Thomas, My brother tells me that there has been some discussion about this on the kernel list. RedHat's patch was applied to 2.4.21 (plus 2.5.69) but people are reporting that the patch breaks other things so it is not yet ready for prime time.
At this point this remains only a theoretical flaw which someone noticed while hacking on the kernel. No one has shown an actual exploit. Until the kernel hackers can do their thing, there isn't much the Debian project can do. You may want to monitor the kernel list for more up-to-date information. Pete -- http://www.elbnet.com ELB Internet Service, Inc. Web Design, Computer Consulting, Internet Hosting Thomas Hebinck wrote: > > Hi, > > is there really nobody who knows anything about this vulnerability? > We use Debian Woody as firewall ... > > Sincerely, > Thomas > > >-----Original Message----- > >From: www-data [mailto:[EMAIL PROTECTED] Behalf Of > >[EMAIL PROTECTED] > >Sent: Wednesday, May 21, 2003 11:50 AM > >To: debian-isp@lists.debian.org > >Subject: Routingtable vulnerability > > > > > > > > > >Due to the fact that I'm only subscribed to two Debian related Mailinglists > >(debian-isp and security-announce) I haven't heard of any discussions about > >the > >newly discoverd Kernel vulnerability (Routingtables, > >http://rhn.redhat.com/errata/RHSA-2003-172.html). > >Has this been discussed on Debian-Lists and are there any countermesasures > >recommended? > > > >Best Regards, > >Dominik Schulz > > > >------------------------------------------------- > >This mail sent through IMP: http://horde.org/imp/ > > > > > >-- > >To UNSUBSCRIBE, email to [EMAIL PROTECTED] > >with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED] > > > > > > -- > To UNSUBSCRIBE, email to [EMAIL PROTECTED] > with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
