Re: [Wichert Akkerman <wichert@cistron.nl>] Re: kernel we release with (was Re: Preparing for first test cycle)

To: Adam Di Carlo <adam@onshore.com>
Cc: herbert@debian.org, debian-boot@lists.debian.org, pcmcia-source@packages.debian.org
Subject: Re: [Wichert Akkerman <wichert@cistron.nl>] Re: kernel we release with (was Re: Preparing for first test cycle)
From: bug1 <bug1@netconnect.com.au>
Date: Sat, 22 Apr 2000 00:41:32 +1000
Message-id: <[🔎] 3900689C.DDA0E862@netconnect.com.au>
References: <[🔎] oak8hslrl7.fsf@arroz.fake>

> Previously Adam Di Carlo wrote:
> > What does this mean?  We'll be using 2.2.15 for potato?  Or sticking
> > with a patched 2.2.14?
> 
> 2.2.15 + 1 patch (it seems it was too late for 2.2.15). Otherwise we'll
> release with a kernel with known security problems. Sorry to put this on
> you so late, but I'm afraid there is no alternative.
> 
> 2.2.14 has at least two problems, a trivial DoS in knfs and another one
> I already forgot the details about (was a while ago already.. 2.2.15 is
> long overdue unfortunately). Also please note that the fact that a 2.2.x
> kernel changelog doesn't mention a security problem doesn't mean there is
> none, Alan doesn't mention them on purpose occasionally.
> 

2.2.14 has a ip masq vulnerability as well, aparently there is a fix
that will be in 2.2.15

Reply to:

References:
- [Wichert Akkerman <wichert@cistron.nl>] Re: kernel we release with (was Re: Preparing for first test cycle)
  - From: Adam Di Carlo <adam@onshore.com>

Prev by Date: Re: boot-floppies 2.2.9 report : segmentation fault on apus
Next by Date: Re: 2.2.11 -- to wait for i386, or not to wait
Previous by thread: [Wichert Akkerman <wichert@cistron.nl>] Re: kernel we release with (was Re: Preparing for first test cycle)
Next by thread: Draft Installation Chapter
Index(es):
- Date
- Thread