[manjaro-security] [arch-security] [ASA-201612-11] linux-grsec: denial of service
Daniel Micay via arch-security
arch-security at archlinux.org
Sat Dec 10 19:07:46 CET 2016
On Sat, 2016-12-10 at 15:29 +0100, Remi Gacogne wrote:
> Arch Linux Security Advisory ASA-201612-11
> ==========================================
>
> Severity: High
> Date : 2016-12-10
> CVE-ID : CVE-2016-9919
> Package : linux-grsec
> Type : denial of service
> Remote : Yes
> Link : https://wiki.archlinux.org/index.php/CVE
>
> Summary
> =======
>
> The package linux-grsec before version 1:4.8.12.r201612062306-2 is
> vulnerable to denial of service.
>
> Resolution
> ==========
>
> Upgrade to 1:4.8.12.r201612062306-2.
>
> # pacman -Syu "linux-grsec>=1:4.8.12.r201612062306-2"
>
> The problem has been fixed upstream but no release is available yet.
Note that while this isn't fixed in upstream 4.8.12 / 4.8.13, it's fixed
in 4.8.13-201612082118.patch so 4.8.13.r201612082118-1 no longer carries
the patch in the downstream package.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 866 bytes
Desc: This is a digitally signed message part
URL: <http://lists.manjaro.org/pipermail/manjaro-security/attachments/20161210/4ede00fd/attachment.pgp>
More information about the manjaro-security
mailing list