Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Message-ID: <20040423025355.GA13559@openwall.com>
Date: Fri, 23 Apr 2004 06:53:55 +0400
From: Solar Designer <solar@...nwall.com>
To: announce@...ts.openwall.com, owl-users@...ts.openwall.com
Cc: lwn@....net
Subject: Re: Linux 2.4.26-ow1, 2.0.40-ow1; new Owl ISO; Owl 1.1-stable

Hi,

A few days ago, I wrote:

On Mon, Apr 19, 2004 at 04:03:22AM +0400, Solar Designer wrote:
> There're no known major security fixes added with Linux 2.4.26.

It is now public knowledge that Linux 2.4.26 does indeed fix a local
root vulnerability:

http://www.isec.pl/vulnerabilities/isec-0015-msfilter.txt

Linux 2.0.x and 2.2.x are unaffected.

Thus, if you're running a Linux 2.4.x kernel, it is highly recommended
that you upgrade to Linux 2.4.26-ow1.

The Openwall Linux kernel patch's web page and the Owl change log
entry have been updated with the vulnerability information.

Owl 1.1-stable has been updated to use Linux 2.4.26-ow1 as the kernel.

-- 
Alexander Peslyak <solar@...nwall.com>
GPG key ID: B35D3598  fp: 6429 0D7E F130 C13E C929  6447 73C3 A290 B35D 3598
http://www.openwall.com - bringing security into open computing environments

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.