kernel 2.4.23

Mailing List

Home

Forum Home

Linux - General Red Hat Linux discussion list

Installation - Getting started with Red Hat Linux

Enterprise Linux 3 - Discussion of Red Hat Enterprise Linux 3 (Taroon)

Red Hat Linux 9 - Discussion of Red Hat Linux 9 (Shrike)

Red Hat Linux 7.2 - Discussion of Red Hat Linux 7.2 (Enigma)

Red Hat Linux 7.3 - Discussion of Red Hat Linux 7.3 (Valhalla)

Apache Web Server

Oracle database, Microsoft SQL server ...

Subjects

•	application/x mplayer2 plugin
•	RPM error: db4 error(16) from dbenv >remove: Device or resource busy
•	Command stream end of file while reading
•	X Windows problem (xauth)
•	Upgrading openoffice 1 1 rpm
•	FTP: connection refused
•	FTP: connection refused
•	mount: /dev/cdrom: is not a valid block device
•	Dell Precision 650, RedHat 9, no sound
•	how to trace the cause resulting in the crash of bind server
•	Virus on the list
•	UNINSTALL RPM MYSQL
•	usb pen drives: mounting as a user
•	broadcom network interface
•	make mrproper
•	sendmail configuration on redhat
•	Couldn 't open PID file /var/run/named/named pid Permission denied
•	Promise 378 controller
•	kernel 2 6 and /dev/sound/mixer not found
•	Problem using up2date
•	mrtg step by step howto/configuration for a newbie?
•	Compiling and Installing Kernel 2 6
•	Can 't locate module ppp0, can 't locate module ppp compress 21
•	HOW I CAN MAKE BOOTABLE FLOPPY DISKET
•	Lotus Notes under Wine
•	/etc/security/limits conf question
•	Intel E/1000 driver
•	Command stream end of file while reading
•	rpm database corrupt
•	qla2300 modules

kernel 2.4.23

kernel 2.4.23

2003-12-16 - By Brian T. Brunner

Back

Reply: 1 2 3 4 5 6 7 8 9 10

Thanks, Steve.

Summary: If I needed 2.4.22 (for reasons other than this security issue), then
I need 2.4.23 to get the security patch;
if I was happy with Shrike Original, I only need the released errata srpm.

There is no backport from RH for the security patch for 2.4.22.

Brian Brunner
brian.t.brunner@(protected)
(610)796-5838

>>> yellin@(protected) 12/16/03 03:49PM >>>

I thought the two linked pages explained the situation quite well.
If all you want is remove the vulnerability that was still present in
2.4.22, you DON'T need 2.4.23 or later. In fact, you may not want the
later kernel, because it may introduce new bugs or have inconsistencies
with your current system. So RedHat has kindly made a kernel, 2.4.20-24.9,
that fixes the vulnerability, but otherwise leaves the old, working
version unchanged.

On Tue, 16 Dec 2003, Brian T. Brunner wrote:

>
> The facetious comments made along the lines of preaching the 'top
> posting is evil' religion aside, yes I read the second linked page. No
> it didn't clear up why we had a vulnerability in 2.4.22 that was to be
> addressed by the 2.4.20-24.9 srpms when what we're in need of is 2.4.23
> or later.

> > https://rhn.redhat.com/errata/RHSA-2003 (See http://HSA-2003.ora-code.com)-392.html
> > http://www.redhat.com/advice/speaks_backport.html

--
Steven Yellin

__ ____ ____ ____ ____ ____ ____ ____ ____ ____
Valhalla-list mailing list
Valhalla-list@(protected)
https://www.redhat.com/mailman/listinfo/valhalla-list

**********************************************************************
This email and any files transmitted with it are confidential and
intended solely for the use of the individual or entity to whom they
are addressed. If you have received this email in error please notify
the system manager.

This footnote also confirms that this email message has been swept
for the presence of computer viruses.

www.hubbell.com - Hubbell Incorporated
**********************************************************************