On Thu, 2003-05-08 at 10:54, Oliver Hitz wrote:
On 08 May 2003, Markus Kolb wrote:
There are patched Debian kernel images with version 2.4.18-7 by the
kernel-image maintainer Herbet Xu but not in official debian package
trees. Just don't know where to find Herbert's packages. Perhaps
On Fri, 2003-05-09 at 00:27, Jon wrote:
Sources are patched as of woody.2, according to this changes file[1],
but only woody.1 images are available[2], as far as I can tell. The
images at the second URL are still vulnerable:
On Thu, 08 May 2003 01:30:15 +0200, in linux.debian.security you
wrote:
kernel. The ptrace bug is not the only problem as there are other
security problems (for example in the netfilter code) that have never
been fixed in stable.
could you please speek out about this?
Where can I find more
On Wednesday 07 May 2003 14:53, Peter Holm wrote:
Hi,
may I be allowed to ask some questions?
I am a little bit confused about the latest discussions on the ptrace
kernel bug.
[...]
Why isnĀ“t there a security warning about that ptrace bug?
[...]
Well the most problem is that Marcelo
By the way there are people not following security lists and they
that was my situation. there must be hundreds or thousands of people
out there, which also do have just little time for administering their
debian installs and rely on security announcement list and apt-get.
Also, if I
The security team has already released two DSA's on the ptrace issue.
Those would be DSA 270 and DSA 276. Why they have not put priority on
fixing it for the i386 architecture I do not know, but I do know that
modifying the kernel in stable on i386 is a monstrous problem, as doing
it right means
On 08 May 2003, Markus Kolb wrote:
There are patched Debian kernel images with version 2.4.18-7 by the
kernel-image maintainer Herbet Xu but not in official debian package
trees. Just don't know where to find Herbert's packages. Perhaps
someone can post the place!
You can find patched
On Thu, 08.05.03, Joey Hess [EMAIL PROTECTED] wrote:
fixing it for the i386 architecture I do not know, but I do know that
modifying the kernel in stable on i386 is a monstrous problem, as doing
it right means you have to:
- rebuild all the different kernel images
- rebuild all the modules
Nils Juergens wrote:
fixing it for the i386 architecture I do not know, but I do know that
modifying the kernel in stable on i386 is a monstrous problem, as doing
it right means you have to:
- rebuild all the different kernel images
- rebuild all the modules packages external to the
Hi,
may I be allowed to ask some questions?
I am a little bit confused about the latest discussions on the ptrace
kernel bug.
As I am not a regular reader of this mailing list but heavily relying
on the debian security announce mailing list and apt-get, I was really
wondering why I could not
On Wednesday 07 May 2003 14:53, Peter Holm wrote:
The actual kernel sources that one can get via apt-get, are they
already patched?
I have to admit that I didn't follow this issue closely, you'll have to get
this info elsewhere.
And: which informtion sources do I have to follow to become
Am Mit, 2003-05-07 um 17.05 schrieb Adrian 'Dagurashibanipal' von
Bidder:
On Wednesday 07 May 2003 14:53, Peter Holm wrote:
The actual kernel sources that one can get via apt-get, are they
already patched?
kernel-source-2.4.20 in unstable is patched.
I fear there's no such place. The
HI,
This is unfortunate, but I guess it cannot be changed as the security team
reputedly is quite heavily loaded even now.
so is the debian project facing a kind of DOS-Attack on an
organizatory level? This seems to be a social vulnerability then.
Have a nice thread,
Peter
I think you'll find the bugtraq list at http://securityfocus.com/ to
be the leading edge for security information. I like focus-linux too.
http://securityfocus.com/archive
To find more current news on issues / exploits, you would probably need
to follow some particular IRC or whatever the evil
14 matches
Mail list logo
