There were some other security holes in the kernel which was corrected in 2.2.19pre9 or somewhere around that pre-release concerning the signed/unsigned usage of some int variables. I think this is a sufficient reason for upgrading.
Regards, Robert Varga On Mon, 5 Mar 2001, David Wright wrote: > Quoting [EMAIL PROTECTED] ([EMAIL PROTECTED]): > > On Mon, Mar 05, 2001 at 03:31:07AM -0900, Ethan Benson wrote: > > > On Thu, Mar 01, 2001 at 03:34:21AM +0000, Stephen Walton wrote: > > > > > Has anyone seen the announcement about a root exploit > > > > in the 2.2.15 and earlier kernel versions as posted > > > > > yes ages ago. > > > > > > Does this apply to the debian kernels? > > > > > > depends what debian kernel, i think some of them had backported > > > patches, but really there is no reason to be running anything that > > > old. upgrade to 2.2.18. > > > > I purposely have a policy of not upgrading software (including the > > kernel) unless there is a good reason to do so, either with new > > functionality that is required, or for security reasons. I have > > no objections to upgrading in this instance, but I was more > > concerned that a search on Debians archives did not show this > > as a security issue. > > Perhaps it's at http://www.uk.debian.org/security/2000/20000612 ? > i.e. 2.2.15-3 is patched. > > Cheers, > > -- > Email: [EMAIL PROTECTED] Tel: +44 1908 653 739 Fax: +44 1908 655 151 > Snail: David Wright, Earth Science Dept., Milton Keynes, England, MK7 6AA > Disclaimer: These addresses are only for reaching me, and do not signify > official stationery. Views expressed here are either my own or plagiarised. > > > -- > To UNSUBSCRIBE, email to [EMAIL PROTECTED] > with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED] > >
