Re: Well - and kernel 2.4.18?

[Harald Krammer <hkrammer@a1.net>]

Hi Jan,
you are right. I am not sure, how we can improve the security on Debian 
? Is the security team to small ? Some security holes are not so easy to 
fix, because the most of this fix-patches exists only for newer 
versions. To bring the patch back to a older version it is not always so 
easy and need a test phase too.

Nice greetings,
Harald



Jan Lühr wrote:
> Greetings,
>
> Am Sonntag 03 April 2005 22:57 schrieb Harald Krammer:
>
> > Hi Jan,
> > I had the same question but this is a while ago.  At the moment I use
> > kernel 2.4.27 from backport.org.
> >
> > Here is the link from the old thread:
> > http://lists.debian.org/debian-security/2005/01/threads.html#00201
>
>
> Me, too ;)
> However, I gave you some *explanation" that time ;-)
> However,
> Btw. I'm quite worried about the Shape of Debian's security.
> Take   CAN-2004-1154 "[SECURITY] [DSA 701-1] New samba packages fix arbitrary 
> code execution" for instance.
> Fixed in Samba: 15th December 2004 (with 3.0.10 from samba.org) 
> Fixed in SuSE:  22th December 2004 
> Fixed in Woody: 31st. March 2005
>
> That ain't good.
>
> Keep smiling
> yanosz
>
>  

--

Harald Krammer
Brucknerstrasse 33
A - 4020  Linz
AUSTRIA

Mobil +43.(0) 664. 130 59 58
Mail: hkrammer at a1.net

Please avoid sending me Word or PowerPoint attachments.
See
http://www.fsf.org/philosophy/no-word-attachments.html