[CentOS] RH's servers breached
jperrin at gmail.com
Fri Aug 22 21:33:30 UTC 2008
On Fri, Aug 22, 2008 at 5:15 PM, Paul Norton <paul at neoverve.com> wrote:
> I see an announcement for the packages on the announce list, but no more
> informamtion anywhere from the CentOS team (Planet or ML). Are these
> packages "just to be safe" or was there something actually found?
There's a CVE associated with a different (unrelated) bug in how ssh
handled forwarded x11 sessions. The upstream announcement is here ->
So there are new packages anyway in spite of the other bits.
During times of universal deceit, telling the truth becomes a revolutionary act.
More information about the CentOS