Omer Zak wrote: >As I volunteered to maintain the TODO list and saw no competing TODO lists >so far, I am attaching to this message the TODO list (in HTML format), as >summarized from recent E-mail messages to the iglu-web mailing list. > >Please let me know of any inaccuracies, missing items or superfluous >items. > > --- Omer > > The most up-to-date version of this document is available as TBD. > Last updated: 2001 Dec 29 by Omer Zak <mailto:[EMAIL PROTECTED]> . > > * Upgrade all sensitive services to non-vulnerable versions. In > particular: > * SSH and SSL upgrade - performed by Shlomi Fish and Shachar > Shemesh. Leftover items: > * Remove openssl RPM after making sure it is not > needed anymore. > All done. Updated stunnel too (there was a format string vulnerability, even though our deployment of it was probably not vulnerable).
> * > * > * > * login > * proftpd > * glibc > * kernel 2.2.20 with OpenWall's non-executable stack patch, > and pay attention to /procfs permissions (let everyone > have read access to /procfs). > > From RedHat's errata? Also, be careful not to wipe out the > RAID partition. > I am going to need help understanding the reasons the RAID was wiped the last time, so that I can try and avoid it a second time. > * > * > > * Apache from RedHat's errata > * Zope > * MySQL (?) > * openssh (?) > Done, as stated above. > * > * > * FAQ-O-Matic > ---------------------------------------------------------------------------- To unsubscribe, send a message to [EMAIL PROTECTED] Archives available at http://www.mail-archive.com/[email protected]/
