So, should these be left exclusivly on the plug-security
list or should vulnerabilities be sent to the plug-discuss list?

Below is a summary  from yet another mailing list I subscribe to.
===================================================================
ALL ABOUT SSH - PART I/II
http://securityportal.com/direct.cgi?/research/ssh-part1.html
------------------------------------------------------------------
WEEKLY LINUX SECURITY ROUNDUP 
http://securityportal.com/direct.cgi?/topnews/weekly/linux20000214.html
------------------------------------------------------------------
CALDERA SYSTEMS SECURITY ADVISORY: MYSQL PASSWORD HANDLING
http://linuxtoday.com/story.php3?sn=16687
------------------------------------------------------------------
CALDERA SYSTEMS SECURITY ADVISORY: BUFFER OVERFLOW IN MOUNT/UMOUN
http://linuxtoday.com/story.php3?sn=16689
------------------------------------------------------------------

JLF Sends...

Jean Francois
President & CEO MagusNet, Inc.
MagusNet.com
CTO EBIZ Enterprises, Inc.
TheLinuxStore.com,TheLinuxLab.com,LinuxWired.net