Dave Jones <davej@xxxxxxxxxx> writes: > On Sat, Jul 15, 2006 at 12:52:58AM -0400, Luke Macken wrote: > > > I'm not sure what went on between the embargo, July 6th, and when > > kernel-2.6.17-1.2157_FC5 was submitted and pushed out to > > updates-testing on July 12th. > > I was swamped with trying to get rawhide in shape for test2. > (Turns out we slipped a week anyway). > > > The package then sat in update-testing for 51 > > hours until it was pushed out as final on the 14th. > > I wanted it to simmer for at least a day due to the xen update > that got merged into cvs during the above time period. > Ideally, an update should have gone out fixing just the security bug, > but branching cvs, and doing another rebuild would have added at least > a day. > > There's another vulnerability that has been announced today, and > another -stable got pushed out this evening. However there's some > concern that it breaks HAL, I'll investigate further in the morning, > and see if I can get something out tomorrow evening before I disappear > for a day whilst travelling to kernel summit/OLS. > > Dave > Does this kind of vulnerability affect machines that only have sshd enabled? I'm still using Kernel 2.6.16.20. thanks -- Leon -- fedora-devel-list mailing list fedora-devel-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-devel-list
