Debian attacker may have used new exploit
Robert Brockway
robert-5LEc/6Zm6xCUd8a0hrldnti2O/JbrIOy at public.gmane.org
Tue Dec 2 14:06:16 UTC 2003
On Tue, 2 Dec 2003, JoeHill wrote:
> What confuses me, is that my default install of MDK 9.2 shows kernel version:
>
> 2.4.22-10
>
> But MDK says 9.2 is safe.
>
> Can someone clarify this for me?
It is very common for distributions to patch their own kernels seperately
to the main tree. This way they ensure minimalist changes to their kernel
and also keep whatever customisation or optimisations they have previously
incorporated.
So when upgrading to avoid an exploit like this, either go for a vanilla
kernel which is known to be fixed (2.4.23 in this case) _or_ whatever
version your distro maintainers advise is safe.
Rob
--
Robert Brockway B.Sc. email: robert-5LEc/6Zm6xCUd8a0hrldnti2O/JbrIOy at public.gmane.org, zzbrock at uqconnect.net
Linux counter project ID #16440 (http://counter.li.org)
"The earth is but one country and mankind its citizens" -Baha'u'llah
--
The Toronto Linux Users Group. Meetings: http://tlug.ss.org
TLUG requests: Linux topics, No HTML, wrap text below 80 columns
How to UNSUBSCRIBE: http://tlug.ss.org/subscribe.shtml
More information about the Legacy
mailing list