Hi all! I found another vulnerability in the tracker that shows up as fixed in lenny, and as unfixed in squeeze, despite the package version is the *same* in the two branches. http://security-tracker.debian.net/tracker/CVE-2009-2584 BTW, the fix seems to be http://lkml.org/lkml/2009/7/20/348 which, IIUC, has not yet been applied to the upstream mainline kernel I haven't even found a Debian BTS bug report: should an important (?) bug be filed? -- New location for my website! Update your bookmarks! http://www.inventati.org/frx ..................................................... Francesco Poli . GnuPG key fpr == C979 F34B 27CE 5CD8 DC12 31B5 78F4 279B DD6D FCF4
Attachment:
pgpR5b2vs7eq2.pgp
Description: PGP signature