Re: [Florian.Weimer@RUS.UNI-STUTTGART.DE: Re: Linux kernel sysctl() vulnerability]

To: debian-security@lists.debian.org
Cc: An Thi-Nguyen Le <anle@uiuc.edu>
Subject: Re: [Florian.Weimer@RUS.UNI-STUTTGART.DE: Re: Linux kernel sysctl() vulnerability]
From: Florian Weimer <Florian.Weimer@RUS.Uni-Stuttgart.DE>
Date: 12 Feb 2001 18:04:23 +0100
Message-id: <tg7l2v7rzc.fsf@mercury.rus.uni-stuttgart.de>
In-reply-to: <20010210152552.M2287@plato.local.lan>
References: <20010210165502.B27358@srh1171.urh.uiuc.edu> <20010210152552.M2287@plato.local.lan>

Ethan Benson <erbenson@alaska.net> writes:

> i hope that Alan Cox either releases 2.2.19 soon or an errata patch to
> 2.2.18 to fix these, i like many do not use distribution kernels.  

I've derived a 2.2.18-compatible patch for the ptrace() issue:

        http://cert.uni-stuttgart.de/files/fw/linux-2.2.18-ptrace.diff

(It's based on Alan Cox's fixes for Red Hat, which unfortunately do
not apply cleanly to a stock 2.2.18 kernel.)

My other patch posted to BUGTRAQ is of questionable quality (it should
do the right thing, however).

-- 
Florian Weimer 	                  Florian.Weimer@RUS.Uni-Stuttgart.DE
University of Stuttgart           http://cert.uni-stuttgart.de/
RUS-CERT                          +49-711-685-5973/fax +49-711-685-5898

Reply to:

Follow-Ups:
- PGP and GnuPG
  - From: Antti Tolamo <antti@tola.org>

References:
- [Florian.Weimer@RUS.UNI-STUTTGART.DE: Re: Linux kernel sysctl() vulnerability]
  - From: An Thi-Nguyen Le <anle@uiuc.edu>
- Re: [Florian.Weimer@RUS.UNI-STUTTGART.DE: Re: Linux kernel sysctl() vulnerability]
  - From: Ethan Benson <erbenson@alaska.net>

Prev by Date: Re: Interoperability between sftp and ftp GUI from ssh.com?
Next by Date: PGP and GnuPG
Previous by thread: Re: [Florian.Weimer@RUS.UNI-STUTTGART.DE: Re: Linux kernel sysctl() vulnerability]
Next by thread: PGP and GnuPG
Index(es):
- Date
- Thread