Hi!
JFYI, see the attachment.
Securityfocus and some other news sites have spread rumour that the
do_path() bug fixed with 2.6.16 is remotely exploitable.
It is not.
Unless you are using virtualization techniques like Virtuozzo or
Vserver (where 'root' cannot neccessarily be trusted), there is not
really any security risk caused by this bug. Stay cool.
Cheers,
Harald (for the netfilter core team)
--
- Harald Welte <laforge@netfilter.org> http://netfilter.org/
============================================================================
"Fragmentation is like classful addressing -- an interesting early
architectural error that shows how much experimentation was going
on while IP was being designed." -- Paul Vixie
JFYI, see the attachment.
Securityfocus and some other news sites have spread rumour that the
do_path() bug fixed with 2.6.16 is remotely exploitable.
It is not.
Unless you are using virtualization techniques like Virtuozzo or
Vserver (where 'root' cannot neccessarily be trusted), there is not
really any security risk caused by this bug. Stay cool.
Cheers,
Harald (for the netfilter core team)
--
- Harald Welte <laforge@netfilter.org> http://netfilter.org/
============================================================================
"Fragmentation is like classful addressing -- an interesting early
architectural error that shows how much experimentation was going
on while IP was being designed." -- Paul Vixie
Attached Files:
-
message-rfc822.eml (2.58 KB)