Greetings, Recent Bugtraq posts have exposed security holes with a couple packages distributed with SCO's Skunkware CD. These packages are: majordomo (wrapper, resend) orion (pis, mkpis) These issues are security holes in the distributed versions of these packages, and are not SCO security holes. Furthermore, on a system with all of the security patches installed, the distributed exploit for components of orion (pis, mkpis) will not even work. Still, we do recognize that these issues come up from time to time in open licensed software that we do not control or maintain. This is precisely the reason for the Skunkware disclaimer. To quote the Skunkware disclaimer: Remember, Skunkware is freely distributed and unsupported software. No warranty is made on any of the Skunkware components. Support and assistance with this software is not provided by SCO. Updated versions will appear on the SCO skunkware site (http://www.sco.com/skunkware) as they come available and as they get built for SCO platforms. -- Aaron Sigel, Secure Technologies Group, SCO - aaronsat_private
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 15:28:01 PDT