[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: kernel-images

On Tuesday 09 December 2003 9:08 pm, Andreas Janssen wrote:
> Hello
> Geoff Thurman (<geoffthur@ntlworld.com>) wrote:
> > Is it possible for the unwitting to install a kernel-image
> > downloaded from official debian sources that hasn't been patched
> > for the recent exploit, or can all the currently downloadable
> > images (and kernel source packages too, for that matter) be taken
> > to be safe from it? I've
> > switched to woody, and have today installed image-2-4-18-k6  #1,
> > dated Apr 14 2002. Clearly the date suggests no patch has been
> > applied, so is this kernel vulnerable to the exploit, please, or
> > does it not arise in this branch?
> Your Kernel is vulnerable. When the ptrace bug was fixed, the
> packages became incompatible to modules compiled for older versions,
> and they were renamed. Install kernel-image-2.4.18-1-k6 from
> security.debian.org. The current version from ftp.debian.org (Woody
> r2) does /not/ fix all vulnerabilities (I even think it is still the
> same one as in Woody r1 because newer packages were rejected from r2
> for some reasons).
> best regards
>         Andreas Janssen

Sheesh. Thank you. The new one is downloading now.



Reply to: