[SECURITY] Updated Fedora Core 1 kernel packages.
Bill Nottingham
notting at redhat.com
Sat Dec 6 02:56:43 UTC 2003
Leonard den Ottolander (leonardjo at hetnet.nl) said:
> > 2.4.22-1.2115.nptl kernel in FC1 is not vulnerable to this issue.
> > See linux-2.4.18-smallpatches.patch patch in
> > kernel-2.4.22-1.2115.nptl.src.rpm (mm/mmap.c change).
>
> So if these patches have been available since 2.4.18 then why are so many
> (non RH) systems still vulnerable? Aren't such bugs communicated to
> maintainers of other distros? Or to kernel.org?
The patch has not been available since 2.4.18. What happens is:
- the kernel source is kept in CVS
- there's a patch called linux-2.4.18-smallpatches.patch that was
added when we were going to a 2.4.18 kernel (7.3-ish); it contains
lots of random small patches and changes.
- the fix for this bug was added to that patch
Bill
More information about the fedora-list
mailing list