Re: kernel-images

To: debian-user@lists.debian.org
Subject: Re: kernel-images
From: Andreas Janssen <andreas.janssen@bigfoot.com>
Date: Tue, 09 Dec 2003 22:08:16 +0100
Message-id: <[🔎] br5djr$lbi$1@sea.gmane.org>
References: <[🔎] 20031209193210.DIHD2588.mta07-svc.ntlworld.com@there>

Hello

Geoff Thurman (<geoffthur@ntlworld.com>) wrote:

> Is it possible for the unwitting to install a kernel-image downloaded
> from official debian sources that hasn't been patched for the recent
> exploit, or can all the currently downloadable images (and kernel
> source packages too, for that matter) be taken to be safe from it?
> I've
> switched to woody, and have today installed image-2-4-18-k6  #1, dated
> Apr 14 2002. Clearly the date suggests no patch has been applied, so
> is this kernel vulnerable to the exploit, please, or does it not arise
> in this branch?

Your Kernel is vulnerable. When the ptrace bug was fixed, the packages
became incompatible to modules compiled for older versions, and they
were renamed. Install kernel-image-2.4.18-1-k6 from
security.debian.org. The current version from ftp.debian.org (Woody r2)
does /not/ fix all vulnerabilities (I even think it is still the same
one as in Woody r1 because newer packages were rejected from r2 for
some reasons).

best regards
        Andreas Janssen

-- 
Andreas Janssen
andreas.janssen@bigfoot.com
PGP-Key-ID: 0xDC801674
Registered Linux User #267976

Reply to:

Follow-Ups:
- Re: kernel-images
  - From: Geoff Thurman <geoffthur@ntlworld.com>

References:
- kernel-images
  - From: Geoff Thurman <geoffthur@ntlworld.com>

Prev by Date: weird problem: X restarts if I click in an ssd'ed xterm
Next by Date: Debian IPv6 Ready?
Previous by thread: kernel-images
Next by thread: Re: kernel-images
Index(es):
- Date
- Thread