[olug] hint: debian apt, upgrade mixed software
Brian Wiese
bwiese at cotse.com
Tue Jun 25 06:21:11 UTC 2002
First off Chris, thanks for all the info!
On Sun, 23 Jun 2002 22:12:46 -0500
Christopher Cashell <topher at zyp.org> wrote:
...
|> So, I finally found the APT-Howto:
|> http://www.debian.org/doc/manuals/apt-howto/index.en.html#contents
|
|This is a very useful document. For a more brief little introduction,
|here's a short note I posted a while back on the topic:
|
|http://www.livejournal.com/talkread.bml?journal=debian&itemid=40672&thread=211936#t211936
|
|One of the reasons I mention it is because it touches on Pinning, which
|is something you can do to make it a lot easier to mix packages from
|different releases. It also makes it possible to, for example, install
|a machine with Debian stable, then upgrade it to unstable, and if you
|decide you'd then rather go with something not quite so cutting edge,
|you can actually use Pinning to downgrade your entire system to testing!
So you have worked with the /etc/apt/preferences file? I tried doing
that, but it didn't seem to work. I'd like to have some software (like
apache, nmap, maybe a few others... always running unstable, while the
rest of my sys is in testing)
|Yes, this is really good advice. Even though most of the advisories
|I've read currently limit the impact of the Linux/Apache exploit to a
|DOS (on most platforms), everyone needs to do this ASAP. ;-)
Uhm.. perhaps you haven't read the headlines lately:
Good overviews
Threat Becomes Vulnerability Becomes Exploit
http://linuxsecurity.com/feature_stories/feature_story-113.html
Tool makes it easy to hack vulnerable Apache servers under OpenBSD
http://online.securityfocus.com/news/493
exploit for net/free bsd
http://packetstorm.linuxsecurity.com/0206-exploits/apache-nosejob.c
exploit for openbsd =(
http://packetstorm.linuxsecurity.com/0206-exploits/apache-scalp.c
note, read the comments on these exploits!! funny!
and so yeah, a Linux exploit is on the way shortly I imagine.
hear about the latest Openssh vulnerability..?
Brian Wiese | bwiese at cotse.com | aim: unolinuxguru
------------------------------------------------------
GnuPG/PGP key 0x1E820A73 | "FREEDOM!" - Braveheart
-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_
For help contact olug-help at olug.org - run by ezmlm
to unsubscribe, send mail to olug-unsubscribe at olug.org
or `mail olug-unsubscribe at olug.org < /dev/null`
(c)1998-2002 OLUG http://www.olug.org
-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_
More information about the OLUG
mailing list