[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: [SECURITY] [DSA 479-1] New Linux 2.4.18 packages fix local root exploit (source+alpha+i386+powerpc)

Greetings,

Am Mittwoch, 14. April 2004 16:52 schrieb Martin Schulze:
> --------------------------------------------------------------------------
> Debian Security Advisory DSA 479-1                     security@debian.org
> http://www.debian.org/security/                             Martin Schulze
> April 14th, 2004                        http://www.debian.org/security/faq
> --------------------------------------------------------------------------
>
> Package        : kernel-source-2.4.18 kernel-image-2.4.18-1-alpha
> kernel-image-2.4.18-1-i386 kernel-image-2.4.18-i386bf
> kernel-patch-2.4.18-powerpc Vulnerability  : several vulnerabilities
> Problem-Type   : local
> Debian-specific: no
> CVE ID         : CAN-2004-0003 CAN-2004-0010 CAN-2004-0109 CAN-2004-0177
> CAN-2004-0178

puh - synchronised with the realese 2.4.26 and no warnings of bugtraq or fd... 
Good work.
I imagine that everything is fixed in 2.4.26.
Does someone know if 2.4.26 is a bugfix pre-release?
I'm getting a little bit confused right know, if there are serious issue with 
the kernel, why wasn't there any earlier release of 2.4.26?

Refering to the large number of fixed vuln, might an earlier release of single 
patches has been an option? Or did you watch fd to find the right time?

Keep smiling
yanosz
Reply to: