Hi Folks: I received the following warning from SANS yesterday, and I need to know how to appropriately respond:
http://www.isc.sans.org/diary.php?storyid=1482 To summarize the story at the above link, there appears to be a vulnerability in the linux kernel, which when exploited, will allow a user to gain root privileges. Normally, I would simply upgrade to the latest kernel from portage, and be done with it, however, here is the problem: QUOTING SANS HERE: "As all kernels 2.6.13 up to version 2.6.17.4 and 2.6.16 before 2.6.16.24 are affected, you should patch as soon as possible, even if you don't allow any local users on your machines." As of this morning, the latest Kernel version in portage is 2.6.16-r12. It seems that there is a different versioning / naming scheme used but im not sure. Can someone please let me know how to respond, or point me to appropriate reading so I can protect myself. Thanks TIM Timothy A. Holmes IT Manager / Network Admin / Web Master / Computer Teacher Medina Christian Academy A Higher Standard... -- gentoo-user@gentoo.org mailing list
