Am Di, den 02.12.2003 schrieb fedora um 03:18: > last week there was a BIND vulnerability fix. I figured the fixes for RH > should at least have been released already but they are not. Nor have I > found mention in Fedoras lists. For now Ive compiled from sources until > fixed rpms are available. > > Earlier today debian released updated kernel fixes that fix a user-space > vulnerability in the kernel. Whats wierd is this was already noted and > fixed in the 2.4.23 kernel (found in september). The current kernel does > not appear to have this patch that addresses the do_brk() function in > mmpap.c (although theres arguments on some lists as to whether the > 2.4.18-mmap-sem-debug.patch addressed this in the past). > > Ive already unsubscribed from the RH lists and moved to this one but I > know some RH people help out alot here. > > Is there any information on when these patches will be coming out? > > Also, since the kernel security issue was fixed in the 2.4.23 kernel in > september was there a reason for it not being already backported already? > > Thanks, > > Greg https://rhn.redhat.com/errata/RHSA-2003-392.html Alexander -- Alexander Dalloz | Enger, Germany PGP key valid: made 13.07.1999 PGP fingerprint: 2307 88FD 2D41 038E 7416 14CD E197 6E88 ED69 5653
Attachment:
signature.asc
Description: Dies ist ein digital signierter Nachrichtenteil
