On 07/02/2013 04:55 PM, Johnny Hughes wrote: > The following kernel has been built while waiting for upstream to > release a new kernel that addresses CVE-2013-2224: > > http://people.centos.org/hughesjr/c6kernel/2.6.32-358.11.1.el6.cve20132224/ > > Please see this upstream bug for details: > > https://bugzilla.redhat.com/show_bug.cgi?id=979936 > > ========================= > > Note: This kernel has been minimally tested and is provided as is for > people who do not want to wait for the official kernel. It is the > standard CentOS kernel with one added patch ( > https://bugzilla.redhat.com/attachment.cgi?id=767364) > > This kernel needs to be tested for fitness by each user before being > placed in production. It is a best effort to mitigate an issue that can > cause local user escalation to root while waiting for upstream to fix > and QA the official kernel. Use at your own risk. > There has been a new upstream kernel released (kernel-2.6.32-358.14.1.el6.src.rpm) and we have released a testing kernel that addresses this issue. Same warnings and bugzilla links apply (this is a best effort, use at your own risk, yada yada yada !): http://people.centos.org/hughesjr/c6kernel/2.6.32-358.14.1.el6.cve20132224/ Thanks, Johnny Hughes -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 198 bytes Desc: OpenPGP digital signature URL: <http://lists.centos.org/pipermail/centos/attachments/20130717/de3ea845/attachment-0005.sig>