Re: Security holes in 2.4.25?

To: Micah Anderson <micah@riseup.net>
Cc: debian-security@lists.debian.org
Subject: Re: Security holes in 2.4.25?
From: Jeroen van Wolffelaar <jeroen@wolffelaar.nl>
Date: Wed, 14 Apr 2004 23:34:05 +0200
Message-id: <[🔎] 20040414213405.GF10117@A-Eskwadraat.nl>
In-reply-to: <[🔎] 20040414211628.GX7041@riseup.net>
References: <[🔎] 20040414211628.GX7041@riseup.net>

On Wed, Apr 14, 2004 at 04:16:28PM -0500, Micah Anderson wrote:
> With the rash of security gaffs in the kernel related to mmap and
> mremap, does it make anyone else nervous to see the following in the
> changelog for 2.4.26:
> 
> o mremap NULL pointer dereference fix
> 
> If this was a security concern, would it be noted in the changelog? 
> 
> Additionally, the 2.4.25 kernel seems to have a local root exploit for
> CDROMs: http://lwn.net/Articles/80480/

You are subscribed to the security announce list, are you?

http://lists.debian.org/debian-security-announce/debian-security-announce-2004/msg00077.html

(note: some of the packages are rumoured to be broken (the modules it
seems), if you depend on them, maybe better wait upgrading)

--Jeroen

-- 
Jeroen van Wolffelaar
Jeroen@wolffelaar.nl (also for Jabber & MSN; ICQ: 33944357)
http://Jeroen.A-Eskwadraat.nl

Attachment: pgprp0eJtEYXH.pgp
Description: PGP signature

Reply to:

References:
- Security holes in 2.4.25?
  - From: Micah Anderson <micah@riseup.net>

Prev by Date: Re: [SECURITY] [DSA 479-1] New Linux 2.4.18 packages fix local root exploit (source+alpha+i386+powerpc)
Next by Date: Latest kernel security upgrade in woody is BROKEN! DO NOT INSTALL!
Previous by thread: Security holes in 2.4.25?
Next by thread: Re: Security holes in 2.4.25?
Index(es):
- Date
- Thread