches applied within a 24hr period, the
latest patches being applied yesterday. As a former Debian user you should
know that the Debian software uses very stable software (brilliant for
servers) and is not the buggiest, latest and greatest version. The main
criteria here is the software being supported for bug and security fixes.
This is also true for Red Hat Enterprise Linux and CentOS distros where
support is for 10 years, so long as the software works and is updated for
security does it matter how old the packages are? The present mailman
version is 2.1.11 which is a fully supported version and the latest update
to this version was made on 1/10/2011, so this in date with security fixes.
If you or indeed anyone has any concerns with the software used on the
Lug.org.uk servers please email admin at lug.org.uk where one of the many
admins will address your concerns.
Gordon
> --
>
> Nick Walker
> President : The Linux Society
> UAD Ethical Hacker
>
> _______________________________________________
> dundee GNU/Linux Users Group mailing list
> dundee at mailman.lug.org.uk http://dundeelug.org.uk
> https://mailman.lug.org.uk/mailman/listinfo/dundee
> Chat on IRC, #tlug on irc.lug.org.uk
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.lug.org.uk/pipermail/dundee/attachments/20120806/a839995b/attachment.htm>
More information about the dundee
mailing list