#1831: LFS 6.1.1 contains a root hole in kernel, and maybe other problems
--------------------------------------------+-------------------------------
Reporter: [EMAIL PROTECTED] | Owner: lfs-book@linuxfromscratch.org
Type: task | Status: new
Priority: normal | Milestone:
Component: Book | Version: 6.1.1
Severity: normal | Keywords:
--------------------------------------------+-------------------------------
CVE-2006-3626 (root hole due to /proc race) applies to linux-2.6.11.x.
While one can surely backport the patch from linux-2.6.16.25, this is not
the best thing we can do. Reason: nobody has audited LFS 6.1.1 for other
security problems, and it contains software versions unsupported upstream.
Proposal: on the main page of the LFS part of the web site, say that there
is no stable version of LFS now that is recommended for general use.
--
Ticket URL: <http://wiki.linuxfromscratch.org/lfs/ticket/1831>
LFS Trac <http://wiki.linuxfromscratch.org/lfs/>
Linux From Scratch: Your Distro, Your Rules.
--
http://linuxfromscratch.org/mailman/listinfo/lfs-book
FAQ: http://www.linuxfromscratch.org/lfs/faq.html
Unsubscribe: See the above information page
