[PlanetCCRMA] do_brk() exploit
Fernando Pablo Lopez-Lezcano
nando@ccrma.Stanford.EDU
Mon Dec 8 10:30:03 2003
> I don't know if i missed it - but is the current CCRMA kernel save against the
> exploit that exposed the debian and gentoo repositories lately? as i gathered
> this is an issues with the 2.4.22 kernels:
>
> http://forums.gentoo.org/viewtopic.php?t=112116
>
> i'm just curious if i have to upgrade the ccrma-kernel, too ( besides my gentoo
> and debian box.... :/ )
The new kernel in Planet Edge is 2.4.23 and thus is inmune. You can
upgrade now if you add the proper incantation to sources.list. See:
http://ccrma-mail.stanford.edu/pipermail/planetccrma/2003-December/003492.html
It will hopefully be in the normal repository by tomorrow. There is also
a version of the newest RedHat kernel with capabilities in Planet Edge
that has this bug fixed.
-- Fernando