--> Quote from the last (sendmail) security announcement:
2) Pending vulnerabilities in SuSE Distributions and Workarounds:
- glibc SuSE Security is working on glibc updates for the RPC XDR integer overflow security problem in glibc. The central function of the glibc package in a Linux system requires extensive testing of the update packages. The update packages will be provided for download at the usual location and publically announced as soon as the testing is completed successfully.
So, yes, SuSE is vulnerable and the SuSE people are working on the solution !
Yes, top of the queue is glibc and openssl. The kernel oddities that have been reported here (and elsewhere) keep me busy as well.
Thanks SuSE !
Later, Roman. -- - - | Roman Drahtmüller <draht@suse.de> // "You don't need eyes to see, | SuSE Linux AG - Security Phone: // you need vision!" | Nürnberg, Germany +49-911-740530 // Maxi Jazz, Faithless | - -