Re: Newbie kernel-source package question
Hello
Nathan Barham (<nathan@sleepygeek.com>) wrote:
> I'm new to Debian and running woody on i386. I want to find the
> 2.4.18-12 source package containing the fix for the problem noted in
> Debian's security announcment DSA-403-1 (that got the Debian site
> compromised). The announcement says ...
>
> -snip-
>
> For Debian it has been fixed in version 2.4.18-12 of the kernel source
> packages . . .
>
> -snip-
>
> When I try "apt-get install kernel-source-2.4.18-12" I get "E:
> Couldn't find package kernel-source-2.4.18-12".
> When I try "apt-get install kernel-source-2.4.18" I end up with
> 2.4.18-14, and am unsure if this package contains the fix or not.
>
> Clearly I'm missing something basic. Does 2.4.18-14 contain the fix?
> If not where can I find the correct package?
Obviously -14 is newer than -12, so it does contain the fix (you could
probably look it up in the package changelog to be on the safe side).
The DSA also states that the binary i386 packages are -14, but the
latest packages are -12, so maybe someone mixed up the version numbers
in the DSA. I have kernel-image-2.4.18-bf2.4, which /was/ updated, and
the changelog says:
kernel-image-2.4.18-i386bf (2.4.18-5woody5) stable-security;
urgency=high
* Security update
* Build against kernel-source-2.4.18 2.4.18-14:
^^^^^^^^^
- Added TASK_SIZE check to do_brk in mm/mmap.c (DSA-403-1)
-- Eduard Bloch <blade@debian.org> Tue, 2 Dec 2003 10:50:50 +0000
best regards
Andreas Janssen
--
Andreas Janssen
andreas.janssen@bigfoot.com
PGP-Key-ID: 0xDC801674
Registered Linux User #267976
Reply to: