Hi together, some people have reported that they get some older messages from this list again for the second time (mails from my address were among them). There is no way for me to tell how this happens because the mails aren't being delivered through our list engine. There is a chance that this phenomenon is connected to the mail (quoted below) that came through bugtraq on Tuesday, sent by an individual named Matthias Kaempf. It's a mail from Thomas Biege with headers cut off, hopelessly outdated because the original was sent a few months ago. My reply to it (forwarded without quotes below) on bugtraq hasn't been approved (yet) by Elias Levy, bugtraq's moderator - I've made some assumptions on the origin of the maverick mail. If you have received such a dupe and read this mail before 1200MET on Thursday (I'll have enough of them by then...), please forward it to me, including _all_ header lines. I hope this helps to pin down the culprit. Thanks, Roman. -- - - | Roman Drahtmüller <draht@suse.de> // "Caution: Cape does | SuSE GmbH - Security Phone: // not enable user to fly." | Nürnberg, Germany +49-911-740530 // (Batman Costume warning label) | - - ---------- Forwarded message ---------- From: Roman Drahtmueller <draht@suse.de> To: BUGTRAQ@securityfocus.com Date: Tue, 15 Aug 2000 20:00:49 +0200 (MEST) Subject: Re: [suse-security-announce] makewhatis bug This is indeed messy. Thomas' comment on makewhatis is some months old, and this mail is a result of either * poor scripting or * MTAs that still can't distinguish btw header and envelope. * error btw kbd and chair We've seen several mails like this on our contact address lately, but we didn't expect them to show up in a public forum. Aleph, it was sent after my reply. Thanks, Roman. -- - - | Roman Drahtmüller <draht@suse.de> // "Caution: Cape does | SuSE GmbH - Security Phone: // not enable user to fly." | Nürnberg, Germany +49-911-740530 // (Batman Costume warning label) | - - On Mon, 14 Aug 2000, Matthias Kaempf wrote:

From: Matthias Kaempf <Matthias.Kaempf@DREI-H.DE> To: BUGTRAQ@securityfocus.com Date: Mon, 14 Aug 2000 20:02:08 +0200 Subject: [suse-security-announce] makewhatis bug

Hi, a few days ago a /tmp race condition bug in the makewhatis program was posted on bugtraq. We are NOT vulnerable by this bug, because we use different code, which doesn't touch /tmp in a unsecure way.

Bye, Thomas -- Thomas Biege, SuSE GmbH, Schanzaeckerstr. 10, 90443 Nuernberg E@mail: thomas@suse.de Function: Security Support & Auditing "lynx -source http://www.suse.de/~thomas/thomas.pgp | pgp -fka" Key fingerprint = 09 48 F2 FD 81 F7 E7 98 6D C7 36 F1 96 6A 12 47

-- To unsubscribe, e-mail: suse-security-announce-unsubscribe@suse.com For additional commands, e-mail: suse-security-announce-help@suse.com