Re: kernel expolit. is 2.4.18-bf2.4 affected?
On Mon, Dec 15, 2003 at 12:36:30AM -0800, Karsten M. Self wrote:
> on Mon, Dec 15, 2003 at 06:33:39PM +1300, Paul William (email@example.com) wrote:
> > Hi all,
> > Is the stock woody 2.4.18-bf2.4 kernel affected by the kernel exploit
> > that was used to attack the debian.org servers? If it is affected then
> > what kernel is safe?
> *All* 2.4 installation kernels predate the patch, and are vulnerable.
> Your safe options are 2.2.x kernels, a patched 2.4.18, 2.4.(>=23), and
> presumably the 2.6 tree.
The 2.2.x kernel shipped with woody is vulnerable to the ptrace exploit
and several other not so grave flaws. So security updates after installation
are necessary in all cases. Ok PC without a connection to other systems is
23.12.2003, Saal Norhausen Lev. Rheindorf