Kernel vulnerability
Leon
sdl.web at gmail.com
Sat Jul 15 10:17:24 UTC 2006
Dave Jones <davej at redhat.com> writes:
> On Sat, Jul 15, 2006 at 12:52:58AM -0400, Luke Macken wrote:
>
> > I'm not sure what went on between the embargo, July 6th, and when
> > kernel-2.6.17-1.2157_FC5 was submitted and pushed out to
> > updates-testing on July 12th.
>
> I was swamped with trying to get rawhide in shape for test2.
> (Turns out we slipped a week anyway).
>
> > The package then sat in update-testing for 51
> > hours until it was pushed out as final on the 14th.
>
> I wanted it to simmer for at least a day due to the xen update
> that got merged into cvs during the above time period.
> Ideally, an update should have gone out fixing just the security bug,
> but branching cvs, and doing another rebuild would have added at least
> a day.
>
> There's another vulnerability that has been announced today, and
> another -stable got pushed out this evening. However there's some
> concern that it breaks HAL, I'll investigate further in the morning,
> and see if I can get something out tomorrow evening before I disappear
> for a day whilst travelling to kernel summit/OLS.
>
> Dave
>
Does this kind of vulnerability affect machines that only have sshd
enabled? I'm still using Kernel 2.6.16.20.
thanks
--
Leon
More information about the fedora-devel-list
mailing list