[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [cobalt-security] Raq 550 Remote Exploits?
- Subject: Re: [cobalt-security] Raq 550 Remote Exploits?
- From: Michael Stauber <cobalt@xxxxxxxxxxxxxx>
- Date: Wed, 28 Jan 2004 11:09:22 +0100
- Organization: SOLARSPEED.NET
- List-id: Mailing list for users to address network security on Cobalt products. <cobalt-security.list.cobalt.com>
Hi Anders,
> Considering that the exploit and the patch was known back in december,
> I wouldn't be too sure about the "soon" part of the kernel patch.
As you say: These vulnerabilities have been around since December. The C10
Kernel was built in August and relesed in September. So we might be lucky and
get a new Kernel within the next 1-2 months.
> It's not impossible to patch the "dobrk" and "mremap" functions yourself,
> though. "Just" requires to rebuild the kernel from the latest SRPM. (C10)
Yeah, that's always an option. However, I'm not sure if I want to press that
"I feel lucky" button - at least not in the form of making custom kernels
available for download. Support wise that kind of explicitly unsupported
custom PKG could become quite support intensive.
--
With best regards,
Michael Stauber