On Fri, Aug 05, 2005 at 11:27:26AM +0200, Moritz Muehlenhoff wrote: > Package: linux-2.6 > Severity: important > Tags: security patch > > An overflow in sock->sk_policy could possibly be exploited as DoS or > potential execution of arbitrary code. Please see > http://www.mail-archive.com/netdev@vger.kernel.org/msg00520.html > for details. A fix has been comitted into the git repo, please see > http://www.kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=a4f1bac62564049ea4718c4624b0fadc9f597c84 > > This has been assigned CAN-2005-2456.
Thanks, for Sarge 2.6.8 appears to be vulnerable, and 2.4.27 does not. I have applied the patch into SVN for 2.6.8. -- Horms -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]