[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [suse-security] Enterprise server 8 not vulnerable to do_mremap()?

On Tue, 6 Jan 2004, Olaf Kirch wrote:

> Date: Tue, 6 Jan 2004 20:16:00 +0100
> From: Olaf Kirch <okir@xxxxxxx>
> To: hubba@xxxxxx
> Cc: Bjorn Tore Sund <bjornts@xxxxxxxxx>, suse-security@xxxxxxx
> Subject: Re: [suse-security] Enterprise server 8 not vulnerable to
>     do_mremap()?
> Hi,
> On Tue, Jan 06, 2004 at 03:04:22PM +0000, Hubertus A. Haniel wrote:
> > It also apears that SLES8 is affected by what ever bug is on SuSE 8.1 ( I have
> > seen this happen with SP3 recently ) and hence no kernel-source.rpm.
> Right.
> > Are there any plans on getting this bug fixed and a kernel-source.rpm?
> Of course. The tarball is just a stopgap measure until we've nailed down
> the rpm bug that causes the kernel-source install problems.

OK I can live with that - have you got an ETA for the proper fix?

> > I do not consider a tar
> > file a very clean fix as rpm will no longer reflect what is on the box. Neither is
> > it exactly easy to deploy tar files via auto yast and across a LOT of systems.
> We felt reasonably comfortable with this solution because kernel-source
> is normally a package you rarely need to deplay across lots of systems.
> You don't even need it for normal development, only if you're a kernel
> hacker.

Yes - I would have thought that as well - unfortunately not everybody is
under the same opinion so I have a lot of development systems with the
kernel source. A lot of vendor supplied installation routines depend on
the kernel source and it is one of my missions to re educate them which is
sometimes not too easy.

Best regards

Check the headers for your unsubscription address
For additional commands, e-mail: suse-security-help@xxxxxxxx
Security-related bug reports go to security@xxxxxxx, not here