Full Disclosure mailing list archives

Previous By Date Next
Previous By Thread Next

Gentoo versioning [was: [ GLSA 200403-02 ] Linux kernel do_mremap local privilege escalation vulnerability]

From: Marcin Owsiany <marcin () owsiany pl>
Date: Wed, 24 Mar 2004 19:00:39 +0100
On Sat, Mar 06, 2004 at 11:40:27PM +0000, Tim Yamin wrote:

~   -------------------------------------------------------------------
~          Kernel      /   Unaffected Version   /    Manual Update?
~   -------------------------------------------------------------------

~   aa-sources................2.4.23-r1...................YES..........
~   alpha-sources.............2.4.21-r4................................
~   ck-sources................2.4.24-r1...................YES..........
~   ck-sources................2.6.2-r1....................YES..........

[...]

~   IMPORTANT: IF YOUR KERNEL IS MARKED AS "YES" ABOVE, THEN YOU SHOULD
~              UPDATE YOUR KERNEL EVEN IF PORTAGE REPORTS THAT THE SAME
~              VERSION IS INSTALLED.


I don't know Gentoo, but could someone describe the reason for this
note? It seems something is very broken. Does that mean that version
string does not uniquely identify a version of package?

regards,

Marcin
-- 
Marcin Owsiany <marcin () owsiany pl>              http://marcin.owsiany.pl/
GnuPG: 1024D/60F41216  FE67 DA2D 0ACA FC5E 3F75  D6F6 3A0D 8AA0 60F4 1216
 
"Every program in development at MIT expands until it can read mail."
                                                              -- Unknown

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
Previous By Date Next
Previous By Thread Next

Current thread: