Re: [Cooker] Will Mandrake release updated kernel for SNF?
On Wed Oct 24, 2001 at 04:44:02PM +0200, Juan Quintela wrote: borsenkow == Borsenkow Andrej [EMAIL PROTECTED] writes: borsenkow It is from user's comment to borsenkow http://linuxtoday.com/news_story.php3?ltsn=2001-10-18-018-20-SC-KN-0005 borsenkow that describes two kernel bugs (symlink and ptrace): borsenkow citation borsenkow Mandrake Single Network Firewall is based on kernel 2.2.19 borsenkow I guess this episode will provide a good test of whether people should borsenkow trust Mandrake as a company to keep their products secure... borsenkow There has been no replacement product for Mandrake SNF7.2 borsenkow If there is none planned, it may be that they believe they can just let borsenkow this slide without producing an update for people who bought the borsenkow box...That would be unfortunate. borsenkow == You can test the possible updates for 8.1 in: http://people.mandrakesoft.com/~quintela/ version -29mdk will be the 2.4 update if qa agrees. Reports of work here, didn't work here are welcome. Unfortuantely, this kernel is not what is being used in SNF. However, the reports that all of a sudden an SNF box is being attacked or compromised due to these kernel bugs is bogus. Both issues are *local* vulnerabilities, not remote. It is improbable that your system is being attacked due to problems in the kernel. That being said, a patched 2.2 kernel for all distribs, including SNF, will be available as soon as QA has finished doing their thing on them. I've been running the new kernel on an SNF box for two days now without a problem. -- [EMAIL PROTECTED], OpenPGP key available on www.keyserver.net 1024D/FE6F2AFD 88D8 0D23 8D4B 3407 5BD7 66F9 2043 D0E5 FE6F 2AFD - Danen Consulting Serviceswww.danen.net, www.freezer-burn.org - MandrakeSoft, Inc. Security www.linux-mandrake.com Current Linux kernel 2.4.8-26mdk uptime: 19 hours 40 minutes. PGP signature
Re: [Cooker] Will Mandrake release updated kernel for SNF?
On Tue, 23 Oct 2001, Borsenkow Andrej wrote: It is from user's comment to http://linuxtoday.com/news_story.php3?ltsn=2001-10-18-018-20-SC-KN-0005 that describes two kernel bugs (symlink and ptrace): citation Mandrake Single Network Firewall is based on kernel 2.2.19 I guess this episode will provide a good test of whether people should trust Mandrake as a company to keep their products secure... There has been no replacement product for Mandrake SNF7.2 If there is none planned, it may be that they believe they can just let this slide without producing an update for people who bought the box...That would be unfortunate. 2.2.19 in cooker has been updated with the appropriate patches, and kernels for the previous products are being built now by the secteam. Stew Benedict -- MandrakeSoftOH/TN, USA http://perso.mandrakesoft.com/~sbenedict/ PPC FAQ: http://www.linux-mandrake.com/en/demos/PPC/FAQ/
Re: [Cooker] Will Mandrake release updated kernel for SNF?
On Tue Oct 23, 2001 at 06:29:10AM -0400, Stew Benedict wrote: It is from user's comment to http://linuxtoday.com/news_story.php3?ltsn=2001-10-18-018-20-SC-KN-0005 that describes two kernel bugs (symlink and ptrace): citation Mandrake Single Network Firewall is based on kernel 2.2.19 I guess this episode will provide a good test of whether people should trust Mandrake as a company to keep their products secure... There has been no replacement product for Mandrake SNF7.2 If there is none planned, it may be that they believe they can just let this slide without producing an update for people who bought the box...That would be unfortunate. 2.2.19 in cooker has been updated with the appropriate patches, and kernels for the previous products are being built now by the secteam. Yup. I expect to have them available in the next 24-48hrs (the 2.2 kernels). The 2.4 kernels will be a little longer yet. This is also dependant upon how fast they go through QA. -- [EMAIL PROTECTED], OpenPGP key available on www.keyserver.net 1024D/FE6F2AFD 88D8 0D23 8D4B 3407 5BD7 66F9 2043 D0E5 FE6F 2AFD - Danen Consulting Serviceswww.danen.net, www.freezer-burn.org - MandrakeSoft, Inc. Security www.linux-mandrake.com Current Linux kernel 2.4.8-26mdk uptime: 6 days 17 hours 59 minutes. PGP signature