public inbox for gentoo-user@lists.gentoo.org
 help / color / mirror / Atom feed
* RE: [gentoo-user] Linux Kernel Warning
@ 2006-07-15 14:47 Timothy A. Holmes
  0 siblings, 0 replies; 8+ messages in thread
From: Timothy A. Holmes @ 2006-07-15 14:47 UTC (permalink / raw
  To: gentoo-user


> -----Original Message-----
> From: Daniel Drake [mailto:dsd@gentoo.org]
> Sent: Friday, July 14, 2006 6:59 PM
> To: gentoo-user@lists.gentoo.org
> Subject: Re: [gentoo-user] Linux Kernel Warning
> 
> Daniel Drake wrote:
> > However, there is a new security bug in the wild, with similar
> > implications. Keep an eye open for new kernel releases over the next
few
> > hours.
> 
> No patch yet, suitable workaround is:
> # mount -o remount,noexec /proc
> 
> Daniel
> --
> gentoo-user@gentoo.org mailing list

[Timothy A. Holmes] 
Thanks folks:

Guess I learned something else new! --  I am finding out fast that
learning and using gentoo is mostly like trying to drink from a firehose
:)



Timothy A. Holmes
IT Manager / Network Admin / Web Master / Computer Teacher
 
Medina Christian Academy
A Higher Standard...


-- 
gentoo-user@gentoo.org mailing list



^ permalink raw reply	[flat|nested] 8+ messages in thread
* [gentoo-user] Linux Kernel Warning
@ 2006-07-14 21:01 Timothy A. Holmes
  2006-07-14 21:15 ` Richard Fish
                   ` (3 more replies)
  0 siblings, 4 replies; 8+ messages in thread
From: Timothy A. Holmes @ 2006-07-14 21:01 UTC (permalink / raw
  To: gentoo-user

Hi Folks:

I received the following warning from SANS yesterday, and I need to know
how to appropriately respond:

http://www.isc.sans.org/diary.php?storyid=1482

To summarize the story at the above link, there appears to be a
vulnerability in the linux kernel, which when exploited, will allow a
user to gain root privileges.  

Normally, I would simply upgrade to the latest kernel from portage, and
be done with it, however, here is the problem:

QUOTING SANS HERE:
"As all kernels 2.6.13 up to version 2.6.17.4 and 2.6.16 before
2.6.16.24 are affected, you should patch as soon as possible, even if
you don't allow any local users on your machines."

As of this morning, the latest Kernel version in portage is 2.6.16-r12.
It seems that there is a different versioning / naming scheme used but
im not sure.  Can someone please let me know how to respond, or point me
to appropriate reading so I can protect myself.

Thanks

TIM

Timothy A. Holmes
IT Manager / Network Admin / Web Master / Computer Teacher
 
Medina Christian Academy
A Higher Standard...
 


-- 
gentoo-user@gentoo.org mailing list



^ permalink raw reply	[flat|nested] 8+ messages in thread

end of thread, other threads:[~2006-07-15 14:54 UTC | newest]

Thread overview: 8+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2006-07-15 14:47 [gentoo-user] Linux Kernel Warning Timothy A. Holmes
  -- strict thread matches above, loose matches on Subject: below --
2006-07-14 21:01 Timothy A. Holmes
2006-07-14 21:15 ` Richard Fish
2006-07-14 21:22 ` Raymond Lewis Rebbeck
2006-07-14 21:24 ` Donnie Berkholz
2006-07-14 21:44   ` Ow Mun Heng
2006-07-14 21:40 ` Daniel Drake
2006-07-14 22:59   ` Daniel Drake

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox