Hello All, thanks for this insight. To make a short summary, the ftp vulnerability is in the kernel code of iptables, not in the admin utilities which are in the package. Then only the statement in the mail I quoted was misleading. I suspected this, but wanted to have clarification. Thanks -----Ursprüngliche Nachricht----- Von: Roman Drahtmueller [mailto:draht@suse.de] Gesendet am: Dienstag, 6. November 2001 11:34 An: Bitzer,Gerd; alex@kel-tek.com Cc: suse-security@suse.de; Marc Heuse Betreff: Re: [suse-security] iptables in Suse 7.1
Also your'e using the old iptables wich has ftp vulnerabilty in it. Donload an update from SuSE to iptables-1.2.1a-37 or download and compile the latest from netfilter.samba.org
This statement leads me to a question. I'm using 7.1, which shipped with an old iptables-1.1.2. Suse never released an updated RPM for this old iptable release for 7.1
Does the iptables-1.1.2 from 7.1 have this ftp vulnerabilty or not ? Can I use the iptables-1.2.1a-53 from 7.2 with 7.1 ?
If the iptables-1.1.2 from 7.1 has this ftp vulnerabilty, why wasn't there ever an update of this package released ?
Having a look at netfilter.samba.org I see that meanwhile iptables 1.2.4 is released, and a lot of bugs have been fixed even since 1.2.1a, but no updates are issued in the update tree on ftp.suse.com.
Now I'm a little bit worried. Can I leave all untouched, can I use the 1.2.1a from 7.2 or do I have to build my own package ? Who can shed some light over this questions ?
TIA
Please see http://lists2.suse.com/archive/suse-security/2001-Sep/0504.html
Thanks,
Roman.
--
- -
| Roman Drahtmüller