Kernel Security Advisory-- Linux
Straight_Man
Geeky, in my own wayNaples, FL Icrontian
Many distros have this fix, so it needs to be out in use.
Here is Mandrake's case on what is up and how important this patch is:
http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2003:074
For those who might not know, Mandrake releases patches and then does public advisories, so this is to get the word out that the patch exists and if you can to use it. If you have a distro that you do not know has this patch, please check-- especially if you have kernel 2.4.20 or earlier on any of your boxes as those kernel have even more holes than this patch fixes for kernel 2.4.20 and 2.4.21 on Mandrake. RedHat users should not use particular patch from Mandrake, they need to use a RedHat patch. Everyone should use their own distro's patch.
I probably will spread the word on major things that fix multiple vulnerabilities, but urge those who do not know how to patch kernels to learn. Users with Mandrake and RedHat of the latest versions can install kernel patches with the software maanger now. Folks with earlier versions need to seehow their version does a kernel patch with instructions either on their hard drives or online at distro publisher sites.
In the case of Mandrake, ALL versions now supported by Mandrake have patches for this kernel revision except for one-- the Athlon64 revision is still in testing and in use by partners, the testers and partners have the patch for that version.
Don't get scared, patch it. MOST widepsread web problems exist cuz folks HAVE NOT applied security hole fixes.
John Danielson.
Here is Mandrake's case on what is up and how important this patch is:
http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2003:074
For those who might not know, Mandrake releases patches and then does public advisories, so this is to get the word out that the patch exists and if you can to use it. If you have a distro that you do not know has this patch, please check-- especially if you have kernel 2.4.20 or earlier on any of your boxes as those kernel have even more holes than this patch fixes for kernel 2.4.20 and 2.4.21 on Mandrake. RedHat users should not use particular patch from Mandrake, they need to use a RedHat patch. Everyone should use their own distro's patch.
I probably will spread the word on major things that fix multiple vulnerabilities, but urge those who do not know how to patch kernels to learn. Users with Mandrake and RedHat of the latest versions can install kernel patches with the software maanger now. Folks with earlier versions need to seehow their version does a kernel patch with instructions either on their hard drives or online at distro publisher sites.
In the case of Mandrake, ALL versions now supported by Mandrake have patches for this kernel revision except for one-- the Athlon64 revision is still in testing and in use by partners, the testers and partners have the patch for that version.
Don't get scared, patch it. MOST widepsread web problems exist cuz folks HAVE NOT applied security hole fixes.
John Danielson.
0