On Tue, 2010-01-05 at 22:47 -0500, Michael Gilbert wrote:
> > Actually, no Debian release contains a kernel version affected by
> > CVE-2009-3889.
>
> CVE-2009-3889 was fixed in upstream commit 66dca9b8 in linux 2.6.27, so
> debian's 2.6.24 and 2.6.26 are affected, but 2.6.18 and 2.6.32 are not.
>
> Actually, no Debian release contains a kernel version affected by
> CVE-2009-3889.
CVE-2009-3889 was fixed in upstream commit 66dca9b8 in linux 2.6.27, so
debian's 2.6.24 and 2.6.26 are affected, but 2.6.18 and 2.6.32 are not.
You can look at the dbg_lvl permissions, for example in the 2.6.32
ke
On Tue, Dec 29, 2009 at 09:57:25PM +, Ben Hutchings wrote:
> CVE-2009-3889 should be dealt with at the same time. That covers the
> dbg_lvl parameter which is also world-writable.
Actually, no Debian release contains a kernel version affected by
CVE-2009-3889.
Ben.
--
Ben Hutchings
When yo
CVE-2009-3889 should be dealt with at the same time. That covers the
dbg_lvl parameter which is also world-writable.
Ben.
--
Ben Hutchings
When you say `I wrote a program that crashed Windows', people just stare ...
and say `Hey, I got those with the system, *for free*'. - Linus Torvalds
sign
package: linux-2.6
version: 2.6.32-3
severity: important
tags: patch , security
hi,
attached is a patch for the megaraid poll_mode_io permissions issue.
mike
diff -ur a/linux-2.6-2.6.32/drivers/scsi/megaraid/megaraid_sas.c b/linux-2.6-2.6.32/drivers/scsi/megaraid/megaraid_sas.c
--- a/linux-2.6-2
5 matches
Mail list logo
