Debian Planet










Welcome to Debian Planet

Search

Apt-get into it.
Main Menu

  • Home

  • Topics

  • Web Links

  • Your Account

  • Submit News

  • Stats

  • Top 10

  • Debian

    These are important Debian sites one should not be without!

  • Official Debian site

  • Package search

  • Mailing list archives

  • Bug reports

  • Debian on CD

  • Unofficial woody CD ISOs

  • Unofficial APT sources

  • Developers' Corner

    Other great Debian news sources:

  • Debian Weekly News

  • Kernel Cousin Debian

    (Debian mailing lists digested)
  • Community Groups

    Need help? You're not alone on this planet.

  • debianHELP

    (User support site)

  • Debian International

  • DebianWorld

    (Français)

  • DebianForum.de

    (Deutsch)

  • EsDebian

    (Español)

  • Debian-BR

    (Português)

  • DebianUsers

    (Korean)

  • MaximumDebian

    (Italiano)

  • IRC

    The place to get help on a Debian problem (after reading docs) or to just chat and chill is #debian on irc.debian.org.

    Many of the Debian Planet staff live there so pop by and say hello.

    Wanna write?

    Got that latest or greatest scoop? Perhaps you have some important news for the Debian community? Submit a news item!

    Or perhaps you've written a rather ground breaking insight into some aspect of Debian and you feel compelled to share it with others? Knock up a longer editorial article and send it to the editors.

    Sponsorship

    DP is sponsored by uklinux.net and CheepLinux.

    Debian Planet runs on hardware donated by Xinit systems and is using kieser.net's bandwidth.

    Who's Online

    There are currently, 79 guest(s) and 3 member(s) that are online.

    You are Anonymous user. You can register for free by clicking here.

      
    Kernel security bug
    Contributed by Anonymous on Saturday, October 20 @ 00:35:19 BST

    Linux
    There are two very important security bugs in the kernel. It affects both 2.2.x and 2.4 kernels less than 2.4.12. There are two separate bugs - a local DoS, and a local root exploit. A quick, hackish fix for the second:
    chmod 0755 /usr/bin/newgrp

    This should only be used as a stopgap. If you're running 2.4.x, get 2.4.12. If you're running 2.2.19, get the patches from http://www.openwall.com/linux/.

     
    Related Links

  • More about Linux
  • News by DanielS

    Most read story about Linux:
    Quickstart guide to kernel-package

    Last news about Linux:

    Printer Friendly Page  Send this Story to a Friend
  • "Kernel security bug" | Login/Create Account | 11 comments
    Threshold


    The comments are owned by the poster. We aren't responsible for their content.

    Re: Kernel security bug (Score: 0)
    by Anonymous on Saturday, October 20 @ 04:13:45 BST

    Do you think that there will be a correction in the 2.2.19 kernel package in stable ?

    [ Reply ]


    Re: Kernel security bug (Score: 3, Informative)
    by manu on Saturday, October 20 @ 10:35:08 BST
    (User Info)

    As Martin Kacer said in bugtraq, you can use other suid root programs like su to make the root exploit. The only issue is to use a patched 2.2.19 or a 2.4.12.

    [ Reply ]


    Anybody running the openwall patch with potato? (Score: 1)
    by Dast on Monday, October 22 @ 00:58:27 BST
    (User Info)

    I read up on that patch and it seems interesting. Anybody here running a kernel with it under potato? Is it a drop-in patch or might it break something?

    [ Reply ]


    Based on: PHP-Nuke

    All logos and trademarks in this site are property of their respective owner. The comments are property of their posters, all the rest © 2000 by Debian Planet

    You can syndicate our news using the file backend.php.