This doesnt bypass Trusted Path Execution does it? If not, is it safe to say users in that special group can still be trusted?
On Feb 11, 2008 9:19 AM, Michael W Spitzer <[EMAIL PROTECTED]> wrote: > > On Feb 11, 2008 10:09 AM, Dominik Paulus <[EMAIL PROTECTED]> wrote: > > > > > Octavio Ruiz wrote: > > > Any concert about the Linux Kernel Local Root Exploit as showed in the > > > Common Vulnerabilities and Exposure site with id's CVE-2008-0009, > > > CVE-2008-0010, CVE-2008-0600? > > > > > > http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0009 > > > http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0010 > > > http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0600 > > > > > > gentoo-sources and vanilla-sources are affected among probably others. > > > > See http://bugs.gentoo.org/show_bug.cgi?id=209460 > > > > > > > > -- > > gentoo-security@lists.gentoo.org mailing list > > > > > > There's also a quick rundown here: > http://www.reactivated.net/weblog/archives/2008/02/critical-linux-kernel-vmsplice-security-issues/ > -- gentoo-security@lists.gentoo.org mailing list
