Gentoo Archives: gentoo-security

From: kerin@×××××××××××××××.net
To: gentoo-security@l.g.o
Subject: Re: [gentoo-security] new kernel vulnerability in 2.2, 2.4 and 2.6 series
Date: Mon, 05 Jan 2004 18:17:47
Message-Id: 33222.10.0.0.133.1073326498.squirrel@serve.r2r.local
In Reply to: Re: [gentoo-security] new kernel vulnerability in 2.2, 2.4 and 2.6 series by Mike Frysinger
1 On Mon, 5 Jan 2004 12:55:11 -0500
2 Mike Frysinger <vapier@g.o> wrote:
3
4 > all kernels in portage should already be patched against do_brk() ...
5 > read the ChangeLog
6
7 In fact, I believe the redhat-sources are still vulnerable. The
8 explanation I got was that they're "not maintained". My opinion is quite
9 simply that they should be patched or scrubbed - but not left as they are.
10
11 As far as I know, they are the only sources that have been left in this
12 condition (last update 03 Oct 2003).
13
14 --Kerin Millar
15
16 --
17 gentoo-security@g.o mailing list