Re: [DSA 1494-1] Still vulnerable?
On Tuesday 12 February 2008, Jens Schüßler wrote:
> * Florian Weimer <email@example.com> wrote:
> > * Jens Schüßler:
> > > I just upgraded my linux-source-2.6.18 to
> > > 2.6.18.dfsg.1-18etch1_all and build a new linux-image. But
> > > after installing an rebooting I still was able to become root
> > > with this exploit:
> > > http://milw0rm.com/exploits/5092
I checked that the fix is in the source tarball.
> $uname -a
> Linux algol 2.6.18+2008-02-12 #1 Tue Feb 12 16:49:10 CET 2008 i686
> As I said, fresh compiled from the new sources-Packet
Only /usr/src/linux-source-2.6.18.tar.bz2 is in the source package.
Maybe you forgot to extract it again, and used an old version you had