I'm posting this to the lfs-dev and {,b}lfs-support lists. If
you wish to reply, please just reply to the list (NOT to all -
that might cause rejections if you aren't subscribed to all the
lists).
There are two vulnerabilities in versions of udev before udev-141.
(i.) For all previous
Ken Moffat wrote:
[...]
There are two vulnerabilities in versions of udev before udev-141.
Thanks very much for the heads up.
(i.) For all previous versions, netlink messages can be received
from local users, allowing privilege escalation. CVE-2009-1185
(ii.) There is a potential
Mike McCarty wrote:
I am not expert, so I perhaps am not able to see how the vulnerabilities
listed affect my machine. Could you be more specific about how the
vulnerabilities are subject to exploit? I'd appreciate that very much.
IOW, I'd like to see something which would allow us to
On Mon, Apr 27, 2009 at 12:53:41PM -0500, Mike McCarty wrote:
All users who run udev are recommended to upgrade and reboot.
Why? What I see there shows two vulnerabilities indeed, but perhaps
not for everyone. ISTM that they require a hostile local user, or at
least one with a running
Ken Moffat wrote:
Thanks for your kind reply.
On Mon, Apr 27, 2009 at 12:53:41PM -0500, Mike McCarty wrote:
[...]
I am not expert, so I perhaps am not able to see how the vulnerabilities
listed affect my machine. Could you be more specific about how the
vulnerabilities are subject to
Bruce Dubbs wrote:
Thanks for your reply.
Mike McCarty wrote:
I am not expert, so I perhaps am not able to see how the vulnerabilities
listed affect my machine. Could you be more specific about how the
vulnerabilities are subject to exploit? I'd appreciate that very much.
IOW, I'd like to
Mike McCarty wrote:
Well, you see there are two exposures involved, the obvious one
possible exploit of known vulnerability
and the less obvious one
replacing working code with with defective code
The first exposure is relatively easy to evaluate; the latter is less
so,
On Mon, Apr 27, 2009 at 02:28:39PM -0500, Mike McCarty wrote:
Well, you see there are two exposures involved, the obvious one
possible exploit of known vulnerability
and the less obvious one
replacing working code with with defective code
The first exposure is relatively
On Mon, Apr 27, at 02:52 Bruce Dubbs wrote:
Mike McCarty wrote:
Well, you see there are two exposures involved, the obvious one
possible exploit of known vulnerability
and the less obvious one
replacing working code with with defective code
The first exposure is
I searched the FAQ, Errata, and the mailing list but did not find
anything about this error I'm getting while compiling
util-linux-ng-2.14.1. Everything else up to this point configured
and compiled successfully. Thanks for any help you can provide.
My system is Fedora 10 Linux
Sorry for posting without a subject line! Here is one with the subject line.
From: jnbut...@jnbutler.com
Date: 4/27/09 22:54Subject:
I searched the FAQ, Errata, and the mailing list but did not find
anything about this error I'm getting while compiling
util-linux-ng-2.14.1.
On Monday 27 April 2009 16:58:24 jnbut...@jnbutler.com wrote:
I searched the FAQ, Errata, and the mailing list but did not find
anything about this error I'm getting while compiling
util-linux-ng-2.14.1. Everything else up to this point configured
and compiled successfully. Thanks for any help
On Mon, Apr 27, at 10:58 jnbut...@jnbutler.com wrote:
more.c:175:52: error: term.h: No such file or directory
This is a ncurses header, actually is an awk script (MKterm.h.awk.in).
Make sure that you have installed ncurses properly and recheck.
James Butler
Regards,
Agathoklis.
--
jnbut...@jnbutler.com wrote:
I searched the FAQ, Errata, and the mailing list but did not find
anything about this error I'm getting while compiling
util-linux-ng-2.14.1. Everything else up to this point configured
and compiled successfully. Thanks for any help you can provide.
My system
Thanks all for the suggestions.
I went back and re-compiled ncurses making sure it went without error
then re-compiled util-linux-ng-2.14.1 and this time it looks like it
went ok, no errors. Did the stripping and backed up tools/ dir.
Changed owner to root and now ready for building LFS.
Wish me
Bruce Dubbs wrote:
Mike McCarty wrote:
[...]
I was hoping to get more information about how to evaluate my exposure.
Look at the source of the patch. The header says that the changes are from
upstream. They will be in future versions of the code. To evaluate the
vulnerability, the
Agathoklis D. Hatzimanikas wrote:
On Mon, Apr 27, at 02:52 Bruce Dubbs wrote:
Mike McCarty wrote:
[...]
I was hoping to get more information about how to evaluate my exposure.
Look at the source of the patch. The header says that the changes are from
upstream. They will be in future
jnbut...@jnbutler.com wrote:
[...]
Wish me luck!
Good luck!
Mike
--
p=p=%c%s%c;main(){printf(p,34,p,34);};main(){printf(p,34,p,34);}
Oppose globalization and One World Governments like the UN.
This message made from 100% recycled bits.
You have found the bank of Larn.
I speak only for
18 matches
Mail list logo