On Tue, Dec 02, 2003 at 03:22:27PM -0500, Henry Hartley wrote: > > I have a RH9 machine that hasn't been upgraded to FC1 yet as well as three > FC1 machines. I just got an Errata Alert from Red Hat about a 2.4 kernal > fix for a privilege escalation security vulnerability (RHSA-2003:392-05 / > CAN-2003-0961). Does this apply to the 2.4.22 kernel in FC1 and if so, is > there a fix for this in the Fedora repositories? I haven't seen anything in > fedora-announce. Or do I just need to be a bit more patient? 2.4.22-1.2115.nptl kernel in FC1 is not vulnerable to this issue. See linux-2.4.18-smallpatches.patch patch in kernel-2.4.22-1.2115.nptl.src.rpm (mm/mmap.c change). Jakub
