, SecurityFocus 2006-08-22
UPDATE: Microsoft continued to work on Tuesday to create a fix for an exploitable flaw introduced by the company's latest security update to Internet Explorer.
Expand all |
Post comment
Microsoft patch opens users to attack
2006-08-23
TJ (1 replies)
TJ (1 replies)
Re: Microsoft patch opens users to attack
2006-08-24
Matthew Murphy (2 replies)
Matthew Murphy (2 replies)
>Linux update becomes terminal pain
>http://www.securityfocus.com/news/11409
Whoa there big boy. This is an "Ubuntu" problem, not a "Linux" problem. As often happens in the press, the word "Linux" was used interchangably with [insert vendor here]'s distro or software product which happens to run in conjunction with the kernel, which is what linux is. Linux =! Ubuntu's distro.
First:
Linux is the kernel, not the packaging-distro-patch process of one vendor. This didn't affect redhat, SuSE, slackware, or any other distro. The "Ubuntu patch process" is what foo-bar'd up the user's computers not "the linux patch process".
Second:
This is not a bug in the application the user runs which can lead to a comprimised system. It's not a vulnerability, and user's systems can't be comprimised by it. In all likelihood, the Ubuntu people committed the classic mistake of upgrading the kernel and recompiling it, then pushing this out without the recompiled video drivers for some peeps. You need to recompile the video driver against the new kernel after updating the kernel, or the video driver can't initialize leading to a shell prompt.
In conclusion:
This, my friend, is not a linux problem, it's an Ubuntu packaging guys and/or Ubuntu patch delivery problem.
Calling this Ubuntu patch problem a "Linux problem" is exactly like calling the "dented metal case problem", or "blown out PSU problem" on your Dell PC, an "Intel" problem.
Call a duck a duck, m'kay 8)
-Viz
[ reply ]
Link to this comment: http://www.securityfocus.com/comments/articles/11408/34035#34035