Re: Please clarifiy: kernel-sources / ptracebug / debian security announcenments
On Thu, 08.05.03, Joey Hess <joeyh@debian.org> wrote:
> fixing it for the i386 architecture I do not know, but I do know that
> modifying the kernel in stable on i386 is a monstrous problem, as doing
> it right means you have to:
>
> - rebuild all the different kernel images
> - rebuild all the modules packages external to the kernel, which would
> get broken by the above rebuild
> - rebuild the boot floppies
> - rebuild the install CD's
And that is not true for the architectures that _were_ patched? I also think
that a patched 2.4.20-ptrace as replacement for 2.4.20 would have not much
problems running external modules.
The patched kernel-images for i386 have been lying around for some time, and
i have them running on some boxen which all work fine. I acknowlege that
there may still be issues with some installations or even broken packages
(software that wont run with the patch), in which case something of an
unofficial security advisory would have been nice (which provides
information about the hole and a link to the unofficial patched kernel
images with a note that they may break some stuff). The official DSA could
then be published once all outstanding issues had been resolved.
I dont know whether that would be against a debian policy but in all cases
this is far superior to the current situation where everyone has to patch
the kernel for him/herself or use the unofficial debs instead, which has the
same effect as releasing a .deb that has the same problems.
cya,
Nils
--
Nils Juergens | nils@muon.de | icq 7090774
Having problems sending big files over the net?
Try out Efisto (http://efisto.rnbhq.org).
Reply to: