Re: Kernel insicuri

To: debian-italian@lists.debian.org
Subject: Re: Kernel insicuri
From: Maxx <kirov06u@gmail.com.invalid>
Date: Tue, 18 Jul 2006 08:21:00 +0300
Message-id: <[🔎] e9hr3s$h9f$1@nyytiset.pp.htv.fi>
Reply-to: kirov06u@gmail.com
References: <[🔎] 1153142654.7653.6.camel@debsim2.localnet> <[🔎] 44BB9295.6090509@email.it> <[🔎] 1153163305.7545.2.camel@debsim2.localnet> <[🔎] 44BBFF0E.4000306@email.it>

On Mon, 17 Jul 2006 23:30:14 +0200 Giovanni Cataldi wrote:

> Stefano Simonucci ha scritto:
>> uname -a mi fornisce
>> Linux debsim2 2.6.16 #2 SMP Sat Jun 17 23:41:44 CEST 2006 x86_64
>> GNU/Linux
>>
>> Non vedo alcuna versione del tipo 2.6.16.x
>>
>> Stefano 
> 
> a me da questo risultato:
> 
>> ~$ uname -a
>> Linux laptop 2.6.17-1-486 #1 Thu Jul 13 14:04:16 UTC 2006 i686 GNU/Linux

Un momento: il numero 1 dopo il trattino dovrebbe essere il numero della
build debian, o sbaglio?

Guardando questo frammento di changelog da
/usr/share/doc/linux-source-2.6.16/changelog.Debian.gz

>>>
linux-2.6.16 (2.6.16-15) unstable; urgency=low

  [ maximilian attems ]
  * Add stable release 2.6.16.18:
    - NETFILTER: SNMP NAT: fix memory corruption (CVE-2006-2444)
  * Add stable release 2.6.16.19:
    - NETFILTER: Fix small information leak in SO_ORIGINAL_DST (CVE-2006-1343)
  * Add stable release 2.6.16.20:
    - x86_64: Don't do syscall exit tracing twice
    - Altix: correct ioc4 port order
    - Input: psmouse - fix new device detection logic
    - PowerMac: force only suspend-to-disk to be valid
    - the latest consensus libata resume fix
    - Altix: correct ioc3 port order
    - Cpuset: might sleep checking zones allowed fix
    - ohci1394, sbp2: fix "scsi_add_device failed" with PL-3507 based devices
    - sbp2: backport read_capacity workaround for iPod
    - sbp2: fix check of return value of hpsb_allocate_and_register_addrspace
    - x86_64: x86_64 add crashdump trigger points
    - ipw2200: Filter unsupported channels out in ad-hoc mode
  * Add stable release 2.6.16.21:
    - check_process_timers: fix possible lockup
    - run_posix_cpu_timers: remove a bogus BUG_ON() (CVE-2006-2445)
    - xt_sctp: fix endless loop caused by 0 chunk length (CVE-2006-3085)
    - powerpc: Fix machine check problem on 32-bit kernels (CVE-2006-2448)
<<<

mi pare di capire che Debian rilascia sempre dei kernel x.y.z (con
pacchetti marcati x.y.z-b, dove b=build) che incorporano le modifiche
introdotte nei kernel 'lisci' x.y.z.w.
Ovvero, alla fine della fiera, su Debian non si dovrebbero vedere mai
kernel tipo 2.6.16.21, a meno che non si usi sorgenti che vengono dritti
dritti da kernel.org.

Ci sono Debian kernel developer in giro che possono confermare (o
smentire) ?

Ciao
-- 
Maxx

Reply to:

References:
- Kernel insicuri
  - From: Stefano Simonucci <stefano.simonucci@tin.it>
- Re: Kernel insicuri
  - From: Giovanni Cataldi <g.cataldi@email.it>
- Re: Kernel insicuri
  - From: Stefano Simonucci <stefano.simonucci@tin.it>
- Re: Kernel insicuri
  - From: Giovanni Cataldi <g.cataldi@email.it>

Prev by Date: Re: Kernel insicuri
Next by Date: Re: Help] distro x pentium II
Previous by thread: Re: Kernel insicuri
Next by thread: Re: Kernel insicuri
Index(es):
- Date
- Thread