From: Dariush Pietrzak (eyck_at_ghost.anime.pl)
Date: Tue 02 Dec 2003 - 06:41:10 GMT
> Either way, because of the "new" local root vulnerability on kernels <= 2.4.22, i really need urgently
> to patch all my boxes to 2.4.23.
>
> When will there be a patch for it?
You don't need to upgrade to 2.4.23
there are rumors that this:
lynx
http://linux.bkbits.net:8080/linux-2.4/diffs/mm/mmap.c_at_1.32?nav=cset_at_1.1148.2.2
fixes that vulnerability, you can patch your older kernel with this and go
on with your life.
I don't like very much the idea of upgrading to 2.4.23 all my stable
machines, when there are unstable changes in it ( OOM ).
-- Key fingerprint = 40D0 9FFB 9939 7320 8294 05E0 BCC7 02C4 75CC 50D9 Namagumi namagomi namagoroshi _______________________________________________ Vserver mailing list Vserver_at_list.linux-vserver.org http://list.linux-vserver.org/mailman/listinfo/vserver