Phil Dyer wrote: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > Joey Hess said: > > > Well to choose one security hole at random out of dozens to hundreds > > that remain unfixed in woody's kernels, this one allows anyone to go from > > a normal user account to root: > > > > CAN-2005-1263 [Linux kernel ELF core dump privilege escalation] > > - kernel-source-2.6.11 2.6.11 2.6.11-4 > > - kernel-source-2.6.8 2.6.8-16 > > - kernel-source-2.4.27 2.4.27-10 > > > I'm a little confused on this. First, I don't see that 2.6.x or 2.4.27 > is available in woody - at least from the debian.org packages page for > woody.
The listed kernel versions are for the debian kernel packages in unstable (but targeted at sarge) that fix the particular hole I used as an example. -- see shy jo
signature.asc
Description: Digital signature
