[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: [SECURITY] [DSA 479-1] New Linux 2.4.18 packages fix local root exploit (source+alpha+i386+powerpc)

Thanks for the many replies. Just for the record, I thought I'd type out
what I had to go through to get everything to work:

1) At first, didn't realize I needed to uncomment the word prompt in
lilo.conf (though I figured this one out before posting to the group).
2) The reason I received the error about being unable to mount root FS was
because I didn't realize the following line was missing from the vmlinux.old
stanza in lilo.conf:  initrd=/initrd.img.old. I added this line to lilo, ran
lilo at the prompt, rebooted, and was able to boot off of the original
2.4.18.

So, now that I was back connected to the internet, I was able to use apt-get
to get the new 2.4.18-1 package.

Thank you again! I appreciate it.

djr

"Peter Cordes" <peter@cordes.ca> wrote in message
news:1LlYg-3mh-29@gated-at.bofh.it...
> On Thu, Apr 15, 2004 at 09:33:32PM +0200, David R wrote:
> > Yes, any ideas how to fix this? I'm a newbie, so a bit new to Linux.
When I
> > installed this 2.4.18 package, it blew up my network card, so I am
unable to
> > get the new, fixed package. I thought about using apt-get remove to get
rid
> > of the patched kernel, but somehow this seemed ungood to me, so I tried
> > booting from LinuxOLD, which points to the original (as far as I can
tell)
> > vmlinuz-2.4.18-686. However, when I try this, I get the following error:
> >
> > Kernel Panic: VFS: Unable to mount root FS on 03:01
>
>  I'm guessing that the wrong initrd is getting loaded for the kernel
that's
> booting.  Check your /boot/grub/menu.lst (or /etc/lilo.conf), and the
> symlinks in /boot for initrd-old.img (or whatever it's called).
>
> > What do I do? Do I use apt-get remove to get rid of the patched kernel?
Do I
> > do something else?
>
>  Probably better to get a working kernel booted before you remove
anything.
> If you have any kernel .debs that used to work, you could try installing
one
> with dpkg -i.  This might end up downgrading a kernel package you have
> installed, but just removing things won't help.  (Debian's package scripts
> usually leave the /boot symlinks broken when I remove a kernel package,
even
> if it was totally obsolete and the links weren't pointing to any files
from
> that package...)  Your best bet is to look at the symlinks yourself, and
get
> them pointing to the right place.
>
> -- 
> #define X(x,y) x##y
> Peter Cordes ;  e-mail: X(peter@cor , des.ca)
>
> "The gods confound the man who first found out how to distinguish the
hours!
>  Confound him, too, who in this place set up a sundial, to cut and hack
>  my day so wretchedly into small pieces!" -- Plautus, 200 BC
>
>
> -- 
> To UNSUBSCRIBE, email to debian-security-REQUEST@lists.debian.org
> with a subject of "unsubscribe". Trouble? Contact
listmaster@lists.debian.org
Reply to: