From Bugzilla Helper: User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:0.9.2.1) Gecko/20010901 Description of problem: My server (www.sjsocial.org) was hacked by someone who I am pretty sure entred via wu-ftpd. I don't know how. I had the recommended version installed. Version-Release number of selected component (if applicable): How reproducible: Didn't try Additional info: I can't really offer much more information. When I discovered the hack I had to reinsure the machine's integrity since the hacker changed basic binaries like 'ls' and created many entried in '/dev' so I have reformatted the disc in order not to be off the air too long. The source machine for the hack was in Germany, its ip started with: 141.35.
Please update to 2.6.1-20.
Unfortunately, the update provided on the errata pages, to close security holes is version 2.6.1-16 implying that it is secure when obviously it isn't. The errata pages should be updated to version 2.6.1-20, shouldn't they?