Mailinglist Archive: opensuse-security (375 mails)

< Previous Next >
RE: [suse-security] Linux/Slapper.worm
  • From: "Alan Rouse" <ARouse@xxxxxxxx>
  • Date: Wed, 18 Sep 2002 11:25:34 -0400
  • Message-id: <382BC0C28F397F4785E7414B8279F5271B537E@xxxxxxxxxxxxxxxxxxxxxxx>
Olaf Kirch wrote:
> Hm. Is it really that difficult? It's a reference to
> related announcements, and unless you have serious
> doubts about our mental health it is fair to assume
> we didn't put these references there just because
> we felt they were so decorative ... :)

I think we're talking about two different things.

I not only need to figure out what patch to apply. I also need to be
able to document that I applied the right patch for THIS problem, in a
way that can be clearly understood by my management and my customers.

When my customers see OpenSSL 0.9.5a, they will think I have left them
vulnerable to the slapper worm. I have to be able to show them that this
is not the case. To do so I need to be able to point them to an
advisory from SuSE. However, I don't have one that says what I need it
to say. I need it to say that this is not the same 0.9.5a as the
similarly named version from www.openssl.org. I need it to say that the
rpm from SuSE has been patched by SuSE so that it addresses the slapper
worm vulnerability.

Since the worm came out after the corresponding SuSE advisory, it would
be helpful to receive an advisory (referencing the earlier advisory)
pointing out clearly that thesse packages address the new worm.

IMO this is a problem with SuSE security advisories in general, not just
this case.

I know you guys are very smart, and are working very hard, and I
appreciate it! I'm just trying to help you understand a genuine need
that is not being addressed in the advisories. I'm not making this
up...



< Previous Next >
Follow Ups