To: [EMAIL PROTECTED] Hi all. Last January I received the security announcement that follows. When I tried to use apt-get update and upgrade as always, this was not downloaded. Has anyone else had this problem? I'm pretty sure that I downloaded a kernel security upgrade last Sept. w/o any problems.
Here's what I have in my /boot folder now: dozer:/boot# ls System.map-2.4.18-newpmac config-2.4.18-newpmac first.b second.b vmlinux-2.4.18-newpmac Thanks, Barry Message-Id: <[EMAIL PROTECTED]> Date: Wed, 7 Jan 2004 13:26:50 +0100 (CET) To: [EMAIL PROTECTED] (Debian Security Announcements) From: [EMAIL PROTECTED] (Martin Schulze) Subject: [SECURITY] [DSA 417-1] New Linux 2.4.18 packages fix local root exploit (powerpc+alpha) -------------------------------------------------------------------------- Debian Security Advisory DSA 417-1 [EMAIL PROTECTED] http://www.debian.org/security/ Martin Schulze January 7th, 2004 http://www.debian.org/security/faq - -------------------------------------------------------------------------- Package : kernel-patch-2.4.18-powerpc, kernel-image-2.4.18-1-alpha Vulnerability : mising boundary check Problem-Type : local Debian-specific: no CVE ID : CAN-2003-0985 Paul Starzetz discovered a flaw in bounds checking in mremap() in the Linux kernel (present in version 2.4.x and 2.6.x) which may allow a local attacker to gain root privileges. Version 2.2 is not affected by this bug. For the stable distribution (woody) this problem has been fixed in version 2.4.18-1woody3 for the powerpc architecture. For the unstable distribution (sid) this problem will be fixed soon with newly uploaded packages. We recommend that you upgrade your kernel packages. This problem has been fixed in the upstream version 2.4.24 as well. __________________________________ Do you Yahoo!? Yahoo! Search - Find what you’re looking for faster http://search.yahoo.com -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
