Re: bind update and kernel update?
fedora (fedora(a)packetstorm.org) said:
last week there was a BIND vulnerability fix.
For BIND 8, yes. Fedora Core ships with BIND 9. Unless you're
talking about a different fix from last week.
Earlier today debian released updated kernel fixes that fix a
user-space
vulnerability in the kernel. Whats wierd is this was already noted and
fixed in the 2.4.23 kernel (found in september). The current kernel does
not appear to have this patch that addresses the do_brk() function in
mmpap.c (although theres arguments on some lists as to whether the
2.4.18-mmap-sem-debug.patch addressed this in the past).
The Fedora Core 1 kernel is not vulnerable to this issue, AFAIK.
Bill