[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Backport of the integer overflow in the brk system call

On Wed, Dec 03, 2003 at 02:57:11AM +0100, Bernd Eckenfels wrote:
> On Wed, Dec 03, 2003 at 10:54:24AM +1000, Andrew Pollock wrote:
> > The only way to have avoided this kernel vulnerability from day-0 of
> > discovery/fix release would have been to be constantly upgrading to
> > pre-release kernels.
> Yes but also the debian servers would not have been vulnerable if they had
> used 2.4.23. At least not at that point in time.

They also would not have been affected if they were running 2.2.x. Why
don't we just downgrade them all, then?


Attachment: signature.asc
Description: Digital signature

Reply to: