-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hi! What about (CAN-2005-1265)? mmap exploit in kernel? http://www.ubuntulinux.org/support/documentation/usn/usn-137-1 Ubuntu did fix this already. Whern there will be a fix available? Reguards Philippe - -- Diese Nachricht ist digital signiert und enthält weder Siegel noch Unterschrift! Die unaufgeforderte Zusendung einer Werbemail an Privatleute verstößt gegen §1 UWG und 823 I BGB (Beschluß des LG Berlin vom 2.8.1998 Az: 16 O 201/98). Jede kommerzielle Nutzung der übermittelten persönlichen Daten sowie deren Weitergabe an Dritte ist ausdrücklich untersagt! -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.1 (MingW32) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iQD1AwUBQq3YAUNg1DRVIGjBAQKvUwb/XHMHEGvJBF34GwJx+CdCbx4/kPl1iWlc 4O3a1T91Nvcy2K9hmWKNbB7rd1TfTRqBXXu0V1Ovx2r5AUBoComUfmck9WNO111w T3P1zHBl2d+k2oFEasYc5ZwD2kJdDnY63FcYaVd00goP3nSICYjCcG9kM8ALVrMh 0Yy4iYv+BrmclkcWC0LKyvK4lDTXo1UyJFNbwmVRnID+6jaTftWqC/U0jMRKYDt6 C+Sl4yTTb0jxDpvofPMQ9Y09aqJHpv3+79yvczFIjSDcFV4LiCdSrxdj8UqrMYhv is5mabOMpZk= =+b1z -----END PGP SIGNATURE-----
On Mon, Jun 13, 2005 at 09:01:22PM +0200, Philippe Vogel wrote:
What about (CAN-2005-1265)? mmap exploit in kernel?
http://www.ubuntulinux.org/support/documentation/usn/usn-137-1
Ubuntu did fix this already. Whern there will be a fix available?
Last thursday. http://www.novell.com/linux/security/advisories/2005_29_kernel.html Ciao, Marcus
On Mon, Jun 13, 2005 at 09:28:20PM +0200, Marcus Meissner wrote:
On Mon, Jun 13, 2005 at 09:01:22PM +0200, Philippe Vogel wrote:
What about (CAN-2005-1265)? mmap exploit in kernel?
http://www.ubuntulinux.org/support/documentation/usn/usn-137-1
Ubuntu did fix this already. Whern there will be a fix available?
Last thursday.
Actually, we did not fix this issue, for the following simple reason: SUSE Linux is not affected by this, since we do not support this allocator in our shipping products. Ciao, Marcus
Marcus Meissner wrote:
On Mon, Jun 13, 2005 at 09:28:20PM +0200, Marcus Meissner wrote:
On Mon, Jun 13, 2005 at 09:01:22PM +0200, Philippe Vogel wrote:
What about (CAN-2005-1265)? mmap exploit in kernel?
http://www.ubuntulinux.org/support/documentation/usn/usn-137-1
Ubuntu did fix this already. Whern there will be a fix available?
Last thursday.
Actually, we did not fix this issue, for the following simple reason:
SUSE Linux is not affected by this, since we do not support this allocator in our shipping products.
Ciao, Marcus
I'm not understanding what "this allocator in our shipping products" means. Could anyone please clarify? Looking at <http://www.novell.com/linux/security/advisories/2005_29_kernel.html>, it seems at odds with the statement that Suse did not fix this issue. On the 10th, following on a security upgrade notice, I upgraded several packages, including the kernel. (Actually, to say that I upgraded gives me too much credit... I just tried to click on the correct answers. :) So now my /boot/vmlinuz and /boot/initrd are both dated 2005-06-10. Does this mean that this exploit has been patched on my system? Is there a command which users can run to determine whether this exploit exists on their systems? tia. -- A lot of us are working harder than we want, at things we don't like to do. Why? ...In order to afford the sort of existence we don't care to live. -- Bradford Angier
I'm not understanding what "this allocator in our shipping products" means. Could anyone please clarify?
Looking at <http://www.novell.com/linux/security/advisories/2005_29_kernel.html>, it seems at odds with the statement that Suse did not fix this issue.
On the 10th, following on a security upgrade notice, I upgraded several packages, including the kernel. (Actually, to say that I upgraded gives me too much credit... I just tried to click on the correct answers. :) So now my /boot/vmlinuz and /boot/initrd are both dated 2005-06-10. Does this mean that this exploit has been patched on my system? Is there a command which users can run to determine whether this exploit exists on their systems?
According to our kernel gurus this problem existed only in 2.6.12 development trees which we do not ship with any product. So -> not affected. Ciao, Marcus
Marcus Meissner wrote:
I'm not understanding what "this allocator in our shipping products" means. Could anyone please clarify?
Looking at <http://www.novell.com/linux/security/advisories/2005_29_kernel.html>, it seems at odds with the statement that Suse did not fix this issue.
On the 10th, following on a security upgrade notice, I upgraded several packages, including the kernel. (Actually, to say that I upgraded gives me too much credit... I just tried to click on the correct answers. :) So now my /boot/vmlinuz and /boot/initrd are both dated 2005-06-10. Does this mean that this exploit has been patched on my system? Is there a command which users can run to determine whether this exploit exists on their systems?
According to our kernel gurus this problem existed only in 2.6.12 development trees which we do not ship with any product.
So -> not affected.
Ciao, Marcus
Okay, I think I'm understanding: the OP thought (incorrectly) that <http://www.novell.com/linux/security/advisories/2005_29_kernel.html> addressed the mmap exploit when in fact it addresses different issues. The question remains: On the 10th, following on a security upgrade notice, I upgraded (via suse-watcher) several packages, including the kernel. ... So now my /boot/vmlinuz and /boot/initrd are both dated 2005-06-10. Does this mean that this [security upgrade referred to in <http://www.novell.com/linux/security/advisories/2005_29_kernel.html> has been performed] on my system? Is there a command which users can run to determine this...? thanks. -- A lot of us are working harder than we want, at things we don't like to do. Why? ...In order to afford the sort of existence we don't care to live. -- Bradford Angier
The question remains:
On the 10th, following on a security upgrade notice, I upgraded (via suse-watcher) several packages, including the kernel. ... So now my /boot/vmlinuz and /boot/initrd are both dated 2005-06-10. Does this mean that this [security upgrade referred to in <http://www.novell.com/linux/security/advisories/2005_29_kernel.html> has been performed] on my system? Is there a command which users can run to determine this...?
Yes. uname -a will show the running version. rpm -q kernel-default (or the kernel-xxxx rpm you installed). will show the installed version. rpm -q --changelog kernel-default |head will show the toplevel entry, which should be in June. Ciao, Marcus
participants (3)
-
ken
-
Marcus Meissner
-
Philippe Vogel