Whilst I am here could someone tell me of a good security list that I can subscribe to that will give advice on the major holes that come up from time to time.

For example upgrading bind 8.2 to 8.3. I am not interested in security problems with fortran compiliers just the mission critical stuff for admins running virtual servers.

A few helpful suggestion would be useful especially if the lists grade the holes as well.

Go to www.securityfocus.com (http://www.securityfocus.com) and join BugTraq. It's the best security mailing list around.

Check out LinuxSecurity.org, http://www.linuxsecurity.org/

I subscribe to several securityfocus.com lists and a few newsletters from securityportal.com as well.

The Security-Basics list at securityfocus has a lot of traffic -- expect your inbox to fill up rapidly -- but there's a wealth of information and they're generally good about not flaming newbies (as long as they do a little homework first!)