rfarris@rfengr.com (Rick Farris) (04/02/91)
In article <UTKPKWH@dobag.in-berlin.de> lumpi@dobag.in-berlin.de (Joern Lubkoll) writes: > and i think, my time with isc unix is over, anybody who > wants to buy an whole interactive - system (with hardware, > software and so on - i'll get a sun...) ? You know, we piss and moan about the security bugs in ISC, but the month doesn't go by that I don't get an "URGENT SECURITY VIOLATION IN PROGRESS" message from CERT/CC about SUNs. Speaking of which, how come the ISC bug never showed up there? -- Rick Farris RF Engineering POB M Del Mar, CA 92014 voice (619) 259-6793 rfarris@rfengr.com ...!ucsd!serene!rfarris serenity bbs 259-7757
debra@wsinis03.info.win.tue.nl (Paul De Bra) (04/03/91)
In article <1991Apr02.041525.14582@rfengr.com> rfarris@rfengr.com (Rick Farris) writes: >You know, we piss and moan about the security bugs in ISC, >but the month doesn't go by that I don't get an "URGENT >SECURITY VIOLATION IN PROGRESS" message from CERT/CC about >SUNs. > >Speaking of which, how come the ISC bug never showed up >there? Cert only posts announcements of this nature after the vendor has developed a fix and distributed it to its major distributors and customers. The purpose of Cert announcements is to help sysadmins protect their systems agains hackers, not to help hackers break in to systems. Paul. (debra@win.tue.nl)
marzusch@odiehh.hanse.de (Ralph-Diether Marzusch) (04/04/91)
lumpi@dobag.in-berlin.de (Joern Lubkoll) writes: >(Joern is complaining that he hasn't received the bug fix yet) Well, my dealer (CMS in Hamburg) sent me a bug fix for the "toete" bug about 2 weeks ago (at least for the runtime system, there seems to be a special fix for the software development system as well). At least "toete" dumps core (as it is supposed to do). Bye for now - Ralph-Diether -- .--------------------------------------------------------------------. | Ralph-Diether Marzusch, Rehwinkel 2, D-2070 Grosshansdorf, Germany | | E-mail: marzusch@odiehh.hanse.de Voice: +49 4102 64193 | `--------------------------------------------------------------------'
richard@pegasus.com (Richard Foulk) (04/04/91)
>> and i think, my time with isc unix is over, anybody who >> wants to buy an whole interactive - system (with hardware, >> software and so on - i'll get a sun...) ? > >You know, we piss and moan about the security bugs in ISC, >but the month doesn't go by that I don't get an "URGENT >SECURITY VIOLATION IN PROGRESS" message from CERT/CC about >SUNs. Well gosh. Maybe because Suns are way more popular on the Internet. It's only very recently that you could even get an ISC based machine's networking toys to work for more than five minutes at a time. >Speaking of which, how come the ISC bug never showed up >there? I wonder why. "ISC who?" -- Richard Foulk richard@pegasus.com
lumpi@dobag.in-berlin.de (Joern Lubkoll) (04/06/91)
marzusch@odiehh.hanse.de (Ralph-Diether Marzusch) writes: >lumpi@dobag.in-berlin.de (Joern Lubkoll) writes: >>(Joern is complaining that he hasn't received the bug fix yet) >Well, my dealer (CMS in Hamburg) sent me a bug fix for the "toete" bug >about 2 weeks ago (at least for the runtime system, there seems to be >a special fix for the software development system as well). At least >"toete" dumps core (as it is supposed to do). I think they won't send me anything anymore... Because a lot of my friends already got fixes and letters with other update-disks and so on - only the poor lumpi@dobag.in-berlin.de receives nothing ! Are they angry about me ???????????????? I will remember this for sure ! jl -- lumpi@dobag.in-berlin.de | Why drink & drive when you can lumpi@dobag.north.de ! smoke and fly ????? ! And if you smoke try the Columbian. ! [Seen on a Springbreak-Shirt in Key West]