Marcus Meissner wrote:
On Mon, Jun 13, 2005 at 09:28:20PM +0200, Marcus Meissner wrote:
On Mon, Jun 13, 2005 at 09:01:22PM +0200, Philippe Vogel wrote:
What about (CAN-2005-1265)? mmap exploit in kernel?
http://www.ubuntulinux.org/support/documentation/usn/usn-137-1
Ubuntu did fix this already. Whern there will be a fix available?
Last thursday.
Actually, we did not fix this issue, for the following simple reason:
SUSE Linux is not affected by this, since we do not support this allocator in our shipping products.
Ciao, Marcus
I'm not understanding what "this allocator in our shipping products" means. Could anyone please clarify? Looking at http://www.novell.com/linux/security/advisories/2005_29_kernel.html, it seems at odds with the statement that Suse did not fix this issue. On the 10th, following on a security upgrade notice, I upgraded several packages, including the kernel. (Actually, to say that I upgraded gives me too much credit... I just tried to click on the correct answers. :) So now my /boot/vmlinuz and /boot/initrd are both dated 2005-06-10. Does this mean that this exploit has been patched on my system? Is there a command which users can run to determine whether this exploit exists on their systems? tia. -- A lot of us are working harder than we want, at things we don't like to do. Why? ...In order to afford the sort of existence we don't care to live. -- Bradford Angier