kernelOfTruth
Watchman
Joined: 20 Dec 2005
Posts: 6111
Location: Vienna, Austria; Germany; hello world :)
|
 Posted: Wed Oct 20, 2010 12:15 am Post subject: Gentoo Patches for Kernel vulnerability CVE-2010-3904 |
 |
|
(@Moderators:
this might belong into the news/notfication and/or security subforum section)
| Mike Pagano wrote: | Attention all Media, Gentoo users and my fellow Gentoo devs:
A new kernel vulnerability has been reported and the gentoo bug has been filed. Within 4 hours of this filing, the kernel team has released the following:
The fix for CVE-2010-3904 has been back ported to all gentoo-source versions that are currently supported. (2.6.32-rX, 2.6.34-rX and 2.6.35-rX)
This fix is now released in the following genpatches:
genpatches-2.6.35-12
genpatches-2.6.34-14
genpatches-2.6.32-25
The following newly released gentoo-sources kernels contain the patch:
gentoo-sources-2.6.35-r11
gentoo-sources-2.6.34-r12
gentoo-sources-2.6.32-r20
The following stable request bugs have been filed for these kernels:
bug #341833 for gentoo-sources-2.6.32-r20
bug #341831 for gentoo-sources-2.6.34-r12
Please note that no stable request has been filed for 2.6.35-r11, as we wait for the prerequisite 30 days for the new baselayout to be requested to be stabled before we can do so. If you are running a 2.6.35 gentoo-source kernel, please upgrade to the latest version. Note that as of this post, upstream has not release new vanilla kernel versions containing the fix that I am aware of. |
references: http://www.mpagano.com/blog/?p=146
_________________
https://github.com/kernelOfTruth/ZFS-for-SystemRescueCD/tree/ZFS-for-SysRescCD-4.9.0
https://github.com/kernelOfTruth/pulseaudio-equalizer-ladspa
Hardcore Gentoo Linux user since 2004  |
|
Gentoo Chat
