Hi folks, As you are undoubtly aware a new local root exploit has been discovered on the weekend and reported to a wide audience. The CVE identifier is CVE-2008-0600. The problem affects only kernels 2.6.17 and newer, so it affects only following of our products: - openSUSE 10.2 (2.6.18.x kernel) - openSUSE 10.3 (2.6.22.x kernel) This problem does NOT affect all others products: - SUSE Linux 10.1 (2.6.16.x kernel) - SUSE Linux Enterprise 10 (2.6.16.x kernel) - SUSE Linux Enterprise Server 9 (2.6.5 kernel) - Novell Linux Desktop 9 (2.6.5 kernel) - SUSE Linux Enterprise Server 8 (2.4.21 kernel) Updates are in preparation for openSUSE 10.2 and 10.3 and will hopefully be released tomorrow (Tuesday) morning german time. Test kernel updates are available in our Online Update Betatest Repositories: - openSUSE 10.3: http://download.opensuse.org/update/10.3-test/ kernel version-release of fixed kernel: 2.6.22.17-0.1 - openSUSE 10.2: ftp://ftp.suse.com/pub/suse/update/10.2-test/ kernel version-release of fixed kernel: 2.6.18.8-0.9 Please note that these update channels contain "beta" quality updates, so are not recommended for production use systems. Only use the kernel. Ciao, Marcus