Debian attacker may have used new exploit

Robert Brockway robert-5LEc/6Zm6xCUd8a0hrldnti2O/JbrIOy at
Tue Dec 2 14:06:16 UTC 2003

On Tue, 2 Dec 2003, JoeHill wrote:

> What confuses me, is that my default install of MDK 9.2 shows kernel version:
> 2.4.22-10
> But MDK says 9.2 is safe.
> Can someone clarify this for me?

It is very common for distributions to patch their own kernels seperately
to the main tree.  This way they ensure minimalist changes to their kernel
and also keep whatever customisation or optimisations they have previously

So when upgrading to avoid an exploit like this, either go for a vanilla
kernel which is known to be fixed (2.4.23 in this case) _or_ whatever
version your distro maintainers advise is safe.


Robert Brockway B.Sc. email: robert-5LEc/6Zm6xCUd8a0hrldnti2O/JbrIOy at, zzbrock at
Linux counter project ID #16440 (
"The earth is but one country and mankind its citizens" -Baha'u'llah
The Toronto Linux Users Group.      Meetings:
TLUG requests: Linux topics, No HTML, wrap text below 80 columns

More information about the Legacy mailing list