On Thu, Mar 17, 2005 at 10:59:17AM -0500, Joey Hess wrote: > Geoff Crompton wrote: > > Package: kernel-source-2.6.8 > > Version: 2.6.8-13 > > Severity: critical > > Justification: root security hole > > > > There is a local integer overflow vulnerability in the sys_epoll_wait() > > call. See following for detail: > > http://www.securityfocus.com/bid/12763/ > > > > Apologies if already reported. > > This was already fixed in 2.6.8-14, although AFAIK we've get to get > the kernel-images built from it.
I believe that the current plan is to wait for the soon to be released 2.6.8-15, which has additional security fixes, before making the images. In any case, as the bug is fixed in the source package, I am going to close it. -- Horms -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
