Language Selection

English French German Italian Portuguese Spanish

Bradypus variegatus aka Zenwalk's Mr. Kernel

Filed under
Linux

The recent Linux kernel local escalation of privilege is indeed a local vulnerability, however this should by no means neglected as minor: most of the vulnerabilities found in so many packages are local vulnerabilities, yet patches are issued responsibly (i.e. in a timely manner) by all the mainstream distros who ship the respective packages.

It's not the only small distro not to have updated the kernel, but their attitude speaks volumes...

The vulnerability is known since Feb. 8, with filling of bugs in mainstream distros generally between 9 and 11 February.

To summarize, here's what I have noticed as patches for the latest kernel vulnerability, chronologically:

* Debian Etch patched it on Feb. 11.
* Slackware 12.0 and -current patched it on Feb. 11.
* Fedora 8 and 7 patched it on Feb. 11.

More Here




More in Tux Machines

today's leftovers

Graphics News

More of today's howtos

GNOME News: Black Lab Drops GNOME and Further GNOME Experiments in Meson

  • Ubuntu-Based Black Lab Enterprise Linux 11.0.1 Drops GNOME 3 for MATE Desktop
    Coming about two weeks after the release of Black Lab Enterprise Linux 11, which is based on the Ubuntu 16.04.2 LTS (Xenial Xerus) operating system using the HWE (hardware enablement) kernel from Ubuntu 16.10 (Yakkety Yak), Black Lab Enterprise Linux 11.0.1 appears to be an unexpected maintenance update addressing a few important issues reported by users lately.
  • 3.26 Developments
    My approach to development can often differ from my peers. I prefer to spend the early phase of a cycle doing lots of prototypes of various features we plan to implement. That allows me to have the confidence necessary to know early in the cycle what I can finish and where to ask for help.
  • Further experiments in Meson
    Meson is definitely getting more traction in GNOME (and other projects), with many components adding support for it in parallel to autotools, or outright switching to it. There are still bugs, here and there, and we definitely need to improve build environments — like Continuous — to support Meson out of the box, but all in all I’m really happy about not having to deal with autotools any more, as well as being able to build the G* stack much more quickly when doing continuous integration.