| 1 |
Tom Hendrikx <tom@×××××××××.net> 2012-02-02 21:42: |
| 2 |
> On 27/01/12 14:37, Anthony G. Basile wrote: |
| 3 |
>> Hi everyone, |
| 4 |
>> |
| 5 |
>> I just added hardened-sources 2.6.32-r88 and 3.2.2 to the tree. They |
| 6 |
>> address CVE-2012-0056. I've tested and they do indeed resist the |
| 7 |
>> exploit. I will be stabilizing them within 24 hours. However, I feel |
| 8 |
>> very uncomfortable doing so because I don't want to trade one set of |
| 9 |
>> problems with another. If anyone has time to test, let me know if you |
| 10 |
>> encounter any issues. |
| 11 |
>> |
| 12 |
> |
| 13 |
> I am still using 2.6.* sources here on one machine pending resolution of |
| 14 |
> bug https://bugs.gentoo.org/show_bug.cgi?id=386721 (if it will ever |
| 15 |
> happen :/ ). |
| 16 |
|
| 17 |
Are those open-vm kernel modules still necessary? It was my |
| 18 |
understanding that most/all of the guest modules for more efficient |
| 19 |
virtual hardware support were included in the mainline kernel now: |
| 20 |
<http://kernelnewbies.org/Linux_2_6_33#head-b1a0ddbc804d228802ce8aebd37d9fd6513ccb01> |
| 21 |
|
| 22 |
Thanks, |
| 23 |
Brian |
Archives