|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
From: Solar Designer (solar
OPENWALL.COM)Date: Fri Feb 09 2001 - 11:40:48 CST
On Thu, Feb 08, 2001 at 06:03:00PM -0500, bugzillaREDHAT.COM wrote:
> Thanks to Solar Designer for finding the sysctl bug, and
> for the versions of the sysctl and ptrace patches we used.
Thanks for crediting me, but actually it's Chris Evans who found the
sysctl bug that affects Linux 2.2. I only provided patches.
I found a very similar sysctl "signedness" bug a few years back,
fixed in Linux 2.0.34, but it's not an issue on Linux 2.2. So all
credit for the discovery of this new bug is to Chris Evans.
As I am posting this anyway, -- these two fixes (but _not_ the DoS
one, yet) are included in 2.2.18-ow4 and 2.0.39-ow2 patches, which
I've just released:
http://www.openwall.com/linux/
Actually, 2.0.39 only needed the execve/ptrace race condition fix.
-- /sd
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]