HI Jonathan, Jonathan Quick wrote: > Is there any intention to release a new version of the Woody boot-floppies > based on the kernel-image-2.2.25 and kernel-image-2.4.20-1 kernels which > include the ptrace security hole fix ( see DSA-270 for example.) Obviously > this would require similar patched kernels for all architectures to be > available too. Perhaps a critical or grave bug should be filed against > the boot-floppies & debian-cd to ensure this issue receives attention ? For installation at least, a local root hole is completely irrelevant. (There is no root password and no users.) The only thing that needs to be ensured is that the installed kernel is not vulnerable. That means - until a new point release is made, stock kernels should be automatically upgraded via the security.d.o apt-lines, - when a new point release is made, fixed kernels should be offered to install on the hard disk. Unless there is a problem with one of these, I don't think there's much of a bug, certainly not in boot floppies. Cheers T.
Description: PGP signature