Backport of the integer overflow in the brk system call
Hi everybody,
just curious: any particular reason why we didn't see a backport any sooner of
the integer overflow in the brk system call (see recent announcement by
Wichert Akkerman:
http://lists.debian.org/debian-security-announce/debian-security-announce-2003/msg00212.html)
like we did with the ptrace issue some time back?
Wasn't it (the brk vuln) considered to be threatening enough to justify a
quick fix, or was it because the fix by Andrew Morton didn't say (kerne
changelog) enough about the potential seriousness of the vuln, or?
--
B/R,
Frederik Dannemare
Reply to: