Nigel Jones <dev <at> nigelj.com> writes: > https://admin.fedoraproject.org/updates/search/CVE-2008-1669 shows nothing. Although that particular one has been fixed by building 2.6.24.7: http://lwn.net/Articles/281225/ http://koji.fedoraproject.org/koji/buildinfo?buildID=48407 However, F9 is 2.6.25 based, so that isn't going to apply. And, 2.6.24 isn't getting any more updates either and this says that everyone on 2.6.24 should go to 2.6.25.3, which has fixes to yet another two security problems: http://lwn.net/Articles/281689/ I would think these kernel rebuilds shouldn't be all that difficult to do and I don't know what the holdup is. When build time is added to push to stable time, it all adds up to significant number of days for Fedora having an unpatched kernel containing known security problems. -- Bojan -- fedora-devel-list mailing list fedora-devel-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-devel-list
