A serious security bug... caused by no bounds checking.
Nick Sabalausky
SeeWebsiteToContactMe at semitwist.com
Mon Apr 7 21:43:15 PDT 2014
On 4/8/2014 12:15 AM, H. S. Teoh wrote:
>
> I learned the hard way to always keep on top of the security upgrades. A
> year or two ago, I put off a pending upgrade for a week, and the day
> before I finally got around to it, my server was hacked via the same
> vulnerability that the upgrade would've fixed. They got root, so I had
> to nuke the system from orbit after backing up my data, and rebuild the
> server from scratch. :-( Ever since then, I've set up the system to
> notify me as soon as an update is available, and now I dare not delay to
> install it ASAP.
>
Yea, that's a good idea.
Is that Arch? How does your querying for security updates work? Just
querying for updates on security-related packages, or somehow filtering
on whether a package's update is security-realted...or just a general
"grab every update for everything"?
More information about the Digitalmars-d
mailing list