Alexander Reichle-Schmehl un jour écrivit:
Hi! * Kheng Teong Goh <khengteong.goh@dapmalaysia.org> [080912 04:21]:I have 2 system on slicehost running debian. apt-get update and apt-get upgrade has not been upgrading my kernel. It has been upgrading other packages. Kernel remains as : 2.6.18-xen #1 SMP Tue Feb 12 06:40:50 UTC 2008 x86_64The latest kernel related DSA (1636) only affected the 2.6.24 kernel shipped with Etch-and-a-half.
I can see that CVE-2008-3272 and CVE-2008-3275 had already been fixed in DSA-1630-1, but can you confirm that the other CVE doesn't affect 2.6.18?More specifically, can someone confirm that CVE-2008-3915 doesn't affect the 2.6.18 kernel series in Debian? If I believe this link, this bug is not limited to 2.6.24 in Etch-and-a-half.
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-3915 Simon Valiquette