[CentOS] RH's servers breached

Fri Aug 22 21:33:30 UTC 2008
Jim Perrin <jperrin at gmail.com>

On Fri, Aug 22, 2008 at 5:15 PM, Paul Norton <paul at neoverve.com> wrote:

> I see an announcement for the packages on the announce list, but no more
> informamtion anywhere from the CentOS team (Planet or ML).  Are these
> packages "just to be safe" or was there something actually found?

There's a CVE associated with a different (unrelated) bug in how ssh
handled forwarded x11 sessions. The upstream announcement is here ->

So there are new packages anyway in spite of the other bits.

During times of universal deceit, telling the truth becomes a revolutionary act.
George Orwell