Re: Patch for CVE-2004-1334 ???

From: Robert Hancock
Date: Wed Jan 25 2006 - 09:46:06 EST

Next message: Jan Engelhardt: "Re: CD writing in future Linux (stirring up a hornets' nest) (was:Rationale for RLIMIT_MEMLOCK?)"
Previous message: Pekka Enberg: "Re: 2.6.16-rc1-mm3"
In reply to: Syed Ahemed: "Re: Patch for CVE-2004-1334 ???"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Syed Ahemed wrote:

The simple reason we do not intend to use the latest version is we run
some third party software which cant be front ported (pardon the slang
) to 2.4.29 and above.
As for the changeset by guninski , i wish to ask about a one point
source of applying all the patches for 2.4.28 .I mean shouldn't all
the kernel security patches ( atleast the ones that have become CVE's)
be a part of kernel.org .Since there isn't any what is the reason ?

It is "part of kernel.org", it's called 2.4.32. The kernel developers can hardly be expected to release a patch for every vulnerability against every possible kernel version ever released..

If you need guaranteed security patches against a specific version of the kernel you should likely be using a distribution kernel and not a vanilla kernel.

--
Robert Hancock Saskatoon, SK, Canada
To email, remove "nospam" from hancockr@xxxxxxxxxxxxx
Home Page: http://www.roberthancock.com/

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Jan Engelhardt: "Re: CD writing in future Linux (stirring up a hornets' nest) (was:Rationale for RLIMIT_MEMLOCK?)"
Previous message: Pekka Enberg: "Re: 2.6.16-rc1-mm3"
In reply to: Syed Ahemed: "Re: Patch for CVE-2004-1334 ???"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]