Re: Kernel 2.2.15 hole ?
There were some other security holes in the kernel which was corrected in
2.2.19pre9 or somewhere around that pre-release concerning the
signed/unsigned usage of some int variables.
I think this is a sufficient reason for upgrading.
Regards,
Robert Varga
On Mon, 5 Mar 2001, David Wright wrote:
> Quoting stephen@exegesis.org.uk (stephen@exegesis.org.uk):
> > On Mon, Mar 05, 2001 at 03:31:07AM -0900, Ethan Benson wrote:
> > > On Thu, Mar 01, 2001 at 03:34:21AM +0000, Stephen Walton wrote:
>
> > > > Has anyone seen the announcement about a root exploit
> > > > in the 2.2.15 and earlier kernel versions as posted
> >
> > > yes ages ago.
> >
> > > > Does this apply to the debian kernels?
> > >
> > > depends what debian kernel, i think some of them had backported
> > > patches, but really there is no reason to be running anything that
> > > old. upgrade to 2.2.18.
> >
> > I purposely have a policy of not upgrading software (including the
> > kernel) unless there is a good reason to do so, either with new
> > functionality that is required, or for security reasons. I have
> > no objections to upgrading in this instance, but I was more
> > concerned that a search on Debians archives did not show this
> > as a security issue.
>
> Perhaps it's at http://www.uk.debian.org/security/2000/20000612 ?
> i.e. 2.2.15-3 is patched.
>
> Cheers,
>
> --
> Email: d.wright@open.ac.uk Tel: +44 1908 653 739 Fax: +44 1908 655 151
> Snail: David Wright, Earth Science Dept., Milton Keynes, England, MK7 6AA
> Disclaimer: These addresses are only for reaching me, and do not signify
> official stationery. Views expressed here are either my own or plagiarised.
>
>
> --
> To UNSUBSCRIBE, email to debian-security-request@lists.debian.org
> with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
>
>
Reply to: