public inbox for gentoo-user@lists.gentoo.org
 help / color / mirror / Atom feed
From: "Timothy A. Holmes" <tholmes@mcaschool.net>
To: <gentoo-user@lists.gentoo.org>
Subject: [gentoo-user] Linux Kernel Warning
Date: Fri, 14 Jul 2006 17:01:38 -0400	[thread overview]
Message-ID: <17CD9CE4C0FA574A8B29EF02D49B385D0F5646@srvexch-01.mcaschool.local> (raw)

Hi Folks:

I received the following warning from SANS yesterday, and I need to know
how to appropriately respond:

http://www.isc.sans.org/diary.php?storyid=1482

To summarize the story at the above link, there appears to be a
vulnerability in the linux kernel, which when exploited, will allow a
user to gain root privileges.  

Normally, I would simply upgrade to the latest kernel from portage, and
be done with it, however, here is the problem:

QUOTING SANS HERE:
"As all kernels 2.6.13 up to version 2.6.17.4 and 2.6.16 before
2.6.16.24 are affected, you should patch as soon as possible, even if
you don't allow any local users on your machines."

As of this morning, the latest Kernel version in portage is 2.6.16-r12.
It seems that there is a different versioning / naming scheme used but
im not sure.  Can someone please let me know how to respond, or point me
to appropriate reading so I can protect myself.

Thanks

TIM

Timothy A. Holmes
IT Manager / Network Admin / Web Master / Computer Teacher
 
Medina Christian Academy
A Higher Standard...
 


-- 
gentoo-user@gentoo.org mailing list



             reply	other threads:[~2006-07-14 21:16 UTC|newest]

Thread overview: 8+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2006-07-14 21:01 Timothy A. Holmes [this message]
2006-07-14 21:15 ` [gentoo-user] Linux Kernel Warning Richard Fish
2006-07-14 21:22 ` Raymond Lewis Rebbeck
2006-07-14 21:24 ` Donnie Berkholz
2006-07-14 21:44   ` Ow Mun Heng
2006-07-14 21:40 ` Daniel Drake
2006-07-14 22:59   ` Daniel Drake
  -- strict thread matches above, loose matches on Subject: below --
2006-07-15 14:47 Timothy A. Holmes

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=17CD9CE4C0FA574A8B29EF02D49B385D0F5646@srvexch-01.mcaschool.local \
    --to=tholmes@mcaschool.net \
    --cc=gentoo-user@lists.gentoo.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox