RedHat up2date & kernel upgrades...
Derek Martin
ddm at pizzashack.org
Mon Apr 9 22:01:35 EDT 2001
On Mon, Apr 09, 2001 at 08:52:17PM -0400, linuxguy at ici.net wrote:
> howdy folks,
>
> does anyone have any comments to share about using the
> redhat 'up2date' utility to upgrade the system kernel?
Several people have reported on Bugtraq that the latest kernel Red Hat
has DOES NOT FIX the execve race condition root exploit, despite the
fact that they supposedly released it with a fix. [Caveat: I have
made no effort to verify this myself. For all I know they could be
wrong or outright lying.] You're probably better off downloading the
source for 2.2.19 and compiling it. It may well be a hastle, and it
may require a lot of patience and reading for someone who hasn't done
this before, but evidently it's the only way you're going to fix this
exploit if you're running a Red Hat system.
---------------------------------------------------
Derek Martin | Unix/Linux geek
ddm at pizzashack.org | GnuPG Key ID: 0x81CFE75D
Retrieve my public key at http://pgp.mit.edu
-
Subcription/unsubscription/info requests: send e-mail with
"subscribe", "unsubscribe", or "info" on the first line of the
message body to discuss-request at blu.org (Subject line is ignored).
More information about the Discuss
mailing list