[Secure-testing-team] Kernel vulnerabilities in sarge-checks
Stefan Fritsch
sfritsch at ph.tum.de
Wed Mar 23 15:00:43 UTC 2005
On Tuesday 22 March 2005 20:03, Moritz Muehlenhoff wrote:
> I just wrote a little Python script to automatically generate a
> list of vulnerable kernel image packages against the CAN list. I
> parses the CAN list for kernel-source entries and all that remains
> to be done is to keep a list which kernel on which arch is built
> against which kernel-source package.
Most of this list can be created automatically. It seems only
kernel-image-2.4.27-arm
kernel-image-2.4.27-m68k
kernel-patch-2.4.27-mips
kernel-patch-powerpc-2.4.27
(the latter two also create kernel-images) and the 2.2.25 images need
to be tracked manually. Maybe we could file wishlist bugs for
versioned build-deps.
BTW, wouldn't it be enough to just display the kernel-source we need
or should we list all the CANs again?
Cheers,
Stefan
More information about the Secure-testing-team
mailing list