Re: kernel-images

To: debian-user@lists.debian.org
Subject: Re: kernel-images
From: Geoff Thurman <geoffthur@ntlworld.com>
Date: Tue, 9 Dec 2003 22:22:41 +0000
Message-id: <[🔎] 20031209222352.NHNO15813.mta02-svc.ntlworld.com@there>
In-reply-to: <[🔎] br5djr$lbi$1@sea.gmane.org>
References: <[🔎] 20031209193210.DIHD2588.mta07-svc.ntlworld.com@there> <[🔎] br5djr$lbi$1@sea.gmane.org>

On Tuesday 09 December 2003 9:08 pm, Andreas Janssen wrote:
> Hello
>
> Geoff Thurman (<geoffthur@ntlworld.com>) wrote:
> > Is it possible for the unwitting to install a kernel-image
> > downloaded from official debian sources that hasn't been patched
> > for the recent exploit, or can all the currently downloadable
> > images (and kernel source packages too, for that matter) be taken
> > to be safe from it? I've
> > switched to woody, and have today installed image-2-4-18-k6  #1,
> > dated Apr 14 2002. Clearly the date suggests no patch has been
> > applied, so is this kernel vulnerable to the exploit, please, or
> > does it not arise in this branch?
>
> Your Kernel is vulnerable. When the ptrace bug was fixed, the
> packages became incompatible to modules compiled for older versions,
> and they were renamed. Install kernel-image-2.4.18-1-k6 from
> security.debian.org. The current version from ftp.debian.org (Woody
> r2) does /not/ fix all vulnerabilities (I even think it is still the
> same one as in Woody r1 because newer packages were rejected from r2
> for some reasons).
>
> best regards
>         Andreas Janssen

Sheesh. Thank you. The new one is downloading now.

Cheers,

Geoff

Reply to:

References:
- kernel-images
  - From: Geoff Thurman <geoffthur@ntlworld.com>
- Re: kernel-images
  - From: Andreas Janssen <andreas.janssen@bigfoot.com>

Prev by Date: Kernel modules for AIC79xx scsi card?
Next by Date: Re: Could not load OpenGL library
Previous by thread: Re: kernel-images
Next by thread: Re: Could not load OpenGL library
Index(es):
- Date
- Thread