On Fri, Jun 16, 2000 at 04:37:13AM -0300, [EMAIL PROTECTED] wrote: > ..."Lots of security holes have been dealt with since the last edition of > Debian Weekly News: > * A fix for the capabilities-related local root compromise in kernel > 2.2.15 was [21]backported into the Debian package of kernel > 2.2.15 ..."
Desconozco si había paquetes de 2.2.15 para Slink. Si es así, esos estarían afectados. Te aseguro que los de Potato no. kernel: bug in capabilities handling allows root exploits _________________________________________________________________ Date Reported: 12 Jun 2000 Affected Packages: kernel-image, kernel-source Vulnerable: No For more information: There is a widely-reported problem with the handling of POSIX capabilities in the linux kernel that can lead to root compromise in setuid applications. This bug does not affect kernels in the 2.0 or earlier series; the 2.0 kernels installed by default in debian 2.1 (slink) are not vulnerable. If you are running a kernel with a version of 2.1.*, 2.2.*, or 2.3.*, you should upgrade immediately. Fixed in: The Debian kernel source package currently in potato, kernel-source-2.2.15-3, and binaries built from it, such as kernel-image-2.2.15-2 (or more recent versions), are patched to prevent this vulnerability. If you prefer to download kernel source from a mirror of ftp.kernel.org instead of using the debian package, you should download 2.2.16 or better. -- Jordi Mallach Pérez || [EMAIL PROTECTED] || Rediscovering Freedom, aka Oskuro in || [EMAIL PROTECTED] || Using Debian GNU/Linux Reinos de Leyenda || [EMAIL PROTECTED] || http://debian.org http://sindominio.net GnuPG public information: pub 1024D/917A225E telnet pusa.uv.es 23 73ED 4244 FD43 5886 20AC 2644 2584 94BA 917A 225E
pgptt4yJA5MNO.pgp
Description: PGP signature