On 23/02/17 18:01, Fabian Arrotin wrote:
On 23/02/17 17:46, Jacco Ligthart wrote:
On 23-02-17 17:16, Fabian Arrotin wrote:
On 23/02/17 14:17, Robert Moskowitz wrote:
I see announcement of a new kernel for security updates.
Any ETA for it here?
thanks
I'm rebuilding kernel 4.4.50 (both generic and rpi variants) that would fix cve_2017_6074. I'll let you know when it will be ready for testing and after some feedback, I'll send those to the signing queue so that they can appear on mirror.centos.org
If I read the changelogs correctly, that CVE is not fixed in version 4.4.50
I think I'll wait for 51 :(
Jacco
I had no time to investigate further, but http://news.softpedia.com/news/linux-kernels-4-9-11-4-4-50-lts-bring-network... was mentioning DCCP
So I just had a quick look at this this morning and yes, it seems the dccp patch wasn't included in 4.4.50 but rather in 4.4.51, so have submitted a build for the generic kernel (I'll push it to testing repo when built). For raspberrypi, nothing (yet) rebased (upstream) to 4.4.51, but otoh it seems that they have now switched to newer LTS 4.9.x version.
For that CVE, I'd consider just bumping to 4.4.51 , but investigating having a rebase to 4.9.x (also LTS) seems a good option, but that has to be tested too