Ow Mun Heng said: > > >> -----Original Message----- >> From: Matthew Saltzman [mailto:mjs@xxxxxxxxxxxxxxx] >> Sent: Wednesday, December 03, 2003 11:04 PM >> To: shrike-list@xxxxxxxxxx >> Subject: Re: up2date demo mode? >> >> >> Note that a kernel errata for a pretty severe security issue was just >> announced in the last couple of days, so it may take a couple >> more days >> for things to settle down. > > Does anyone know exactly what this errata is? > I read somewhere it's due to > the > call to sys_brk() in mm/mmap.c I did a search in 2.4.23/mm/mmap.c and > didn't > find any refererences to that. So.. It's fixed? 2.4.23 isn't a Red Hat kernel. > BTW, since up2date won't be 'up2date' come april 2004, Sounds like the definition of EOL. > I'm wondering how > we, > end users are gonna know about 'servere' errattas and the where the fixes > are. What fixes? Going EOL doesn't mean just up2date stops, it means Red Hat doesn't produce fixes. You need to: a) Pay someone to do the research and programming for you (Progeny has said they might, if there is enough interest). b) Join a project that is doing the research and programming (Fedora-Legacy comes to mind, though we'll see how it works when it is released). c) Do your own research and programming d) Move to a distro that is still getting support (RHEL or Fedora if you wish to stay with RH. Any number of other distros are out there). -- William Hooper -- Shrike-list mailing list Shrike-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/shrike-list
