CAN-2004-1335 : Linux kernel patch for the open source 2.4.28
Hello all ,
I work for a security company that uses the open source linux kernel
2.4.28 on our embedded appliance .
In an effort to fix all open security vulnerabilitied , we decided to
have it patched.I had a couple of questions in this regard.
1] The fix for the CVE-2004-1016 and CAN-2004-1335 has been done in 2.4.29 ,we do not
intend to move to this version . How and where do i get the patch for
2.4.28 version ?
2] The reference to this vulnerability has patches for 2.4.28 but
only through vendors like redhat and suse (I have to pay to get the
patch i believe ) , but is there a site that has all the security
patches[2.4.28] for open source users like us.
3] Going forward if there is a patch that is posted on a X, Y Z site
, how do i rely on it not to have GPL and trojans issues in patches
I do not know if this is a forum for these question , but please take
time to address this problem of ours.
Please cc your reply to firstname.lastname@example.org
You might not want to use one of these kernels directly as you probably have only specific options enabled on your kernel if its an embedded appliance - most distros compile almost everything into their kernels.
they've actually just added support for the 2.4.28 kernel!!! :)
|All times are GMT -5. The time now is 10:39 PM.|