You can now download a kernel that is not vulnerable from any stable repository. Any kernel that has a -6 in the name. Like linux-image-2.6.18-6-686. For instance: # apt-get install linux-image-2.6.18-6-686 Or you can point apt to an unstable archive and do this: # apt-get install linux-image-2.6.24-2-686 The problem is that these kernels don't have the speakup patch. Last week I installed non-speakup kernels on the 100+ machines in tmy department. I wonder if Shane is going to post 2.6.18-6 kernels on his space on people.debian.org? I downloaded the 2.6.24 kernel from an unstable repository. Then I got the config file from that kernel and used it to build a kernel patched with speakup. I would imagine that Shane does something similar when he builds his kernels. I haven't tried the new kernel yet. Various other things have drawn me away from the kernel problem. If it works, I am going to have to go around and install the new kernel on the 100+ machines. Well, I can do them remotely but it's still going to take me forever. ----- Original Message ----- From: "Jude DaShiell" <jdashiel@xxxxxxxxxxxxxx> To: <speakup at braille.uwo.ca> Sent: Thursday, February 14, 2008 4:30 PM Subject: re: kernel vulnerability > It's a kernel patch that needs doing to fix this vulnerability and most > Linux kernels made available over the last year can be exploited by this > vulnerability. The vulnerability isn't stopped by different hardware > either, it works as well on an AMD 64 as an i386 machine according to > messages over on the debian-user list. > > > > _______________________________________________ > Speakup mailing list > Speakup at braille.uwo.ca > http://speech.braille.uwo.ca/mailman/listinfo/speakup > >
