|
Date: Thu, 11 Nov 2004 20:39:43 +0300 From: Ilya Andreiv <ilya@...ter.homelinux.net> To: Andreas Ericsson <owl-users@...ts.openwall.com> Subject: Re: iSEC advisory about binfmt_elf Hello Andreas, Thursday, November 11, 2004, 8:22:18 PM, you wrote: >> Is 2.4.27-ow1 kernel affected? > Yes, but the setuid binaries on the system are far fewer than those of > most other distributions and none of them exec() other programs so I have sudo installed in my system but now i restrict it to wheel group. > impact is greatly reduced. The Linux kernel team (Linus Torvalds et al, > not the Owl patchers) were the ones that disclosed the vulnerability, so > 2.4.28 should be out fairly soon to fix this problem. But 2.4.28-rc2 contains buggy code... -- Best regards, Ilya mailto:ilya@...ter.homelinux.net
Powered by blists - more mailing lists
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.