Re: root compromise on debian woody
On Sat, May 28, 2005 at 01:39:54PM -0400, Selva Nair wrote:
> Date: Sat, 28 May 2005 13:39:54 -0400
> From: Selva Nair <selva.nair@gmail.com>
> Subject: Re: root compromise on debian woody
>
[snip]
> I was running debian 2.4.18-k7. Now I notice that there is another kernel
> image available for k7 -- kernel-image-2.4.18-1.k7. Just installed that one and
> the exploit doesn't work on it. So was I running an unsafe kernel?
http://packages.debian.org shows kernel-image-2.4.18-1-k7 as [security]. Updates
from security team went to that package, not to 2.4.18-k7. I don't know
really how Debian's kernel versioning works, but IIRC in Sarge there
was kernel-image-2.4.27-1-686 and now there's kernel-image-2.4.27-2-686
>
> apt-show-versions show
>
> kernel-image-2.4.18-k7/stable uptodate 2.4.18-5
> kernel-image-2.4.18-1-k7/stable uptodate 2.4.18-13.1
>
> The timestamp on vmlinuz-2.4.18-k7 is Apr 14 2002 (pretty old) while
> the 2.4.18-1-k7
> is Apr 14 2004.Why is this 2.4.18-k7 kernel so old and buggy and still
> stated to be uptodate?
It is up-to-date in terms of package versions, so there're no newer
kernel-image-2.4.18-k7 packages.
[snip]
Best wishes
--
Alexei Chetroi
Smile... Tomorrow will be worse. (c) Murphy's Law
Reply to: