[Sussex] web security glitch!!

Steve Dobson steve.dobson at syscall.org.uk
Wed Jul 9 08:08:15 UTC 2008


Colin / Steve

On Wed, 2008-07-09 at 08:19 +0100, Colin King wrote:
> On Wed, 2008-07-09 at 07:41 +0100, Steve Redshaw wrote:
> > Internet security breach tackled
> > 
> > BBC news website - 9.7.08
> > http://news.bbc.co.uk/1/hi/technology/7496735.stm
> > 
> > does this have any implications for Linux users? the news article does
> > not go into much detail about how users can be directed to phoney web
> > sites or the specific conditions a computer might have to make it a
> > risk, but as Linux does not have automatic updates this could be a
> > problem?
> 
> I believe I just saw the fix is in today's Ubuntu updates:
> 
>   * SECURITY UPDATE: Randomize UDP query source ports to improve forgery
> resilience.
>   * References
>     CVE-2008-1447

I saw the security notices on debian-security yesterday or the day
before.

Steve

-- 
Steve Dobson

Every young man should have a hobby: learning how to handle money is
the best one.
-- Jack Hurley

-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://mailman.lug.org.uk/pipermail/sussex/attachments/20080709/1da683f9/attachment.pgp 


More information about the Sussex mailing list