Re: Backport of the integer overflow in the brk system call
On Wed, Dec 03, 2003 at 01:54:22PM +1100, Matthew Palmer wrote:
> > Nov 28 22:39 Linux 2.4.23 released
> > ^^^^^^^^^^^^^^^^^^^^^
>
> Bernd is correct, though - if the machines had been running 2.4.23, they
> wouldn't have been vulnerable. The fact that it was impossible to do so
> doesn't enter into the equation when you're working from blind assertions.
> <g>
Hehe, well I am sorry. I had the impression 2.4.23 was older. Should have checked my facts.
BTW: I do have checked the kernel version of the major distros, all ship
newer kernels than debian (if you look at the upstream version). However I do not know
how reliable dostrowatch is, for comparision.
Greetings
Bernd
--
(OO) -- Bernd_Eckenfels@Wendelinusstrasse39.76646Bruchsal.de --
( .. ) ecki@{inka.de,linux.de,debian.org} http://home.pages.de/~eckes/
o--o *plush* 2048/93600EFD eckes@irc +497257930613 BE5-RIPE
(O____O) When cryptography is outlawed, bayl bhgynjf jvyy unir cevinpl!
Reply to: