Am 15.05.2014 um 11:22 schrieb Leon Fauster :
> Am 15.05.2014 um 07:23 schrieb Eero Volotinen :
>>
>> 2014-05-12 21:13 GMT+03:00 James Hogarth :
>>
>>> Remember to be especially aware if you have systems that can potentially
>>> have code uploaded and run (ftp to httpd vhost or improper php confi
Am 15.05.2014 um 12:31 schrieb Peter :
> On 05/15/2014 09:22 PM, Leon Fauster wrote:
>> cite: "This issue does affect the versions of the Linux kernel packages as
>> shipped
>> with Red Hat Enterprise Linux 6.2 AUS, Red Hat Enterprise Linux 6.3 EUS and
>> Red Rat
>> Enterprise MRG 2, and we are
On 05/15/2014 09:22 PM, Leon Fauster wrote:
> cite: "This issue does affect the versions of the Linux kernel packages as
> shipped
> with Red Hat Enterprise Linux 6.2 AUS, Red Hat Enterprise Linux 6.3 EUS and
> Red Rat
> Enterprise MRG 2, and we are currently working on corrected kernel packages
Am 15.05.2014 um 07:23 schrieb Eero Volotinen :
>
> 2014-05-12 21:13 GMT+03:00 James Hogarth :
>
>> Remember to be especially aware if you have systems that can potentially
>> have code uploaded and run (ftp to httpd vhost or improper php config and
>> file ownership/permissions).
>>
>> This doe
"This issue does not affect the versions of Linux kernel packages as
shipped with Red Hat Enterprise Linux 6.4 EUS and Red Hat Enterprise Linux
6, because they include backport of upstream commit c56a00a165 that
mitigates this issue."
2014-05-12 21:13 GMT+03:00 James Hogarth :
> Remember to be e
On 12/05/14 22:11, Keith Keller wrote:
> On 2014-05-12, Akemi Yagi wrote:
>>
>> According to the upstream BZ 1094232, there is a patch from kernel.org:
>>
>> https://git.kernel.org/cgit/linux/kernel/git/gregkh/tty.git/commit/?h=tty-linus&id=4291086b1f081b869c6d79e5b7441633dc3ace00
>
> Actually, I
On Tue, May 13, 2014 at 2:05 AM, Leon Fauster
wrote:
> Am 12.05.2014 um 20:58 schrieb Akemi Yagi :
>> On Mon, May 12, 2014 at 11:23 AM, Keith Keller
>>> Are there any mitigation steps we can take? I've chased down some of
>>> the links looking for any, but haven't had success yet.
>>
>> According
Am 12.05.2014 um 20:58 schrieb Akemi Yagi :
> On Mon, May 12, 2014 at 11:23 AM, Keith Keller
>> Are there any mitigation steps we can take? I've chased down some of
>> the links looking for any, but haven't had success yet.
>
> According to the upstream BZ 1094232, there is a patch from kernel.or
On 12 May 2014 22:15, "Keith Keller"
wrote:
> Actually, I was wondering about mitigation along the lines of
> blacklisting a module, tuning a sysctl parameter, or some other
> mitigation that wouldn't require a new kernel. Perhaps such mitigation
> isn't even possible with this issue.
>
Yeah I'v
On 2014-05-12, Akemi Yagi wrote:
>
> According to the upstream BZ 1094232, there is a patch from kernel.org:
>
> https://git.kernel.org/cgit/linux/kernel/git/gregkh/tty.git/commit/?h=tty-linus&id=4291086b1f081b869c6d79e5b7441633dc3ace00
Actually, I was wondering about mitigation along the lines o
On Mon, May 12, 2014 at 11:23 AM, Keith Keller
wrote:
> On 2014-05-12, James Hogarth wrote:
>>
>> This does not affect el5 ... an el6 update is pending.
>>
>> https://access.redhat.com/security/cve/CVE-2014-0196
>
> Are there any mitigation steps we can take? I've chased down some of
> the links
On 2014-05-12, James Hogarth wrote:
>
> This does not affect el5 ... an el6 update is pending.
>
> https://access.redhat.com/security/cve/CVE-2014-0196
Are there any mitigation steps we can take? I've chased down some of
the links looking for any, but haven't had success yet.
--keith
--
kkel
12 matches
Mail list logo
