new 2.4.28 package to clse smbfs kernel vulnerability?
A new vuln (smbfs) found in linux kernel [1,2] affects
all 2.4 but 2.4.28 and all 2.6 (till 2.6.9),
according to securityfocus . Thanks Slashdot...
Is someone working on it (new 2.4.27 or 2.4.28 kernel package)?
Perhaps I should download/compile a 2.4.28 from kernel.org,
but I dont want to miss additional Debian patches :)
Perhaps I'll only wait for kernel-source.2.4.28 deb
PS If someone know _if_ a bug report is needed and where post it,
dont hesitate to do it. I dont know if this will affect
the new (rc2) debian installer (based on 2.4.27?)
 Linux Kernel SMBFS Multiple Remote Vulnerabilities
 Changelog kernel 2.4.28
"2.4.28-rc4 was released as 2.4.28 with no changes.(...)
Summary of changes from v2.4.28-rc2 to v2.4.28-rc3(...)
o Improved smbfs client overflow fix (...)
Summary of changes from v2.4.28-rc1 to v2.4.28-rc2 (...)
o Urban Widmark: Fix smbfs client overflow