On Thu, Feb 22, 2001, [EMAIL PROTECTED] wrote:
I've sent yesterday an e-mail to [EMAIL PROTECTED] but got
no reply up to now. So I'll try it here.
> Vulnerable Packages: All versions previous to 8.11.2-5
> Date: 02/21/2001 5:00 PDT
> TurboLinux Advisory ID#: TLSA2001003-1
> 2. Impact
>
> A user can gain root privileges.
Does TurboLinux have any proof for this claim or is it just a guess?
If the former: why has [EMAIL PROTECTED] not been contacted?
If the latter: why isn't this explicitly stated here?
BTW: Another advisory (TLSA2000013-1) from TurboLinux also made a
wrong claim about sendmail. It would be nice to be more careful.
PS: The segfault problem has been fixed in 8.11.2 as the RELEASES_NOTES
clearly say.
PGP signature
