From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from pigeon.gentoo.org ([69.77.167.62] helo=lists.gentoo.org) by finch.gentoo.org with esmtp (Exim 4.60) (envelope-from <gentoo-security+bounces-792-garchives=archives.gentoo.org@lists.gentoo.org>) id 1JObNq-0006iH-QJ for garchives@archives.gentoo.org; Mon, 11 Feb 2008 16:19:55 +0000 Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id 10B3BE0238; Mon, 11 Feb 2008 16:19:11 +0000 (UTC) Received: from ti-out-0910.google.com (ti-out-0910.google.com [209.85.142.186]) by pigeon.gentoo.org (Postfix) with ESMTP id C395EE0215 for <gentoo-security@lists.gentoo.org>; Mon, 11 Feb 2008 16:19:09 +0000 (UTC) Received: by ti-out-0910.google.com with SMTP id a20so263156tia.10 for <gentoo-security@lists.gentoo.org>; Mon, 11 Feb 2008 08:19:08 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:received:received:message-id:date:from:to:subject:in-reply-to:mime-version:content-type:references; bh=XEldJ0syGyC6r8/1tbD2vxzroLiPLbYoatsHPsUQX2A=; b=WPZNFigrh7nfxMcN5BaLPyy7zy9R0KUyUiVgqrrysqX3OzQ6i1AZC8GLO5dU38dwhqn+2ujNGJJbE5dGHwDMKgKR5ZPWk6IgtaLfPybQvqca0G0Gb/RiFpLipEDgXs7lf03goQNZvZWK1/g3zkNacAMowK2cG1OPzlPzgnK8Eqo= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=message-id:date:from:to:subject:in-reply-to:mime-version:content-type:references; b=aMqPHsTzWAe2Z4s2UFYSOVPnnVOKXszwue9wpSbDY4GNhQKdZExm7gcP2Lp5VezFA7qdRS9edT3Yfz2NghJMAMhzfsrvyN9LQoL4ZcA3oTkINdLF7HzkwwSjqkP+ro/3deCR9eRstQ4hXlUtYS43nWXkB4H6EW4A7Wgtz+5161M= Received: by 10.150.158.8 with SMTP id g8mr59601ybe.25.1202746746645; Mon, 11 Feb 2008 08:19:06 -0800 (PST) Received: by 10.150.155.15 with HTTP; Mon, 11 Feb 2008 08:19:06 -0800 (PST) Message-ID: <cb8f18260802110819l7e0e4016l7f258878fe51db51@mail.gmail.com> Date: Mon, 11 Feb 2008 10:19:06 -0600 From: "Michael W Spitzer" <mwspitzer@gmail.com> To: gentoo-security@lists.gentoo.org Subject: Re: [gentoo-security] Linux Kernel Local Root Exploit In-Reply-To: <47B0733F.3000706@d-paulus.de> Precedence: bulk List-Post: <mailto:gentoo-security@lists.gentoo.org> List-Help: <mailto:gentoo-security+help@lists.gentoo.org> List-Unsubscribe: <mailto:gentoo-security+unsubscribe@lists.gentoo.org> List-Subscribe: <mailto:gentoo-security+subscribe@lists.gentoo.org> List-Id: Gentoo Linux mail <gentoo-security.gentoo.org> X-BeenThere: gentoo-security@lists.gentoo.org Reply-to: gentoo-security@lists.gentoo.org MIME-Version: 1.0 Content-Type: multipart/alternative; boundary="----=_Part_15368_23280090.1202746746625" References: <d9853e4f0802110740w7d96435ag644000fd552ffbf5@mail.gmail.com> <47B0733F.3000706@d-paulus.de> X-Archives-Salt: 0d40a283-4e95-42d6-953a-9ecc079d824b X-Archives-Hash: 8bcd89d5b9484703143695371066f6e8 ------=_Part_15368_23280090.1202746746625 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Content-Disposition: inline On Feb 11, 2008 10:09 AM, Dominik Paulus <dominik@d-paulus.de> wrote: > Octavio Ruiz wrote: > > Any concert about the Linux Kernel Local Root Exploit as showed in the > > Common Vulnerabilities and Exposure site with id's CVE-2008-0009, > > CVE-2008-0010, CVE-2008-0600? > > > > http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0009 > > http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0010 > > http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0600 > > > > gentoo-sources and vanilla-sources are affected among probably others. > > See http://bugs.gentoo.org/show_bug.cgi?id=209460 > -- > gentoo-security@lists.gentoo.org mailing list > > There's also a quick rundown here: http://www.reactivated.net/weblog/archives/2008/02/critical-linux-kernel-vmsplice-security-issues/ ------=_Part_15368_23280090.1202746746625 Content-Type: text/html; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Content-Disposition: inline On Feb 11, 2008 10:09 AM, Dominik Paulus <<a href="mailto:dominik@d-paulus.de">dominik@d-paulus.de</a>> wrote:<br><div class="gmail_quote"><blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;"> <div class="Ih2E3d">Octavio Ruiz wrote:<br>> Any concert about the Linux Kernel Local Root Exploit as showed in the<br>> Common Vulnerabilities and Exposure site with id's CVE-2008-0009,<br>> CVE-2008-0010, CVE-2008-0600?<br> ><br>> <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0009" target="_blank">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0009</a><br>> <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0010" target="_blank">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0010</a><br> > <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0600" target="_blank">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0600</a><br>><br>> gentoo-sources and vanilla-sources are affected among probably others.<br> <br></div>See <a href="http://bugs.gentoo.org/show_bug.cgi?id=209460" target="_blank">http://bugs.gentoo.org/show_bug.cgi?id=209460</a><br><div><div></div><div class="Wj3C7c">--<br><a href="mailto:gentoo-security@lists.gentoo.org">gentoo-security@lists.gentoo.org</a> mailing list<br> <br></div></div></blockquote></div><br>There's also a quick rundown here:<br><a href="http://www.reactivated.net/weblog/archives/2008/02/critical-linux-kernel-vmsplice-security-issues/">http://www.reactivated.net/weblog/archives/2008/02/critical-linux-kernel-vmsplice-security-issues/</a><br> ------=_Part_15368_23280090.1202746746625-- -- gentoo-security@lists.gentoo.org mailing list