problem with apt4rpm

William F. Acker WB2FLW +1-303-777-8123 wacker at octothorp.org
Thu Jul 18 23:34:01 EDT 2002


Jim:

     On June 27, Red Hat released openssh-3.1p1-6.  There was a security 
problem in some non-default configurations that was addressed by this 
release.  Can you demonstrate that this release of openssh is insecure?  
If so, then you need to contact Red Hat.  They'll fix it, believe me.  
Like most companies these days, they really jump when security is 
involved.  One way to contact them is through Bugzilla 
https://bugzilla.redhat.com/bugzilla/.  It's a reall bitch in lynx, 
though.





          HTH and 73.
          Bill


On Thu, 18 Jul 2002 jwantz at hpcc2.hpcc.noaa.gov wrote:

> Hi Ryan,
> Your problem probably lies in your /etc/apt/sources.list file its 
> pointing to some directories that no longer exist.  For the moment I'd 
> comment out all references that are not referring to freshrpms.  
> Incidentally, I registered on Redhat network yesterday try: rhn_register 
> and up2date works fine, but I still like apt4rpm better.  By the way, 
> Redhat Network did not have the latest upgrades to openssh, which 
> considering the vulnerabilities in releases 2.3 through 3.31 is not very 
> good.  Redhat is calaiming that they don't have a problem, but this is 
> not so!





More information about the Speakup mailing list