There's already a thread on this topic, and besides, this is a support forum.
Threads merged.
Over 9000 Cups of Ubuntu
There's already a thread on this topic, and besides, this is a support forum.
Threads merged.
First Cup of Ubuntu
So what's being done about this, I dont mean to be arrogant at all, but I read about the Exploit @ the groovy "MVP hangout", calendar of Updateshttp://www.calendarofupdates.com/upd...howtopic=22012
Obviously the point must be made that this vulnerability has existed for eight years and has only just been let out of the bag.
Most importantly I can't fix this, anyone working on it
Over 9000 Cups of Ubuntu
You can expect a fix to appear in the Ubuntu repos in the coming hours. Unlike other distros, Ubuntu has alway been quick to fix that sort of thigs, you gotta at least admit that.Originally Posted by Uluru
So what's being done about this, I dont mean to be arrogant at all, but I read about the Exploit @ the groovy "MVP hangout", calendar of Updateshttp://www.calendarofupdates.com/upd...howtopic=22012
Obviously the point must be made that this vulnerability has existed for eight years and has only just been let out of the bag.
Most importantly I can't fix this, anyone working on it
Cake for coffee's sake
One of the most important aspects that makes me stick to Ubuntu for good.
First Cup of Ubuntu
Now everyone knows about this I'm sure it'll be patched very quickly, and as you say available in the Repos. I just hate to see the hopelessly incompetent MS MVP's giggling at a Linux exploitYou can expect a fix to appear in the Ubuntu repos in the coming hours. Unlike other distros, Ubuntu has alway been quick to fix that sort of thigs, you gotta at least admit that.
Surprised they have time to pull themselves away from their Malware cleaning to even notice what's going on in the "Real World".
No offence intended, even if it has to be implied
Spilled the Beans
Anyone have any idea when an updated kernel might become available? I have searched far and wide and cannot even find a bug report on it, searching for CVE-2009-2692.
And FYI, the bug is not because some developer's bad coding. From my limited understanding of the kernel coding voodoo, the null pointers were accounted for. It is gcc compiler optimization that removed the checks after compiling the kernel. Source code looked fine, the bug only shows up in the finished product. The kernel code monkies are damn good, but I don't think they have jedi abilities like diff'ing source and binary code
Last edited by Bad Penguin; August 14th, 2009 at 03:37 PM. Reason: CVE-2009-2692, not 1897
Way Too Much Ubuntu
Well, at least it looks good if Ubuntu get it patched nice and quickly!!
Spilled the Beans
It is not patched, at least in dapper server LTS. I just confirmed by running the exploit posted here:Well, at least it looks good if Ubuntu get it patched nice and quickly!!
http://seclists.org/fulldisclosure/2009/Aug/0180.html
Way Too Much Ubuntu
I did say "IF" !!
Extra Foam Sugar Free Ubuntu
Yes because getting commit access to the linux kernel source code is only slightly harder than editing wikipedia.
Adv Reply
Bookmarks