On Fri, 28 Apr 2006 11:05:40 -0300 "Luiz Fernando N. Capitulino" <[EMAIL PROTECTED]> wrote:
| - Security fixes: | * ZZA7_CVE-2006-1524_fix_shm_mprotect.patch For those who follows kernel security news, this is actually CVE-2006-2071, and not CVE-2006-1524. The problem is that the original CVE-2006-1524 covered two unrelated problems, and nobody realized it until yesterday. The CVEs then got splited. 2006.0's is not vulnerable to CVE-2006-1524, only to CVE-2006-2071. It's already fixed in the kernel's SVN tree, and will show up correctly in 2.6.12-20mdk official advisory. PS: Of course that the CVEs got splited _after_ I built this kernel, that's why my changelog does mention CVE-2006-1524 instead of CVE-2006-2071. -- Luiz Fernando N. Capitulino
