Jim Gifford wrote:
The only question comes into play is 2.6.2 the right kernel for the
current state of the kernel. There was an ABI change in 2.6.8.1 release
that changed an ABI. I think it would be wise if we bump the version to
2.6.9.
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0449 and
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0178
CAN-2005-0178:
A race condition was found in the terminal handling of the
"setsid()" function, which is used to start new process sessions.
http://oss.sgi.com/archives/netdev/2005-01/msg01036.html:
David Coulson noticed a design flaw in the netfilter/iptables module.
By sending specially crafted packets, a remote attacker could exploit
this to crash the kernel or to bypass firewall rules.
Fixing this vulnerability required a change in the Application
Binary Interface (ABI) of the kernel. This means that third party
user installed modules might not work any more with the new kernel,
so this fixed kernel has a new ABI version number. You have to
recompile and reinstall all third party modules.
None of the above says anything about userspace. If LFS still builds
from 2.6.2 and passes testsuites, there is no reason to bump the
required kernel version.
--
Alexander E. Patrakov
--
http://linuxfromscratch.org/mailman/listinfo/lfs-book
FAQ: http://www.linuxfromscratch.org/lfs/faq.html
Unsubscribe: See the above information page
