Only days after release, two potential security issues in the new 2.6.12 kernel have been fixed. Anyone think Microsoft could ever act that fast?
Just days after the much-anticipated Linux 2.6.12 kernel was officially released, an update has been issued to fix two security vulnerabilities.
Linux kernel developer Chris Wright announced the 2.6.12.1 security fix release late Wednesday.
One of the issues carries the CVE designation CAN-2005-1761 and was titled, "ia64 ptrace + sigrestore_context" in the Changelog for 2.6.12.1. According to Danish Research firm Secunia, the impact of this vulnerability is unknown.
The other fix is for an issue that is somewhat more dangerous and could lead to a Denial-of-Service (define) attack by a malicious user. The 2.6.12.1 changelog refers to the patch as "Clean up subthread exec" and refers to the CVE designation CAN-2005-1913.
Full article from InternetNews.com
http://www.linuxlinks.com/portal/news/article.php?story=20050624042615763