[Discuss] Notice about a new vulnerability
O'Shea, Shawn - 0665 - MITLL
shawn at ll.mit.edu
Fri Aug 7 09:01:15 EDT 2015
According to Red Hat’s site (unauthenticated), RHEL is unaffected as they never back ported the vulnerable code. Fedora has an alert and updated packages.
Red Hat: https://access.redhat.com/security/cve/CVE-2015-3290
Fedora: https://lwn.net/Articles/653734/
-Shawn
On Aug 6, 2015, at 9:46 PM, Bill Ricker <bill.n1vux at gmail.com> wrote:
> On Thu, Aug 6, 2015 at 8:00 PM, Bill Horne <bill at horne.net> wrote:
>
>> This is from a tweet I got from Dan Goodin, in which he asks "Anyone know
>> if any upstream stable Linux kernels have patched CVE-2015-3290 yet? It
>> looks serious."
>>
>
> Looks like it's in Debian Testing/Unstable and also Jessie(Security) patch
> stream.
> So yeah, it's Stable.
>
> https://www.debian.org/security/2015/dsa-3313
> https://security-tracker.debian.org/tracker/CVE-2015-3290
> https://security-tracker.debian.org/tracker/CVE-2015-3291
> https://security-tracker.debian.org/tracker/CVE-2015-5157
>
> Ubuntu Security has pushed out for 14.04 LTS :
> http://www.ubuntu.com/usn/usn-2700-1/
> and 12.04 LTS http://www.ubuntu.com/usn/usn-2701-1/
>
> AFAIK Red Hat requires log-in to see what they've patched ...
>
>
> --
> Bill Ricker
> bill.n1vux at gmail.com
> https://www.linkedin.com/in/n1vux
> _______________________________________________
> Discuss mailing list
> Discuss at blu.org
> http://lists.blu.org/mailman/listinfo/discuss
More information about the Discuss
mailing list