[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: root compromise on debian woody

On Sat, May 28, 2005 at 01:39:54PM -0400, Selva Nair wrote:
> Date: Sat, 28 May 2005 13:39:54 -0400
> From: Selva Nair <selva.nair@gmail.com>
> Subject: Re: root compromise on debian woody
> 
 [snip]

> I was running debian 2.4.18-k7. Now I notice that there is another kernel
> image available for k7 -- kernel-image-2.4.18-1.k7. Just installed that one and
> the exploit doesn't work on it.  So was I running an unsafe kernel?
http://packages.debian.org shows kernel-image-2.4.18-1-k7 as [security]. Updates
from security team went to that package, not to 2.4.18-k7. I don't know
really how Debian's kernel versioning works, but IIRC in Sarge there
was kernel-image-2.4.27-1-686 and now there's kernel-image-2.4.27-2-686

> 
> apt-show-versions show
> 
> kernel-image-2.4.18-k7/stable uptodate 2.4.18-5
> kernel-image-2.4.18-1-k7/stable uptodate 2.4.18-13.1
> 
> The timestamp on vmlinuz-2.4.18-k7 is Apr 14 2002 (pretty old) while
> the 2.4.18-1-k7
> is Apr 14 2004.Why is this 2.4.18-k7 kernel so old and buggy and still
> stated to be uptodate?
  It is up-to-date in terms of package versions, so there're no newer
kernel-image-2.4.18-k7 packages. 

[snip]

  Best wishes

--
Alexei Chetroi

Smile... Tomorrow will be worse. (c) Murphy's Law
Reply to: