Fake Emails about Emergency Security Update

James Harrison jamesaharrisonuk at yahoo.co.uk
Tue Oct 26 17:14:58 UTC 2004


If you dont use the Redhat site and/or Redhat recommended mirrors to update
your machine then there is a risk.

Could up2date or yum check against a list of recommended sites stored at
Redhat (downloaded when they are run each time) and a warning message appears
if the update site URL is not a recommended one?

James

--- Kyrre Ness Sjobak <kyrre at solution-forge.net> wrote:

> man, 25.10.2004 kl. 20.11 skrev William Hooper:
> > On Mon, 25 Oct 2004 19:07:04 +0200, Kyrre Ness Sjobak
> > <kyrre at solution-forge.net> wrote:
> > > man, 25.10.2004 kl. 00.36 skrev Ben Steeves:
> > > > On Mon, 25 Oct 2004 00:35:17 +0200, Sindre Pedersen Bjordal
> > > > <foolish at fedoraforum.org> wrote:
> > > > > http://www.fedoraforum.org/forum/showthread.php?p=119734#post119734
> > [snip]
> > > 
> > > Just shows how important it is to have signed packages...
> > 
> > If you are following random e-mails and installing packages outside of
> > the normal yum/up2date channels, signed packaged don't do a bit of
> > good.
> > 
> > Come on, the frauds could have just as easily put instructions to
> > install a GPG key as the first step and people that fall for it would
> > be none the wiser.
> 
> you are right. just put it in the script.
> 
> These frauds are damn impossible to protect against...
> 
> -- 
> fedora-devel-list mailing list
> fedora-devel-list at redhat.com
> http://www.redhat.com/mailman/listinfo/fedora-devel-list
> 


__________________________________________________
Do You Yahoo!?
Tired of spam?  Yahoo! Mail has the best spam protection around 
http://mail.yahoo.com 




More information about the devel mailing list