Re: Routingtable vulnerability
Thomas,
My brother tells me that there has been some discussion about this on
the kernel list. RedHat's patch was applied to 2.4.21 (plus 2.5.69) but
people are reporting that the patch breaks other things so it is not yet
ready for prime time.
At this point this remains only a theoretical flaw which someone
noticed while hacking on the kernel. No one has shown an actual exploit.
Until the kernel hackers can do their thing, there isn't much the
Debian project can do. You may want to monitor the kernel list for more
up-to-date information.
Pete
--
http://www.elbnet.com
ELB Internet Service, Inc.
Web Design, Computer Consulting, Internet Hosting
Thomas Hebinck wrote:
>
> Hi,
>
> is there really nobody who knows anything about this vulnerability?
> We use Debian Woody as firewall ...
>
> Sincerely,
> Thomas
>
> >-----Original Message-----
> >From: www-data [mailto:www-data@gauner.org]On Behalf Of
> >dominik.schulz@gauner.org
> >Sent: Wednesday, May 21, 2003 11:50 AM
> >To: debian-isp@lists.debian.org
> >Subject: Routingtable vulnerability
> >
> >
> >
> >
> >Due to the fact that I'm only subscribed to two Debian related Mailinglists
> >(debian-isp and security-announce) I haven't heard of any discussions about the
> >newly discoverd Kernel vulnerability (Routingtables,
> >http://rhn.redhat.com/errata/RHSA-2003-172.html).
> >Has this been discussed on Debian-Lists and are there any countermesasures
> >recommended?
> >
> >Best Regards,
> >Dominik Schulz
> >
> >-------------------------------------------------
> >This mail sent through IMP: http://horde.org/imp/
> >
> >
> >--
> >To UNSUBSCRIBE, email to debian-isp-request@lists.debian.org
> >with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
> >
> >
>
> --
> To UNSUBSCRIBE, email to debian-isp-request@lists.debian.org
> with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
Reply to: