Am Di, den 02.12.2003 schrieb fedora um 03:18:
last week there was a BIND vulnerability fix. I figured the fixes for
RH
should at least have been released already but they are not. Nor have I
found mention in Fedoras lists. For now Ive compiled from sources until
fixed rpms are available.
Earlier today debian released updated kernel fixes that fix a user-space
vulnerability in the kernel. Whats wierd is this was already noted and
fixed in the 2.4.23 kernel (found in september). The current kernel does
not appear to have this patch that addresses the do_brk() function in
mmpap.c (although theres arguments on some lists as to whether the
2.4.18-mmap-sem-debug.patch addressed this in the past).
Ive already unsubscribed from the RH lists and moved to this one but I
know some RH people help out alot here.
Is there any information on when these patches will be coming out?
Also, since the kernel security issue was fixed in the 2.4.23 kernel in
september was there a reason for it not being already backported already?
Thanks,
Greg
https://rhn.redhat.com/errata/RHSA-2003-392.html
Alexander
--
Alexander Dalloz | Enger, Germany
PGP key valid: made 13.07.1999
PGP fingerprint: 2307 88FD 2D41 038E 7416 14CD E197 6E88 ED69 5653