Hello all ,
I work for a security company that uses the open source linux kernel
2.4.28 on our embedded appliance .
In an effort to fix all open security vulnerabilitied , we decided to
have it patched.I had a couple of questions in this regard.
1] The fix for the CVE-2004-1016 and CAN-2004-1335 has been done in 2.4.29 ,we do not
intend to move to this version . How and where do i get the patch for
2.4.28 version ?
2] The reference to this vulnerability has patches for 2.4.28 but
only through vendors like redhat and suse (I have to pay to get the
patch i believe ) , but is there a site that has all the security
patches[2.4.28] for open source users like us.
3] Going forward if there is a patch that is posted on a X, Y Z site
, how do i rely on it not to have GPL and trojans issues in patches
I do not know if this is a forum for these question , but please take
time to address this problem of ours.
Please cc your reply to firstname.lastname@example.org