* Solar Designer <solarat_private> [011023 09:29]: > least one PAM'ified version of su(1) is suitable for the attack: the > one that is included in the shadow suite and used on Debian. I also On debian unstable/testing, the 'shadow-login' package does not exist, and only the 'login' package exists. AFAIK, this only has the PAM-based su in it. On Progeny's newton release, this is also true. On debian potato, it appears that the su there is also from pam. Could you please cite the version of Debian next time? Your the second person this month I've had to remind of this. Hence, I believe the statment is refrencing a older version of stable, users of 'stale' stable distributions should be advised that security updates aren't given for anything but the 'current' stable version, and that they should upgrade to potato. -- Scott Dier <diemanat_private> <sdierat_private> http://www.ringworld.org/ #linuxosat_private Just say NO to Product Activation!
This archive was generated by hypermail 2b30 : Tue Oct 23 2001 - 14:24:42 PDT