Salix OS

Hello,

I alredy posted this on Slackware forum but I must ask also here, as in fact I use Salix in my servers. Namely, there is much fuss recently in the web on the severe remote vulnerability CVE-2016-10229: https://www.theregister.co.uk/2017/04/1 ... rnel_flaw/

It seems to be fixed with latest Slackware kernels. What about the older ones? Is there a chance that there will be a patch released by the Salix or Slackware team for older releases?

Regards

Hello,

answer by Patrick Volkerding in this post: "It's been long fixed in Slackware 14.0 and newer."

Didier

I know it is fixed with latest releases. What about older ones like 13.1?

witek wrote:I know it is fixed with latest releases. What about older ones like 13.1?

2.6.33 is no longer supported by official devs and will not be updated. However you can patch your kernel package for example to 3.2 kernel and stay security updated. In https://www.kernel.org/category/releases.html you can see all supported kernel versions.

Is there a chance that I can just install kernel packages from Slackware or Salix14.0 into 13.1, and add them to lilo? Or will it be a waste of time?

Haven't tried it, but it should work. Maybe you need to update lilo to a newer version first, the lilo in 13.1 might not support newer kernels. You can take the sources from 14.2 and build a new lilo package.

http://download.salixos.org/x86_64/14.2/source/a/lilo/

Just run: You might want to edit the pkgrel in the SLKBUILD to reflect that this is your build for 13.1 first.

witek wrote:Is there a chance that I can just install kernel packages from Slackware or Salix14.0 into 13.1, and add them to lilo? Or will it be a waste of time?

It can work, but I recommend to compile for yourself.

It works with current kernel. Thanks