On Mon, 8 Dec 2003, Jan-Frode Myklebust wrote:
> I still can't find any updated kernel from Axel's atrpms.
> The kernels there seems all to be based on RedHats 2.4.20-20.x
> without any mention of extra patches for the do_brk().
Sorry, you're right, Axel hasn't updated yet either.
> I'm a bit disappointed that SGI isn't more closely following up on
> security patches or redhat errata kernels. If it's "easy enough",
> why not just do it, and stop pushing a kernel with a serious security
> vulnerability from the project home page?
Because time < demands. If I get some time I'll do it, but in the
meantime it's really quite simple for anyone in the 'community' to
whip this up:
Install the xfs 2.4.20-20 src.rpm
Install the stock 2.4.20-20 src.rpm
Diff the two specfiles to see what xfs changed - adds patches, tweaks release
Install the stock 2.4.20-24 src.rpm
Apply the above diff to the 2.4.20-24 specfile, fix minor reject on release
Rebuild from the patched 2.4.20-24 specfile
-Eric
|