On Wed, Nov 4, 2009 at 9:15 AM, Dominic Hargreaves <d...@earth.li> wrote: > On Wed, Nov 04, 2009 at 09:05:20AM -0800, john wrote: >> I see that there is another null pointer dereference flaw being talked about. >> http://www.theregister.co.uk/2009/11/03/linux_kernel_vulnerability/ >> >> It looks like we can take step in Debian 5.0 to mitigate this threat by >> setting >> echvm.mmap_min_addr = 4096 >> >> per http://wiki.debian.org/mmap_min_addr >> >> I am running some servers running Debian 4.0. I doesn't look like >> there is a /etc/sysctl.d/mmap_min_addr.conf to edit. Where are these >> values stored >> under Debian 4.0. >> >> What is the right way to proceed? Should I be looking at upgrading my >> servers? > > The mmap_min_addr tuneabout was not introduced until after 2.6.18, > which is the default etch kernel. I am using the 'etchnhalf' kernel > (linux-image-2.6.24-etchnhalf*) on an etch machine, partly since it > offers this protection. > Thanks Dominic,
So would sudo apt-get install linux-image-2.6.24-etchnhalf.1-686 be the right approach here? John > -- > Dominic Hargreaves | http://www.larted.org.uk/~dom/ > PGP key 5178E2A5 from the.earth.li (keyserver,web,email) > -- To UNSUBSCRIBE, email to debian-security-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
