Debian Kernel security status?

To: debian-security@lists.debian.org
Subject: Debian Kernel security status?
From: Jan Luehr <listen@stephan.homeunix.net>
Date: Wed, 19 Apr 2006 16:50:27 +0200
Message-id: <[🔎] 200604191650.27807.listen@stephan.homeunix.net>

Hello,

looking at the recent vanilla changes, there seem to be a rather rapid 
development at the moment ;-) and I've to confess, that I lost the overview, 
what sec-holes do affect debian and which don't.

I was frightend recently, then I noticed that 2.4.27 was fixing somecve-2004 
stuff other a month ago as well as 2.6.

Just take a look at CVE-2004-1017. It was fixed in red hat in january 2005 and 
fixed in debian in march 2006.

Therefore I suspect, that the debian kernel do have some security flaws, fixed 
in mainline kernel months ago. Am I wrong here?

This takes me to a difficult point:
- I can run 2.4 on my servers, what is considered to be depracted for etch.
- I can use the debian kernels and risk being compromised.
- I can say goodbye to linux and use Debian/kBSD
- I can use my own vanilla builds, building a new kernel every day. (Looking 
at the amount of patches since april 12th.)

Anyway, what do you recommend? 
And is there any public status / shape information on the debian kernels?

Thanks in advance, 
Keep smiling
yanosz

Reply to:

Follow-Ups:
- Re: Debian Kernel security status?
  - From: Evgeni Golov <sargentd@die-welt.net>
- Re: Debian Kernel security status?
  - From: Michael Loftis <mloftis@modwest.com>
- Re: Debian Kernel security status?
  - From: dann frazier <dannf@dannf.org>
- Re: Debian Kernel security status?
  - From: Moritz Muehlenhoff <jmm@inutil.org>

Prev by Date: Re: Pam module for hylafax
Next by Date: Re: Debian Kernel security status?
Previous by thread: Re: Pam module for hylafax
Next by thread: Re: Debian Kernel security status?
Index(es):
- Date
- Thread