On Thu, May 07, 2009 at 11:33:22AM +0200, mex wrote:
> ist this the same like DSA-1787 /
> http://www.debian.org/security/2009/dsa-1787
> ??
No, that relates to linux-2.6.24, an alternate kernel version for etch.
Some of the issues will overlap, but the software release is different
so which adv
@lists.debian.org
נושא: Re: New Linux 2.6.18 packages fix several vulnerabilities
On Wed, Oct 15, 2008 at 04:02:03PM +0200, Eli Shemer wrote:
> http://lists.debian.org/debian-security-announce/2008/msg00041.html
fyi, that's a very old update - many updates have happened since.
>
>
On Wed, Oct 15, 2008 at 04:02:03PM +0200, Eli Shemer wrote:
> http://lists.debian.org/debian-security-announce/2008/msg00041.html
fyi, that's a very old update - many updates have happened since.
>
>
> hey there,
>
>
>
> what I don't really understand is whether the bug is only relevant to
http://lists.debian.org/debian-security-announce/2008/msg00041.html
hey there,
what I don't really understand is whether the bug is only relevant to
the 2.6.18 branch or that the patch was only applied to that branch ?
if I have a recently installed linux-image-2.6.26-1-486 will I need
On Wed, Oct 15, 2008 at 02:08, dann frazier <[EMAIL PROTECTED]> wrote:
> Its correct in the archives - maybe an issue on your end?
> http://lists.debian.org/debian-security-announce/2008/msg00245.html
I received:
apt-get update
will update the internal database
apt-get upgrade
wil
On Tue, Oct 14, 2008 at 12:30:08PM +0100, Swale Robin wrote:
> Dann,
>
> Good morning. It looks like the instructions for upgrading given in your
> email have lost a line:
>
> "If you are using the apt-get package manager, use the line for
> sources.list as given below:
> apt-get update
>
t: [SECURITY] [DSA 1653-1] New Linux 2.6.18 packages fix several
vulnerabilities
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
- --
Debian Security Advisory DSA-1653-1[EMAIL PROTECTED]
http:
On Thu, Aug 21, 2008 at 10:34:06AM -0600, dann frazier wrote:
> For the stable distribution (etch), this problem has been fixed in
> version 2.6.18.dfsg.1-22etch2.
It would be useful, now that we have etchnhalf kernels, for advisories
to have statements of the status of those as well as the 2.6.1
* Stephen Gran schrieb:
> I also do some rummaging around to figure out what the meta package is
> currently depending on, so that I know what vesion Debian currently
> considers newest, then compare that to /proc/version. That only works
> for etch and newer kernel images, though, so I think I'll
On Mon, 05 May 2008, Peter Palfrader wrote:
> On Mon, 05 May 2008, Bernd Eckenfels wrote:
>
> > In article <[EMAIL PROTECTED]> you wrote:
> > > Apropos. Is there a way to get that information from a vmlinuz file on
> > > disk? Without booting it, that is.
> >
> > Interesting enough my (somewha
On Mon, 05 May 2008, Bernd Eckenfels wrote:
> In article <[EMAIL PROTECTED]> you wrote:
> > Apropos. Is there a way to get that information from a vmlinuz file on
> > disk? Without booting it, that is.
>
> Interesting enough my (somewhat older) file command does only print "x86
> boot sector",
This one time, at band camp, Peter Palfrader said:
> debian.org kernel packages don't however. Which makes it not exactly
> suiteable for a nagios check for "is the running kernel the one on the
> fileystem".
This one time, at band camp, Noah Meyerhans said:
> I compare the ctime of the kernel im
On Mon, May 05, 2008 at 02:57:34AM +0200, Peter Palfrader wrote:
> On Mon, 05 May 2008, Bernd Eckenfels wrote:
>
> > In article <[EMAIL PROTECTED]> you wrote:
> > > Apropos. Is there a way to get that information from a vmlinuz file on
> > > disk? Without booting it, that is.
> >
> > Interestin
On Mon, 05 May 2008, Bernd Eckenfels wrote:
> In article <[EMAIL PROTECTED]> you wrote:
> > Apropos. Is there a way to get that information from a vmlinuz file on
> > disk? Without booting it, that is.
>
> Interesting enough my (somewhat older) file command does only print "x86
> boot sector",
In article <[EMAIL PROTECTED]> you wrote:
> Apropos. Is there a way to get that information from a vmlinuz file on
> disk? Without booting it, that is.
Interesting enough my (somewhat older) file command does only print "x86
boot sector", but I think some magic files supported it. Otherwise you
On Sat, 03 May 2008, Dominic Hargreaves wrote:
> cat /proc/version
>
> will give you the full version of the booted kernel.
Apropos. Is there a way to get that information from a vmlinuz file on
disk? Without booting it, that is.
Peter
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a s
On Sat, May 03, 2008 at 10:57:38PM +0200, Mike Gerber wrote:
> Given a system with the package "linux-image-2.6.18-6-686" installed,
> version "2.6.18.dfsg.1-18etch3" and:
>
> # uname -r
> 2.6.18-6-686
>
> How do I decide that the fixed kernel is actually booted? Other than by
> uptime?
cat /
Hi,
> Package: linux-2.6
> Vulnerability : several vulnerabilities
> Problem type : local
> Debian-specific: no
> CVE Id(s) : CVE-2007-6694 CVE-2008-0007 CVE-2008-1294 CVE-2008-1375
> [...]
> For the stable distribution (etch), this problem has been fixed in version
> 2.6.18.dfsg.1
; To: [EMAIL PROTECTED]
> [EMAIL PROTECTED]
> BCC: David Nowak <[EMAIL PROTECTED]>
> Creation Date: 1/29 1:04 pm
> Subject: [SECURITY] [DSA 1479-1] New Linux 2.6.18 packages fix several
> vulnerabilities
>
>
Moe sir what is the code for the phone I'm havin a brain fart
-Original Message-
From: [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
[EMAIL PROTECTED]
BCC: David Nowak <[EMAIL PROTECTED]>
Creation Date: 1/29 1:04 pm
Subject: [SECURITY] [DSA 1479-1] New Linux 2.6.18 packages
On 2007-12-11, Jan Hetges <[EMAIL PROTECTED]> wrote:
>
> --6TrnltStXW4iwmi0
> Content-Type: text/plain; charset=us-ascii
> Content-Disposition: inline
> Content-Transfer-Encoding: quoted-printable
>
> Hi
> On Mon, Dec 10, 2007 at 10:51:52PM -0700, dann frazier wrote:
>> -BEGIN PGP SIGNED MESSAG
Hi Jan,
* Jan Hetges <[EMAIL PROTECTED]> [2007-12-11 16:23]:
> On Mon, Dec 10, 2007 at 10:51:52PM -0700, dann frazier wrote:
[...]
> > Package: linux-2.6
> > Vulnerability : several
> > Problem-Type : local/remote
> > Debian-specific: no
> > CVE ID : CVE-2007-3104 CVE-2007-4997
Hi
On Mon, Dec 10, 2007 at 10:51:52PM -0700, dann frazier wrote:
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA1
>
> - --
> Debian Security Advisory DSA 1428-1[EMAIL PROTECTED]
> http://www.debian.org/sec
On Mon, Dec 10, 2007 at 10:51:52PM -0700, dann frazier wrote:
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA1
>
> - --
> Debian Security Advisory DSA 1428-1[EMAIL PROTECTED]
> http://www.debian.org/securi
On Wed, Oct 10, 2007 at 09:15:42AM -0700, Mike Bird wrote:
> On Tuesday 02 October 2007 19:07, dann frazier wrote:
> > At the time of this DSA, only the build for the amd64 architecture is
> > available. Due to the severity of the amd64-specific issues, we are
> > releasing an incomplete update. Th
On Tuesday 02 October 2007 19:07, dann frazier wrote:
> At the time of this DSA, only the build for the amd64 architecture is
> available. Due to the severity of the amd64-specific issues, we are
> releasing an incomplete update. This advisory will be updated once
> other architecture builds become
On Friday 28 September 2007 07:45, Johannes Wiedersich wrote:
> Holger Levsen wrote:
> > Hi,
> >
> > On Friday 28 September 2007 11:18, Jan Wagner wrote:
> >>> Running postinst hook script /sbin/update-grub.
> >>> You shouldn't call /sbin/update-grub. Please call /usr/sbin/update-grub
> >>> instead
Hi,
On Friday 28 September 2007 14:45, Johannes Wiedersich wrote:
> IIRC, this should apply only to upgrades from sarge. It's covered in
> Etch's release notes [1].
I stand corrected, thanks for pointing this out.
> [1]
> http://www.de.debian.org/releases/stable/i386/release-notes/ch-upgrading.e
Hi,
On Friday 28 September 2007 14:32, Marcin Owsiany wrote:
> It's just a warning, so not _that_ bad...
Not that bad, but everytime I see it, I think "bad QA", which is bad.
regards,
Holger
pgp2YO9Lmyjk8.pgp
Description: PGP signature
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Holger Levsen wrote:
> Hi,
>
> On Friday 28 September 2007 11:18, Jan Wagner wrote:
>>> Running postinst hook script /sbin/update-grub.
>>> You shouldn't call /sbin/update-grub. Please call /usr/sbin/update-grub
>>> instead!
>> you need to modify /etc
On Fri, Sep 28, 2007 at 01:10:10PM +0200, Holger Levsen wrote:
> Hi,
>
> On Friday 28 September 2007 11:18, Jan Wagner wrote:
> > > Running postinst hook script /sbin/update-grub.
> > > You shouldn't call /sbin/update-grub. Please call /usr/sbin/update-grub
> > > instead!
> > you need to modify /e
Hi,
On Friday 28 September 2007 11:18, Jan Wagner wrote:
> > Running postinst hook script /sbin/update-grub.
> > You shouldn't call /sbin/update-grub. Please call /usr/sbin/update-grub
> > instead!
> you need to modify /etc/kernel-img.conf!
I believe this happens with a freshly installed etch sys
Hi,
On Friday 28 September 2007 10:04, G.W. Haywood wrote:
> Running postinst hook script /sbin/update-grub.
> You shouldn't call /sbin/update-grub. Please call /usr/sbin/update-grub
> instead!
you need to modify /etc/kernel-img.conf!
With kind regards, Jan.
--
Never write mail to <[EMAIL PROTE
Hi there,
On Thu, 27 Sep 2007, dann frazier wrote:
> - --
> Debian Security Advisory DSA 1378-1[EMAIL PROTECTED]
> http://www.debian.org/security/ Dann Frazier
> September 27t
Apologies if this has already been posted, but:
For CVE-2007-4573 - The proof of concept code posted by Robert Swiecki
on the bugtraq list [1] still works as a local root exploit for the Xen
kernels on AMD64 in the updated packages:
linux-image-2.6.18-5-xen-vserver-amd64_2.6.18.dfsg.1-13etch3
Dimitar Dobrev <[EMAIL PROTECTED]> writes:
> Hi All,
>
> i have build my kernel from source 2.6.18 + debian patches. But after
> every step when configuring the RAID i have rebuild it -
>
> |mkinitrd -o /boot/initrd.img-2.6.18-temp /lib/modules/2.6.18/
> cp ||/boot/initrd.img-2.6.18-temp ||boot/in
On Thu, Aug 16, 2007 at 10:08:18AM +0100, Dominic Hargreaves wrote:
> On Thu, Aug 16, 2007 at 09:34:58AM +0100, Dominic Hargreaves wrote:
>
> > And even then, a dist-upgrade would be needed.
>
> Sorry to be replying to myself.
>
> Of course, this will also need module-assistant style (and any ot
On Thu, Aug 16, 2007 at 09:34:58AM +0100, Dominic Hargreaves wrote:
> On Thu, Aug 16, 2007 at 09:44:12AM +0200, Bj?rn Mork wrote:
> > dann frazier <[EMAIL PROTECTED]> writes:
> >
> > > If you are using the apt-get package manager, use the line for
> > > sources.list as given below:
> > >
> > > apt
Ok
i already tested it - i booted into my raid with the new precompiled
kernel image without any problems!
Regards
Dimitar
Dimitar Dobrev wrote:
Hi All,
i have build my kernel from source 2.6.18 + debian patches. But after
every step when configuring the RAID i have rebuild it -
|mkinit
On Thu, Aug 16, 2007 at 09:44:12AM +0200, Bj?rn Mork wrote:
> dann frazier <[EMAIL PROTECTED]> writes:
>
> > If you are using the apt-get package manager, use the line for
> > sources.list as given below:
> >
> > apt-get update
> > will update the internal database
> > apt-get upgrade
> >
Hi All,
i have build my kernel from source 2.6.18 + debian patches. But after
every step when configuring the RAID i have rebuild it -
|mkinitrd -o /boot/initrd.img-2.6.18-temp /lib/modules/2.6.18/
cp ||/boot/initrd.img-2.6.18-temp ||boot/initrd.img-2.6.18|
|
My question is: What will happen t
On Thu, Aug 16, 2007 at 09:34:58AM +0100, Dominic Hargreaves wrote:
> And even then, a dist-upgrade would be needed.
Sorry to be replying to myself.
Of course, this will also need module-assistant style (and any other)
out-of-tree modules to be rebuilt; I can't remember whether there's ever
been
On Thu, Aug 16, 2007 at 09:44:12AM +0200, Bj?rn Mork wrote:
> dann frazier <[EMAIL PROTECTED]> writes:
>
> > If you are using the apt-get package manager, use the line for
> > sources.list as given below:
> >
> > apt-get update
> > will update the internal database
> > apt-get upgrade
> >
dann frazier <[EMAIL PROTECTED]> writes:
> If you are using the apt-get package manager, use the line for
> sources.list as given below:
>
> apt-get update
> will update the internal database
> apt-get upgrade
> will install corrected packages
This won't work unless there are upd
On Sun, May 13, 2007 at 01:33:16PM +0200, Moritz Muehlenhoff wrote:
> CVE-2007-1496
>
> Michal Miroslaw reported a DoS vulnerability (crash) in netfilter.
> A remote attacker can cause a NULL pointer dereference in the
> nfnetlink_log function.
CVE says:
| nfnetlink_log in netfilter i
On Wed, 2 May 2007 23:13:30 +0200
Stefan Fritsch <[EMAIL PROTECTED]> wrote:
> Hi,
>
> On Mittwoch, 2. Mai 2007, Celejar wrote:
> > Dann Frazier <[EMAIL PROTECTED]> wrote:
> > > Package: linux-2.6
> > > Vulnerability : several
> > > Problem-Type : local/remote
> > > Debian-specific: no
On Wed, 2 May 2007 15:02:57 -0600
dann frazier <[EMAIL PROTECTED]> wrote:
> On Wed, May 02, 2007 at 04:33:15PM -0400, Celejar wrote:
> > > CVE ID : CVE-2007-0005 CVE-2007-0958 CVE-2007-1357 CVE-2007-1592
> > 2) The advisory doesn't mention unstable, but three of the four CVEs
> > affect ke
On Wed, May 02, 2007 at 04:33:15PM -0400, Celejar wrote:
> > CVE ID : CVE-2007-0005 CVE-2007-0958 CVE-2007-1357 CVE-2007-1592
> 2) The advisory doesn't mention unstable, but three of the four CVEs
> affect kernels up to 2.6.21, which would include 2.6.20 in unstable.
You can see the curren
Hi,
On Mittwoch, 2. Mai 2007, Celejar wrote:
> Dann Frazier <[EMAIL PROTECTED]> wrote:
> > Package: linux-2.6
> > Vulnerability : several
> > Problem-Type : local/remote
> > Debian-specific: no
> > CVE ID : CVE-2007-0005 CVE-2007-0958 CVE-2007-1357
> > CVE-2007-1592
> 1) DSA 12
On 05/02/2007 03:37 PM, Dann Frazier wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
- --
Debian Security Advisory DSA 1286-1[EMAIL PROTECTED]
http://www.debian.org/security/
On Wed, 2 May 2007 21:37:39 +0200
Dann Frazier <[EMAIL PROTECTED]> wrote:
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA1
>
> - --
> Debian Security Advisory DSA 1286-1[EMAIL PROTECTED]
> http://www.debi
51 matches
Mail list logo
