On Fri, Jul 14, 2006 at 01:26:02PM -0400, Dave Jones wrote: > On Fri, Jul 14, 2006 at 11:23:19AM -0600, Art Edwards wrote: > > I'm running 2.6.17-1.2139_FC5. Is this vulnerable to the Linux Kernel PRCTL Core Dump Handling Privilege Escalation Vulnerability? > yes. There's a fixed kernel in updates-testing that I've now > requested be moved to updates-final today. Hi Dave. Mark Cox comments on LWN <http://lwn.net/Articles/191166/> that Red Hat's security team was aware of this issue on June 19th and had a working exploit a few days later, and that the embargo was lifted on July 6th. Any particular reason this didn't go out for Fedora on the 6th? Does someone need to get you faster computers, or some code monkeys, or something? -- Matthew Miller mattdm@xxxxxxxxxx <http://mattdm.org/> Boston University Linux ------> <http://linux.bu.edu/> -- fedora-devel-list mailing list fedora-devel-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-devel-list
