Re: Linux v2.6.0-test1

Marcelo Tosatti (marcelo@conectiva.com.br)
Mon, 14 Jul 2003 10:56:59 -0300 (BRT)


On Mon, 14 Jul 2003, Alan Cox wrote:

> On Llu, 2003-07-14 at 12:39, John Bradford wrote:
> > > > > The point of the test versions is to make more people realize that they
> > > > > need testing
> > > >
> > > > Are all the known security issues in 2.4 now fixed in 2.6.0-test1?
> > >
> > > No, and several more have been added in 2.6-test only.
> >
> > As far as I know, they are only information disclosure ones, not
> > directly exploitable vulnerabilities, or am I wrong?
>
> Last time I checked there were remote DoS attacks and local root attacks
> present in 2.5.7x
>
> > > > This has been the only major reason for keeping of most of my
> > > > production machines running 2.4 for quite a while. If not, can we get
> > > > the fixes in at the earliest opportunity?
> > >
> > > Sure.. send the fixes to Linus
> >
> > Is anybody even keeping track of this, though? Picking thorough LKML
> > to see what did and didn't go in doesn't seem particularly exciting to
> > me.
>
> Then you'll just have to wait a few months

I will start looking at 2.4 security fixes which are not applied in 2.6.

If someone is already doing that, please tell me.
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/