Re: Kernel 2.4.20 and patches to be save?

To: Markus Kolb <debian@tower-net.de>
Cc: debian-security@lists.debian.org
Subject: Re: Kernel 2.4.20 and patches to be save?
From: Florian Weimer <fw@deneb.enyo.de>
Date: Sun, 18 May 2003 23:31:27 +0200
Message-id: <87el2w2b80.fsf@deneb.enyo.de>
Mail-followup-to: Markus Kolb <debian@tower-net.de>, debian-security@lists.debian.org
In-reply-to: <200305181636.28597.debian@tower-net.de> (Markus Kolb's message of "Sun, 18 May 2003 16:36:28 +0200")
References: <200305181359.46894.debian@tower-net.de> <87addk5rvn.fsf@deneb.enyo.de> <200305181636.28597.debian@tower-net.de>

Markus Kolb <debian@tower-net.de> writes:

>> What do you mean by "not exploitable"? What are the threats you are
>> facing?
>
> Ptrace, iptables, ... 

If I understand you correctly, these are vulnerabilities, not threats.

Do you have untrusted local users?  Is your machine a routine DoS
target?

If not, why bother, and destabilize the system with upgrades?

> But after months there is no new stable version in 2.4 kernel tree
> and there is no official information how to patch the flaws.

The "official" patch for the ptrace issue is still in development,
AFAIK, or was until recently.

Reply to:

References:
- Kernel 2.4.20 and patches to be save?
  - From: Markus Kolb <debian@tower-net.de>
- Re: Kernel 2.4.20 and patches to be save?
  - From: Florian Weimer <fw@deneb.enyo.de>
- Re: Kernel 2.4.20 and patches to be save?
  - From: Markus Kolb <debian@tower-net.de>

Prev by Date: Re: Kernel 2.4.20 and patches to be save?
Next by Date: Re: Spam
Previous by thread: Re: Kernel 2.4.20 and patches to be save?
Next by thread: Re: Kernel 2.4.20 and patches to be save?
Index(es):
- Date
- Thread