Re: CAN-2005-0001, CAN-2004-1235, CAN-2004-1137, CAN-2004-1016, Georgi Guninski security advisory #72, 2004, grsecurity 2.1.0 release
Jan Lühr a écrit :
Do you recommend to use kernel-source-2.4.27 from sid (sarge) instead of
2.4.18 from woody?
On a production server, I would run 2.4, not 2.6. And as Debian security
support seems better now for the 2.4.27 kernel, I would choose it.
It include fixes backported from kernel.org 2.4.28, even 2.4.29-rc1
Ex CAN-2004-1235 (uselib) is fixed since 2.4.29-rc1 at kernel.org
and will be fixed soon by upcoming (Debian) kernel-source-2.4.27-8
(and kernel-image-2.4.27-xyz build from it)
Or you can pick any kernel you want from kernel.org and build one
yourself, either the traditional (make config; make dep...)
or the Debian way (make config; make-kpkg -- via kernel-package).
With the latter (debian), you obtain a debian package for your
custom kernel. But that mean you become the local kernel/security
maintainer. You can avoid this burden by simply using
Debian kernel packages released by the kernel and security teams.
Is all information available
For my basic needs on this, I often use Google and the 2 links belows
For infos about fixes in "Debian" 2.4.27 kernels, read changelogs in
kernel-source-2.4.27 package, by example -- by ex near end of
http://packages.debian.org/unstable/devel/kernel-source-2.4.27
For infos about fixes in "kernel.org" 2.4 kernels, read changelogs
and changesets on the kernel.org homepage
Christophe
Reply to:
- References:
- CAN-2005-0001, CAN-2004-1235, CAN-2004-1137, CAN-2004-1016, Georgi Guninski security advisory #72, 2004, grsecurity 2.1.0 release
- From: Jan Lühr <jluehr@gmx.net>
- Re: CAN-2005-0001, CAN-2004-1235, CAN-2004-1137, CAN-2004-1016, Georgi Guninski security advisory #72, 2004, grsecurity 2.1.0 release
- From: Joey Hess <joeyh@debian.org>
- Re: CAN-2005-0001, CAN-2004-1235, CAN-2004-1137, CAN-2004-1016, Georgi Guninski security advisory #72, 2004, grsecurity 2.1.0 release
- From: Jan Lühr <jluehr@gmx.net>
- Prev by Date:
Re: CAN-2005-0001, CAN-2004-1235, CAN-2004-1137, CAN-2004-1016, Georgi Guninski security advisory #72, 2004, grsecurity 2.1.0 release
- Next by Date:
Re: CAN-2005-0001, CAN-2004-1235, CAN-2004-1137, CAN-2004-1016, Georgi Guninski security advisory #72, 2004, grsecurity 2.1.0 release
- Previous by thread:
Re: CAN-2005-0001, CAN-2004-1235, CAN-2004-1137, CAN-2004-1016, Georgi Guninski security advisory #72, 2004, grsecurity 2.1.0 release
- Next by thread:
Re: CAN-2005-0001, CAN-2004-1235, CAN-2004-1137, CAN-2004-1016, Georgi Guninski security advisory #72, 2004, grsecurity 2.1.0 release
- Index(es):