X-Original-To: alpine-devel@lists.alpinelinux.org Received: from newmail.tetrasec.net (unknown [172.21.74.12]) by lists.alpinelinux.org (Postfix) with ESMTP id 020305C4355 for ; Fri, 21 Oct 2016 08:38:13 +0000 (GMT) Received: from ncopa-desktop.copa.dup.pw (229.63.200.37.customer.cdi.no [37.200.63.229]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) (Authenticated sender: n@tanael.org) by newmail.tetrasec.net (Postfix) with ESMTPSA id 0852E5A131B; Fri, 21 Oct 2016 08:38:11 +0000 (GMT) Date: Fri, 21 Oct 2016 10:38:07 +0200 From: Natanael Copa To: "Kevin M. Gallagher" Cc: alpine-devel@lists.alpinelinux.org Subject: Re: [alpine-devel] CVE-2016-5195: Local privilege escalation exploit in Linux kernel Message-ID: <20161021103807.707115f3@ncopa-desktop.copa.dup.pw> In-Reply-To: References: X-Mailer: Claws Mail 3.13.2 (GTK+ 2.24.28; x86_64-alpine-linux-musl) X-Mailinglist: alpine-devel Precedence: list List-Id: Alpine Development List-Unsubscribe: List-Post: List-Help: List-Subscribe: MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit On Thu, 20 Oct 2016 21:53:03 -0700 "Kevin M. Gallagher" wrote: > Details: > > http://dirtycow.ninja/ > https://lkml.org/lkml/2016/10/19/860 > > Proof of concept: > https://github.com/dirtycow/dirtycow.github.io/blob/master/dirtyc0w.c > > I'm using Alpine Linux for a time-urgent and security-critical project > happening this weekend, and would really like to see this fixed. However, > I'm not familiar with aports or the way you build kernels in Alpine. Is > anyone available to update the kernel in linux-grsec in the 3.4-stable > branch and/or backport the patch, sometime soon? Yes. Updated kernels will be available with an hour or two. At least for edge and v3.4. -nc --- Unsubscribe: alpine-devel+unsubscribe@lists.alpinelinux.org Help: alpine-devel+help@lists.alpinelinux.org ---