From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from lists.gentoo.org ([140.105.134.102] helo=robin.gentoo.org) by nuthatch.gentoo.org with esmtp (Exim 4.60) (envelope-from ) id 1G1VM5-0003xv-5i for garchives@archives.gentoo.org; Fri, 14 Jul 2006 21:37:49 +0000 Received: from robin.gentoo.org (localhost [127.0.0.1]) by robin.gentoo.org (8.13.7/8.13.6) with SMTP id k6ELZ95T025337; Fri, 14 Jul 2006 21:35:09 GMT Received: from py-out-1112.google.com (py-out-1112.google.com [64.233.166.182]) by robin.gentoo.org (8.13.7/8.13.6) with ESMTP id k6ELMvbO003313 for ; Fri, 14 Jul 2006 21:22:57 GMT Received: by py-out-1112.google.com with SMTP id x66so821846pye for ; Fri, 14 Jul 2006 14:22:57 -0700 (PDT) DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=beta; d=gmail.com; h=received:from:to:subject:date:user-agent:references:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:message-id; b=F/lnm59DWaBHs6Zqqe+VEe60xFIVsGNZkARPVjy0fMtEIfuAuqueu98T08EhngvemlphbavbcJ22Jv7r2+2i8XCTE/C9aHdOAjXKfuOs01eWlJskFbVt3qyifTWmPfFYBfTg0p2n+qO1JNtVQ/6mhLJUutywYFOkLFzcU3ATWWA= Received: by 10.35.98.6 with SMTP id a6mr5897pym; Fri, 14 Jul 2006 14:22:56 -0700 (PDT) Received: from ymir.donotfeedtheray.com ( [210.0.108.13]) by mx.gmail.com with ESMTP id q37sm956575pye.2006.07.14.14.22.54; Fri, 14 Jul 2006 14:22:56 -0700 (PDT) From: Raymond Lewis Rebbeck To: gentoo-user@lists.gentoo.org Subject: Re: [gentoo-user] Linux Kernel Warning Date: Sat, 15 Jul 2006 06:52:44 +0930 User-Agent: KMail/1.9.1 References: <17CD9CE4C0FA574A8B29EF02D49B385D0F5646@srvexch-01.mcaschool.local> In-Reply-To: <17CD9CE4C0FA574A8B29EF02D49B385D0F5646@srvexch-01.mcaschool.local> Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-user@gentoo.org Reply-to: gentoo-user@lists.gentoo.org MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit Content-Disposition: inline Message-Id: <200607150652.44720.dystopianray@gmail.com> X-Archives-Salt: 4eef2c48-deb9-4a0e-a1e4-96c848f22a2a X-Archives-Hash: 7de14e33c4cfa6784626bb6a814cfd0f On Saturday, 15 July 2006 6:31, Timothy A. Holmes wrote: > Hi Folks: > > I received the following warning from SANS yesterday, and I need to know > how to appropriately respond: > > http://www.isc.sans.org/diary.php?storyid=1482 > > To summarize the story at the above link, there appears to be a > vulnerability in the linux kernel, which when exploited, will allow a > user to gain root privileges. > > Normally, I would simply upgrade to the latest kernel from portage, and > be done with it, however, here is the problem: > > QUOTING SANS HERE: > "As all kernels 2.6.13 up to version 2.6.17.4 and 2.6.16 before > 2.6.16.24 are affected, you should patch as soon as possible, even if > you don't allow any local users on your machines." > > As of this morning, the latest Kernel version in portage is 2.6.16-r12. > It seems that there is a different versioning / naming scheme used but > im not sure. Can someone please let me know how to respond, or point me > to appropriate reading so I can protect myself. gentoo-sources-2.6.16-r2 includes the 2.6.16.24 patchset. Have a look at the ebuild changelog: http://www.gentoo.org/cgi-bin/viewcvs.cgi/*checkout*/sys-kernel/gentoo-sources/ChangeLog -- Raymond Lewis Rebbeck -- gentoo-user@gentoo.org mailing list