On 03/10/2010 02:49 PM, dann frazier wrote: > On Wed, Mar 10, 2010 at 02:18:38PM -0500, Daniel Kahn Gillmor wrote: >> It's not clear to me from the instructions above whether users should >> re-build their kvm modules package as well as installing the revised >> versions. >> >> Is the vulnerability fully-resolved by simply upgrading the kvm package? >> (i really don't know, and figure y'all are the right folks to ask). > > If you've never built/installed modules from the kvm-source package, > this advisory does not apply to you. If you have - you will need to > update your kernel-source package and rebuild/reload those modules. So i have a lenny system, running 2.6.26-2-amd64. When it was running 2.6.26-1-amd64, i built and installed modules from the kvm_source. but when i upgraded to 2.6.26-2-amd64, i didn't bother to build new modules, and just went with the kvm modules shipped in the stock linux-image-2.6.26-2-amd64 package. A literal reading of your response above makes me think i need to do rebuild for that system, but if i'm actually understanding you, it sounds like i *don't* need to do a module rebuild. argh. sorry if this line of questioning is annoying or frustrating. i'm not trying to be obnoxious or pedantic, i'm trying to make sure i actually understand the issue. >> I note that there are kvm modules shipped with the default stable >> kernel. > > Yes, these issues are being tracked there as well (3/4 are already > fixed in the latest stable update) Nice, thanks for the info. So would the 4th be fixed if i went ahead and rebuilt from the kvm_source package referenced by DSA-2010-1? Regards, --dkg
Attachment:
signature.asc
Description: OpenPGP digital signature