[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Debian Server restored after Compromise. Which kernels???

I just looked on the site you forwarded. It lists 

Linux kernel 2.6.10
Linux kernel 2.6.9 
Linux kernel 2.6.8 rc3
Linux kernel 2.6.8 rc2
Linux kernel 2.6.8 rc1
Linux kernel 2.6.8 

This is not consistent with the statement that the stable kernel (2.6.8)
is unaffected. Which is true? We have a superannuated Beowulf running the
2.6.8-2.k7 image, and my laptop is currently at 2.6.10.

Art Edwards

On Fri, Jul 14, 2006 at 08:05:53PM +0300, Török Edvin wrote:
> On 7/14/06, Art Edwards <edwardsa@afrl.kirtland.af.mil> wrote:
> >Thanks very much for this post. However, I am confused about
> >Do you mean 2.6.13 up to 2.6.13.4? As written, 2.6.13 up to 2.6.17.4 would
> >include all of the 2.6.14, 2.6.15, and 2.6.16 kernels, rendering the
> >last part of that line inconsistent. This has propagated through
> >the debian lists, so, at the least, a clarification would be very useful.
> >the span of kernels effected.
> Have a look at:
> http://www.securityfocus.com/bid/18874 it lists the kernels.
> Up to 2.6.17.4 they are vulnerable, and in the 2.6.16 line it is fixed
> in  2.6.16.24
> 
> Cheers,
> Edwin
> 
> 
> -- 
> To UNSUBSCRIBE, email to debian-amd64-REQUEST@lists.debian.org
> with a subject of "unsubscribe". Trouble? Contact 
> listmaster@lists.debian.org
>
Reply to: