Re: kernel expolit. is 2.4.18-bf2.4 affected?

To: debian-users <debian-user@lists.debian.org>
Subject: Re: kernel expolit. is 2.4.18-bf2.4 affected?
From: Sven Hoexter <sven@timegate.de>
Date: Mon, 15 Dec 2003 14:37:11 +0100
Message-id: <[🔎] 20031215133711.GD2545@sven.home.hoaxter.de>
Mail-followup-to: debian-users <debian-user@lists.debian.org>
In-reply-to: <[🔎] 20031215083630.GE27235@ix.netcom.com>
References: <[🔎] 1071466419.6082.6.camel@paulscomputer> <[🔎] 20031215083630.GE27235@ix.netcom.com>

On Mon, Dec 15, 2003 at 12:36:30AM -0800, Karsten M. Self wrote:
> on Mon, Dec 15, 2003 at 06:33:39PM +1300, Paul William (webmaster@startlinux.co.nz) wrote:
> > Hi all,
> > 
> > Is the stock woody 2.4.18-bf2.4 kernel affected by the kernel exploit
> > that was used to attack the debian.org servers? If it is affected then
> > what kernel is safe? 
> 
> *All* 2.4 installation kernels predate the patch, and are vulnerable.
> 
> Your safe options are 2.2.x kernels, a patched 2.4.18, 2.4.(>=23), and
> presumably the 2.6 tree.
The 2.2.x  kernel shipped with woody is vulnerable to the ptrace exploit
and several other not so grave flaws. So security updates after installation
are necessary in all cases. Ok PC without a connection to other systems is
safe.

Sven
-- 
          Das Weihnachtskonzert
               COMBO GUANO
23.12.2003, Saal Norhausen Lev. Rheindorf
        http://www.comboguano.de

Reply to:

References:
- kernel expolit. is 2.4.18-bf2.4 affected?
  - From: Paul William <webmaster@startlinux.co.nz>
- Re: kernel expolit. is 2.4.18-bf2.4 affected?
  - From: "Karsten M. Self" <kmself@ix.netcom.com>

Prev by Date: Re: Language package for KDE
Next by Date: Re: Need install help -mig from RedHat to Debian
Previous by thread: Re: kernel expolit. is 2.4.18-bf2.4 affected?
Next by thread: Re: kernel expolit. is 2.4.18-bf2.4 affected?
Index(es):
- Date
- Thread