[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Backport of the integer overflow in the brk system call

On Wed, Dec 03, 2003 at 10:54:24AM +1000, Andrew Pollock wrote:
> The only way to have avoided this kernel vulnerability from day-0 of
> discovery/fix release would have been to be constantly upgrading to
> pre-release kernels.

Yes but also the debian servers would not have been vulnerable if they had
used 2.4.23. At least not at that point in time.

  (OO)      -- Bernd_Eckenfels@Wendelinusstrasse39.76646Bruchsal.de --
 ( .. )  ecki@{inka.de,linux.de,debian.org} http://home.pages.de/~eckes/
  o--o     *plush*  2048/93600EFD  eckes@irc  +497257930613  BE5-RIPE
(O____O)  When cryptography is outlawed, bayl bhgynjf jvyy unir cevinpl!

Reply to: