[svlug] rpm tips: full version including epoch, CVEs fixed via backport
dan.mashal at gmail.com
Wed Nov 28 22:05:43 PST 2012
Every CVE is an "emergency". Every security issue "critical". Everything
MUST be encrypted. 3 times.
Biggest scam artists in the industry in the last few years.
On Wed, Nov 28, 2012 at 4:54 PM, Aaron Porter <atporter at gmail.com> wrote:
> On Wed, Nov 28, 2012 at 4:23 PM, Rick Moen <rick at linuxmafia.com> wrote:
> > Some of you may have the good fortune of needing to satisfy auditors who
> > do what they laughingly call 'penetration tests' of the servers, in
> > which they check reported version strings of your network daemons and
> > then require you to prove that you're not vulnerable (and typically hit
> > you with a basically insane demand that you upgrade to something dumb --
> > because they've never heard of backported patches).
> My favorite...
> Auditor: What RPMs are installed on the system?
> Admin: Well, we run Debian so technically none but...
> Auditor: Wow! that's easy. No RPMs installed <checks box>
> Admin: But!
> Auditor: Next question...
> svlug mailing list
> svlug at lists.svlug.org
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the svlug