Gentoo Archives: gentoo-security

From: Volker Armin Hemmann <volkerarmin@××××××××××.com>
To: gentoo-security@l.g.o
Subject: Re: [gentoo-security] Kernel Security Update Target Delay?
Date: Sun, 26 Sep 2010 12:03:57
Message-Id: 201009261351.35656.volkerarmin@googlemail.com
In Reply to: [gentoo-security] Kernel Security Update Target Delay? by Richard Freeman
On Sunday 26 September 2010, Richard Freeman wrote:
*gentoo-sources-2.6.32-r18 (21 Sep 2010)

  21 Sep 2010; Mike Pagano <mpagano@g.o>
  +gentoo-sources-2.6.32-r18.ebuild:
  Linux patch 2.6.32.22. Includes fix for CVE-2010-3301.

*gentoo-sources-2.6.35-r8 (21 Sep 2010)

  21 Sep 2010; Mike Pagano <mpagano@g.o>
  +gentoo-sources-2.6.35-r8.ebuild:
  Linux patch 2.6.35.5. Includes fix for CVE-2010-3301.

*gentoo-sources-2.6.35-r7 (16 Sep 2010)
*gentoo-sources-2.6.34-r10 (16 Sep 2010)

  16 Sep 2010; Mike Pagano <mpagano@g.o>
  +gentoo-sources-2.6.34-r10.ebuild, +gentoo-sources-2.6.35-r7.ebuild:
  Fix for exploit: IA32 Syscall Entry Point Privilege Escalation
  (CVE-2010-3301)

date:
So 26. Sep 13:48:41 CEST 2010

so there has been roughly a week so far.

And the bug is not that dangerous - except when you insist on running unsecure 
32bit software on a 64bit system.

Replies

Subject Author
Re: [gentoo-security] Kernel Security Update Target Delay? Richard Freeman <rich0@g.o>