I guess we better bump priority of these then, as they look pretty nasty at first glance. - Si On Wednesday 04 August 2004 02:44 pm, Ed Brown wrote: > There are updates out already for RHEL2.1 and 3. Their security > advisory added: > > "These packages contain a patch written by Al Viro to correct these > flaws. > Red Hat would like to thank iSEC Security Research for disclosing this > issue and a number of vendor-sec participants for reviewing and working > on the patch to this issue." > > -Ed > > On Wed, 2004-08-04 at 13:38, Simon Weller wrote: > > Hi all, > > > > Paul Starzetz has just posted to SF with proof of concept for some > > explotiable memory reads. > > > > <sarcasm on> > > So nice of him to give everyone a little warning prior to releasing a > > proof of concept. > > </sarcasm off> > > > > He's suggesting that all 2.4 and all 2.6 kernels are vunerable, and just > > to make our lives more enjoyable, there are currently no fixes out. > > > > regards, > > > > Simon > > -- > > fedora-legacy-list@xxxxxxxxxx > http://www.redhat.com/mailman/listinfo/fedora-legacy-list -- Simon Weller LPIC-2, BCIP Systems Engineer NZServers LTD http://www.nzservers.com/ U.S. Branch <- To mess up a Linux box, you need to work at it; to mess up your Windows box, you just need to work on it. - Scott Granneman, Security Focus -> -- fedora-legacy-list@xxxxxxxxxx http://www.redhat.com/mailman/listinfo/fedora-legacy-list
