| |||||||||||||
|
| |||||||||||||
2.4.20 not entirely safe2.4.20 not entirely safePosted May 22, 2003 13:29 UTC (Thu) by alspnost (subscriber, #2763)In reply to: The networking hash vulnerability by DaveK Parent article: The networking hash vulnerability Not true. 2.4.20 does have some security problems, like the ptrace vulnerability, some possible ext3 filesystem corruption issues, and this latest DoS issue. There's also the fact that it doesn't support lots of recent hardware etc. Anyway, many people _did_ request an accelerated 2.4.21 release when the ptrace flaw was discovered, but it didn't happen. Alan Cox deemed it serious enough to release a new 2.2 kernel. In the end, people using vendor kernels get the fixes by updating those; hackers who build their own kernels are probably happy running prepatches, or certainly -rc releases. FWIW, I'm with 2.4.21-rc on Gentoo and it's rock solid.
(Log in to post comments)
Sarcasm alert Posted May 22, 2003 19:19 UTC (Thu) by roelofs (subscriber, #2599) [Link] I'm pretty sure DaveK was employing verbal irony. He's not the only one who wishes Marcelo would get off his thumb and release the 2.4 kernels a little more quickly, at least when there are longstanding security holes to be patched. (And yes, I've resorted to various -pre and -rc kernels because I had to, but at least two of those failed to build and required additional patches.)Btw, typo alert for Jonathan: "problemis"
Sarcasm alert Posted May 22, 2003 22:39 UTC (Thu) by alspnost (subscriber, #2763) [Link] Thanks - yes, I think you're right. My sarcasm detector got switched off in the middle of a busy day at work ;-)
|
|
||||||||||||