Mailinglist Archive: opensuse-security-announce (11 mails)
| < Previous | Next > |
[security-announce] Heads up on vmsplice local root exploit (CVE-2008-0600)
- From: Marcus Meissner <meissner@xxxxxxx>
- Date: Mon, 11 Feb 2008 17:08:46 +0100
- Message-id: <20080211160846.GA25258@xxxxxxx>
Hi folks,
As you are undoubtly aware a new local root exploit has been
discovered on the weekend and reported to a wide audience.
The CVE identifier is CVE-2008-0600.
The problem affects only kernels 2.6.17 and newer, so it affects
only following of our products:
- openSUSE 10.2 (2.6.18.x kernel)
- openSUSE 10.3 (2.6.22.x kernel)
This problem does NOT affect all others products:
- SUSE Linux 10.1 (2.6.16.x kernel)
- SUSE Linux Enterprise 10 (2.6.16.x kernel)
- SUSE Linux Enterprise Server 9 (2.6.5 kernel)
- Novell Linux Desktop 9 (2.6.5 kernel)
- SUSE Linux Enterprise Server 8 (2.4.21 kernel)
Updates are in preparation for openSUSE 10.2 and 10.3 and will hopefully
be released tomorrow (Tuesday) morning german time.
Test kernel updates are available in our Online Update Betatest Repositories:
- openSUSE 10.3: http://download.opensuse.org/update/10.3-test/
kernel version-release of fixed kernel: 2.6.22.17-0.1
- openSUSE 10.2: ftp://ftp.suse.com/pub/suse/update/10.2-test/
kernel version-release of fixed kernel: 2.6.18.8-0.9
Please note that these update channels contain "beta" quality updates,
so are not recommended for production use systems. Only use the kernel.
Ciao, Marcus
As you are undoubtly aware a new local root exploit has been
discovered on the weekend and reported to a wide audience.
The CVE identifier is CVE-2008-0600.
The problem affects only kernels 2.6.17 and newer, so it affects
only following of our products:
- openSUSE 10.2 (2.6.18.x kernel)
- openSUSE 10.3 (2.6.22.x kernel)
This problem does NOT affect all others products:
- SUSE Linux 10.1 (2.6.16.x kernel)
- SUSE Linux Enterprise 10 (2.6.16.x kernel)
- SUSE Linux Enterprise Server 9 (2.6.5 kernel)
- Novell Linux Desktop 9 (2.6.5 kernel)
- SUSE Linux Enterprise Server 8 (2.4.21 kernel)
Updates are in preparation for openSUSE 10.2 and 10.3 and will hopefully
be released tomorrow (Tuesday) morning german time.
Test kernel updates are available in our Online Update Betatest Repositories:
- openSUSE 10.3: http://download.opensuse.org/update/10.3-test/
kernel version-release of fixed kernel: 2.6.22.17-0.1
- openSUSE 10.2: ftp://ftp.suse.com/pub/suse/update/10.2-test/
kernel version-release of fixed kernel: 2.6.18.8-0.9
Please note that these update channels contain "beta" quality updates,
so are not recommended for production use systems. Only use the kernel.
Ciao, Marcus
| < Previous | Next > |