[Techtalk] Secure kernel versions
Caitlyn Martin
caitlynmaire at earthlink.net
Wed Apr 3 19:58:49 EST 2002
Hi, Hans,
> I was just given the advice to upgrade my RH 6.1 system from kernel
> 2.2.12 to 2.2.19.
> It seems RedHat thinks their 2.2.16 kernel is secure enough (as that's
> the only kernel upgrade I find on their Errata page).
Not so. Red Hat *no longer supports* RH 6.1. They want you to upgrade
to 6.2 or higher, preferably 7.2.
>
> Do you think I should trust redhat in this or get the 2.2.19 (or the
> latest 2.2.20) kernel?
An upgrade, either of the kernel or the whole OS, is in order. You
undoubtedly have other vulnerabilities as well. Read through the Red
Hat 6.2 errata and see which vulnerabilities may apply to 6.1 as well.
You need to upgrade any packages which suffer from vulnerabilities. At
the least, this will include any of the following if you are using them:
samba, open ssl, open ssh, sendmail, and probably a lot more I can't
think of right now.
Personally, I'd upgrade the whole OS.
All the best,
Caity
More information about the Techtalk
mailing list