<snip>
I know you are on a tight schedule right now, but a remote root compromise is the highest sort of threat and should be fixed asap.
Agreed, and Thomas answered this when I asked. He already said they are working on it. There will be information in the next Security Notice in section 2.
Perhaps they should get more help from inside SuSE? It doesn't take a security expert to copy the info that Thomas has given in this thread and make an official response.
Anyway lets let Thomas have the time to get his updates done, they're busy and pestering him here won't be helping. I just hope he gets done, before there's an circulation with script kiddies.
Just to prevent misunderstandings: Of course we will publish a fix. That's what we are here for (and what people have confidence in). It's just about the version upgrades that we fear. That will probably not happen. Stay tuned.
Rob
Thanks,
Roman.
--
- -
| Roman Drahtmüller