Re: [Full-Disclosure] [RHSA-2003:323-01] Updated Ethereal packages fix security issues

From: Charles E. Hill (chill_at_herber-hill.com)
Date: 11/11/03

  • Next message: Frank Knobbe: "Re: [Full-Disclosure] IIS 5.0 random/fixed TCP/UDP ports"
    To: <full-disclosure@lists.netsys.com>
    Date: Mon, 10 Nov 2003 15:56:56 -0800
    
    

    On Monday 10 November 2003 09:55, bugzilla@redhat.com wrote:
    > ---------------------------------------------------------------------
    > Red Hat Security Advisory
    >
    > Synopsis: Updated Ethereal packages fix security issues
    > Advisory ID: RHSA-2003:323-01
    > Issue date: 2003-11-10
    > Updated on: 2003-11-10
    > Product: Red Hat Linux
    > Keywords: ethereal SOCKS buffer overflow
    > Cross references:
    > Obsoletes: RHSA-2003:203
    > CVE Names: CAN-2003-0925 CAN-2003-0926 CAN-2003-0927

    <snip>

    Hmmm... two copies of this floated across the list.

    One of them was listed as "GOOD, BUT UNTRUSTED" by my GPG setup, however the
    other was listed as "THIS SIGNATURE IS BAD". Anyone else get this this? Is
    this normal? I don't usually see red -- bad signatures -- on the warnings.

    -- 
    Charles E. Hill
    Technical Director
    Herber-Hill LLC
    http://www.herber-hill.com/
    _______________________________________________
    Full-Disclosure - We believe in it.
    Charter: http://lists.netsys.com/full-disclosure-charter.html
    

  • Next message: Frank Knobbe: "Re: [Full-Disclosure] IIS 5.0 random/fixed TCP/UDP ports"