From: "Dmitry V. Levin" <ldv@alt-linux.org> To: devel@altlinux.ru Subject: [devel] [solar@openwall.com: Owl 0.1-stable] Date: Thu, 5 Jul 2001 16:08:38 +0400 Message-ID: <20010705160838.A29435@ldv.office.alt-linux.org> (raw) [-- Attachment #1: Type: text/plain, Size: 2918 bytes --] FYI ----- Forwarded message from solar@openwall.com ----- Date: Mon, 2 Jul 2001 06:41:13 +0400 From: solar@openwall.com To: announce@lists.openwall.com Cc: owl-users@lists.openwall.com Subject: Owl 0.1-stable Hi, We've started maintaining a stable branch of Owl, based on Owl 0.1- prerelease. This branch will have all significant reliability and security fixes necessary to use Owl in production -- even before its feature set is complete for it to be called 1.0. Another recent addition is the OpenBSD-like change logs for both Owl branches. Whenever there's a security fix applied to an Owl branch, there will be a change log entry with "SECURITY FIX" and a Severity field on it, in addition to the usual description of what exactly was changed and why. As we fix even very minor security problems, we're not going to "spam" Bugtraq with advisories each time. We will keep the number of change log entries per week low such that the really important changes may be easily seen. Those who need more detailed information can always read change logs for the individual packages. The Owl change logs are included with the corresponding branches under Owl/doc/CHANGES (Owl-0_1-stable/doc/CHANGES for the stable branch) and are also available at: http://www.openwall.com/Owl/CHANGES.shtml (current branch) http://www.openwall.com/Owl/CHANGES-stable.shtml (stable branch) Finally, below is a summary of security fixes that have been applied since the prerelease. So far, the worst vulnerability which affects the default install of Owl 0.1-prerelease is the GnuPG format string bug, and that is passive. owl!build:~$ grep -B1 '^SECURITY FIX' native/Owl/doc/CHANGES 2001/06/29 Package: xinetd SECURITY FIX Severity: none to high, remote, active -- 2001/06/27 Package: gpm SECURITY FIX Severity: none to low, physical, active -- 2001/06/14 Package: openssh SECURITY FIX Severity: none to low, remote, active -- 2001/06/12 Package: screen SECURITY FIX Severity: low, local, passive -- 2001/06/11 Package: openssh SECURITY FIX Severity: low, local, active -- 2001/06/03 Package: glibc SECURITY FIX Severity: low to medium, local, passive -- 2001/05/30 Package: gnupg SECURITY FIX Severity: high, remote, passive -- 2001/05/29 Packages: SysVinit, xinetd, owl-startup SECURITY FIX Severity: none to medium, local, passive to active -- 2001/05/27 Package: gawk SECURITY FIX Severity: low, local, passive -- 2001/05/23 Package: sysklogd SECURITY FIX Severity: none to medium, local, active -- /sd ----- End forwarded message ----- Regards, Dmitry +-------------------------------------------------------------------------+ Dmitry V. Levin mailto://ldv@alt-linux.org ALT Linux Team http://www.altlinux.ru/ Fandra Project http://www.fandra.org/ +-------------------------------------------------------------------------+ UNIX is user friendly. It's just very selective about who its friends are. [-- Attachment #2: Type: application/pgp-signature, Size: 232 bytes --]
reply other threads:[~2001-07-05 12:08 UTC|newest] Thread overview: [no followups] expand[flat|nested] mbox.gz Atom feed
Reply instructions: You may reply publicly to this message via plain-text email using any one of the following methods: * Save the following mbox file, import it into your mail client, and reply-to-all from there: mbox Avoid top-posting and favor interleaved quoting: https://en.wikipedia.org/wiki/Posting_style#Interleaved_style * Reply using the --to, --cc, and --in-reply-to switches of git-send-email(1): git send-email \ --in-reply-to=20010705160838.A29435@ldv.office.alt-linux.org \ --to=ldv@alt-linux.org \ --cc=devel@altlinux.ru \ --cc=devel@linux.iplabs.ru \ /path/to/YOUR_REPLY https://kernel.org/pub/software/scm/git/docs/git-send-email.html * If your mail client supports setting the In-Reply-To header via mailto: links, try the mailto: link
ALT Linux Team development discussions This inbox may be cloned and mirrored by anyone: git clone --mirror http://lore.altlinux.org/devel/0 devel/git/0.git # If you have public-inbox 1.1+ installed, you may # initialize and index your mirror using the following commands: public-inbox-init -V2 devel devel/ http://lore.altlinux.org/devel \ devel@altlinux.org devel@altlinux.ru devel@lists.altlinux.org devel@lists.altlinux.ru devel@linux.iplabs.ru mandrake-russian@linuxteam.iplabs.ru sisyphus@linuxteam.iplabs.ru public-inbox-index devel Example config snippet for mirrors. Newsgroup available over NNTP: nntp://lore.altlinux.org/org.altlinux.lists.devel AGPL code for this site: git clone https://public-inbox.org/public-inbox.git