22 Aug
2008
22 Aug
'08
11:33 p.m.
On Fri, Aug 22, 2008 at 5:15 PM, Paul Norton paul@neoverve.com wrote:
I see an announcement for the packages on the announce list, but no more informamtion anywhere from the CentOS team (Planet or ML). Are these packages "just to be safe" or was there something actually found?
There's a CVE associated with a different (unrelated) bug in how ssh handled forwarded x11 sessions. The upstream announcement is here -> http://rhn.redhat.com/errata/RHSA-2008-0855.html.
So there are new packages anyway in spite of the other bits.
--
During times of universal deceit, telling the truth becomes a revolutionary act.
George Orwell