Sections: Main page Linux in the news Security Kernel Distributions Development Commerce Announcements Back page All in one big page See also: last week's Security page. |
SecuritySecurity coverage for this week is not comprehensive. We'll go back next week and catch up with anything we missed. See you then! Security ReportsThe Mandrake folks have announced updates to KDE to fix the recently-found security problem there.Caldera has put out a security advisory for problems with KDE and DOSEMU. If you're running either of those packages, you probably want to get and apply the updates. Those of you running Cobalt systems may want to have a look at this Wired News article describing how it may be possible to obtain the root password via the system's web server. The problem seems to be that home directories are served to the web; in this particular case the exploit seems to be to fetch root's shell history file and look for interesting stuff. Perhaps the most discouraging part: "Vivek Mehra, vice president of product development at Cobalt, said the hole, which could give a hacker access to a history file documenting a user's activities, wasn't specific to their appliance, but to the Linux operating system." |
March 4, 1999 |