Sven Luther <[EMAIL PROTECTED]> wrote: > On Wed, Nov 09, 2005 at 02:48:10PM +0100, Moritz Muehlenhoff wrote: >> Hi Horms and the rest of debian-kernel, >> Al Viro has found another local DoS vulnerability in the kernel; one >> can trigger an oops in sysctl. The fix is the only code change in >> 2.6.14.1 and has been assigned CVE-2005-2709. > > Sadly, Manoj uploaded an untried kernel-package version to unstable, which > broke kernel builds, this is currently being worked on, but at this time there > has not been a confirmed fix yet, so it is not possible to upload packages > containign 2.6.14.1 which fix this CVE and was mentioned here a coupe of hours > ago. The patches are already in our SVN repo though, so you could try building > them yourself with the older kernel-package, or wait a bit.
I think that the kernel-package problems have advanced this afternoon, I put in one or two changes into trunk/linux-2.6. I haven't checked the results of a build, but I encourage others to do so. -- Horms -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
