Re: cron exploit?

From: Matt Zimmerman (mdz_at_debian.org)
Date: 09/30/03

  • Next message: dentonj1_at_cox.net: "Re: Repository of virus/worm propagation methods?"
    Date: Mon, 29 Sep 2003 18:42:33 -0400
    To: Incidents <incidents@securityfocus.com>
    
    

    On Mon, Sep 29, 2003 at 03:34:26PM -0700, Jeremy Hanmer wrote:

    > All packages on this machine were up-to-date.

    As I pointed out previously in private mail, your kernel was not up to date
    with security fixes (including local root vulnerabilities).

    -- 
     - mdz
    ---------------------------------------------------------------------------
    ----------------------------------------------------------------------------
    

  • Next message: dentonj1_at_cox.net: "Re: Repository of virus/worm propagation methods?"

    Relevant Pages

    • Re: starting with 2.7
      ... security fixes are separated because noone knows from the start if a fix will ... > download security patches for older versions of vanilla kernels. ... > kernel versions, leaving users in hands of their distribution (either ... > distribution vendor to backport). ...
      (Linux-Kernel)
    • Re: Which version of 2.6.11 is most stable
      ... >> failed to get the required info. ... be backported to an older kernel. ... security fixes can be applied to older kernels. ... send the line "unsubscribe linux-kernel" in ...
      (Linux-Kernel)
    • Re: RFD: Kernel release numbering
      ... Clearly I picked a bad week to go on vacation.. ... main time I make exceptions for that is for security fixes. ... > this kernel would be to have a baseline that nobody can disagree with. ... send the line "unsubscribe linux-kernel" in ...
      (Linux-Kernel)
    • Re: Release Cycle
      ... Either Debian has to support more releases simultaneously or releases fall out of support more often and the users are forced to upgrade if they want to continue to receive security fixes. ... My situation is that I'm having to patch some packages manually (kernel, gnu-fdisk, gthumb) because the fixes haven't entered unstable yet. ... of the 3 patches are for bugs reported before the Lenny freeze. ... To UNSUBSCRIBE, email to debian-user-REQUEST@xxxxxxxxxxxxxxxx with a subject of "unsubscribe". ...
      (Debian-User)
    • Re: RFC: Starting a stable kernel series off the 2.6 kernel
      ... >> Re-raising the same objections over and over again when they've ... But people have used cryptoloop now, ... a kernel that doesn't support cryptoloop. ... > price being doing without security fixes in future kernels. ...
      (Linux-Kernel)