[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: Kernel vulnerability



On Sun, Jul 16, 2006 at 11:51:20AM +0300, Avi Kivity wrote:
 > Dave Jones wrote:
 > >
 > >Additionally, this exploit only works with kernels compiled with support
 > >for a.out style executables, which Fedora isn't.  I've got an update
 > >building for 2.6.17.6 anyway, just to stop the inevitable "why hasn't 
 > >Fedora
 > >been patched" questions.
 > >
 > 
 > Maybe you should send out a "not vulnerable" advisory instead.  
 > Needlessly patching systems is more work for you, for admins, and for 
 > users, and increases the risk of unwanted breakage.

Whilst we believe we've analysed all possible attack vectors for
this bug, there is always the possibility we've missed something, so
it's better safe than sorry.

		Dave

-- 
http://www.codemonkey.org.uk


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]