vulnerability ?

Jeff Vian jvian10 at charter.net
Tue Oct 3 21:30:06 UTC 2006


On Tue, 2006-10-03 at 10:57 -0700, norm wrote:
> On Tue, 03 Oct 2006 08:40:49 -0500
> Jeff Vian <jvian10 at charter.net> wrote:
> 
> > On Mon, 2006-10-02 at 19:58 -0700, norm wrote:
> > > On Tue, 03 Oct 2006 10:11:24 +0800
> > > Ed Greshko <Ed.Greshko at greshko.com> wrote:
> > > 
> > > > norm wrote:
> > > > > I recently ran a security scan on my system and the result in
> > > > > part was The remote host is missing the patch for the advisory
> > > > > FEDORA-2006-172 (xorg-x11-server).  It advises me to update my
> > > > > system using the latest from Fedora. To the best of my
> > > > > knowledge I am running a fully patched system with
> > > > > 2.6.17-1.2187_FC5. This is a vulnerability that I understand to
> > > > > have been around for a while and I assume in the intervening 6
> > > > > months or so it has been patched.  Does anyone know if this
> > > > > vulnerability is a false positive?
> > > > 
> > > > Is your xorg-x11-server-Xorg 1.0.1-9.fc5.5?
> > > > 
> > > Ed 
> > > How do I find out if it is?  From what I can figure out it is not,
> > > but that is only a guess.
> > > 
> > If you have been doing the routine yum updates then it 'should' be up
> > to date.
> > 
> > To check it run "rpm -qa xorg-x11-serv\* "  and it will tell you what
> > versions all the x11 servers are.  Mine are
> >         $ rpm -qa xorg-x11-serv\*
> >         xorg-x11-server-Xorg-1.0.1-9.fc5.5
> >         xorg-x11-server-utils-1.0.1-1.2
> >         xorg-x11-server-Xvfb-1.0.1-9.fc5.5
> >         xorg-x11-server-sdk-1.0.1-9.fc5.5
> >         xorg-x11-server-Xnest-1.0.1-9.fc5.5
> >         
> > 
> I catch is I have been yum updates are run regularly.  It is because
> yum runs regularly that I am surprised it is not uptodate.  Other
> applications etc are updated regularly by the same process and I assume
> are uptodate.
> # rpm -qa xorg-x11-serv\*
> xorg-x11-server-utils-1.0.1-1.2
> xorg-x11-server-Xorg-1.0.1-9.fc5.5
> 
Both those are up to date.




More information about the users mailing list