Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Sat, 19 Apr 2014 11:54:43 +0200
From: rf@...eap.de
To: oss-security@...ts.openwall.com
Subject: Re: Request for linux-distros list membership

>>>>> "Kurt" == Kurt Seifried <kseifried@...hat.com> writes:

    Kurt> Well one comment/question on your advisories:

    Kurt> https://qlustar.com/news/qsa-0131142-security-bundle

    Kurt> Package(s)       : see upstream description of individual package
    Kurt> Affected versions: All versions prior to this update
    Kurt> Vulnerability    : see upstream description of individual package
    Kurt> Problem type     : see upstream description of individual package
    Kurt> Qlustar-specific : no
    Kurt> CVE Id(s)        : see upstream description of individual package

    Kurt> Except you don't give any version #'s, nor do you give any CVE
    Kurt> id's, how is anyone supposed to figure out what got fixed?

Quote from the end of the advisory:
--------------------------------
Update instructions:
The problem can be corrected by updating your system to the following
Qlustar package versions in addition to the package versions mentioned
in the upstream reports (follow the Qlustar Update Guide): 
qlustar-module-core-precise-amd64-8.1.0    8.1.0.7-b431f855
--------------------------------

In addition, all upstream reports (including CVEs) are linked in our
advisory (click on the title).

Roland

-------
http://www.q-leap.com / http://qlustar.com

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ