[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: [DSA 1494-1] Still vulnerable?

* Florian Weimer <fw@deneb.enyo.de> wrote:
> * Jens Schüßler:
> 
> >> Not in our tests.  Are you sure you're running the new kernel?  What
> >> does "uname -a" say?
> 
> > $uname -a
> > Linux algol 2.6.18+2008-02-12 #1 Tue Feb 12 16:49:10 CET 2008 i686 GNU/Linux
> >
> > As I said, fresh compiled from the new sources-Packet
> 
> Please send me your copy of fs/splice.c.  

Sorry, i deleted the source meanwhile.
> 
> I just downloaded linux-source-2.6.18 2.6.18.dfsg.1-18etch1, and it does
> contain the correct version.  This suggests some sort of problem at your
> end, I'm afraid.

Maybe, I think so, but I don't know why. I just build it again as I said in the 
other posting, and now it works.

But the buildinfo shows the same source package version than before...

$zcat /usr/share/doc/linux-image-2.6.18+2008-02-12/buildinfo.gz
binutils-2.17-3
dpkg-1.13.25
dpkg-dev-1.13.25
gcc-4.1.1-15
gcc-3.3-base-3.3.6-15
gcc-3.4-base-3.4.6-5
gcc-4.1-4.1.1-21
gcc-4.1-base-4.1.1-21
libc6-2.3.6.ds1-13etch4
libc6-dev-2.3.6.ds1-13etch4
make-3.81-2
perl-5.8.8-7etch1
this was built on a machine with the kernel:
Linux algol 2.6.22+2008-02-12 #1 Tue Feb 12 20:29:32 CET 2008 i686 GNU/Linux
using the compiler:
gcc version 4.1.2 20061115 (prerelease) (Debian 4.1.1-21)
kernel source package used:
linux-source-2.6.18-2.6.18.dfsg.1-18etch1
applied kernel patches:
Reply to: