[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: local root exploit in 2.4.29
Ack. That was my mistake. I renamed the transcripts and rcs notes, but I
neglected to rename the directory holding the files. I had originally
named the kernel 1.3.1, but I realized that conflicted with our naming
scheme, so I made it 1.4.0. It should be fixed now. The cache manager
suffered equally, but also should be better now.
sixthday% lcksum -c sha1 -n kernel-1.4.0.T
sixthday% lcksum -c sha1 -n openafs-1.2.13-cm-1.4.0.T
I'll see what I can do about a bootcd as well.
On Wed, 8 Jun 2005, Katarina Lukaszewicz wrote:
the shared/kernel-1.4.0 doesn't have any files under file/shared/kernel-1.4.0
sixthday-radmind:; ls file/shared/kern*
part of Blackops oncall and technical administrative support
for UMCE services
On Wed, 8 Jun 2005, Albert Bertram wrote:
I have a kernel and afs cache manager available for people to test or
otherwise use. Relevant transcripts are:
patches and the new config have been checked in to cvs on equilibrium.
On Tue, 7 Jun 2005, Michael C Garrison wrote:
Our current kernel has a local root exploit that was published May 11th.
The proof of concept will crash a machine:
2.4.31 fixes this, which was released on 2005-06-01. I think that this
should be a high priority update that we need to do ASAP.