Kernel Exploits

hi

i was searching google and this site came up
http://www.securiteam.com/unixfocus/5MP0L2AKUU.html
i assume as the linux community has fixed this problem, but how can i update my kernel with no chance of messing my machine up, or is this updated with the zmd updater thing

Quote:

hi

i was searching google and this site came up
http://www.securiteam.com/unixfocus/5MP0L2AKUU.html
i assume as the linux community has fixed this problem, but how can i update my kernel with no chance of messing my machine up, or is this updated with the zmd updater thing
[/b]

when SUSE security people find some security issue in the kernel, they usually release a update for it - read: they provide a new kernel with the fixes and it appears in your update system (opensuse-updater or zen-updater) and you can update the kernel with that system

you can install a newer kernel if you want, have a look in the SUSE repos at repos.opensuse.org though only mess with kernel upgrades if you know what you're doing as it can screw your perfectly working system - btw, i run 2.6.21-rc5

if you run kernel version < 2.6.20 then you're not affected by this issue in the link

It's also worth having a look at the openSUSE updates page where the issues addressed by the update are described . openSUSE updates

Initially I thought I needed to update the kernel but when I had a look I saw that the vulnerabilities relate to Bluetooth (I don't use it), ISDN (I don't use it), NFS (I don't use it) and the other vulnerabilities are not remote exploits, they are ones which allow a local user to gain root privileges. I'm the only user here and mostly I trust myself not to attck my own PC by a privilege escalation exploit...so much easier to su and enter the root password