On Fri, Sep 12, 2008 at 05:14:51AM -0400, Simon Valiquette wrote: > Alexander Reichle-Schmehl un jour ?crivit: >> Hi! >> * Kheng Teong Goh <[EMAIL PROTECTED]> [080912 04:21]: >>> I have 2 system on slicehost running debian. apt-get update and apt-get >>> upgrade has not been upgrading my kernel. It has been upgrading other >>> packages. >>> >>> Kernel remains as : 2.6.18-xen #1 SMP Tue Feb 12 06:40:50 UTC 2008 x86_64 >> The latest kernel related DSA (1636) only affected the 2.6.24 >> kernel shipped >> with Etch-and-a-half. > > I can see that CVE-2008-3272 and CVE-2008-3275 had already been fixed > in DSA-1630-1, but can you confirm that the other CVE doesn't affect > 2.6.18? > > > More specifically, can someone confirm that CVE-2008-3915 doesn't affect > the 2.6.18 kernel series in Debian? If I believe this link, this bug is > not limited to 2.6.24 in Etch-and-a-half.
The code affected by CVE-2008-3915 was added between 2.6.18 and 2.6.19. Fixes for CVE-2008-3276 and CVE-2007-6716 are pending for the next 2.6.18 update. > http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-3915 > > Simon Valiquette > > > -- dann frazier -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
