You are not logged in.
I was following this exploit VERY closely...Here's the timeline i was able to gather in my research:
Exploit Found -> Upstream kernel (Git ONLY) fix -> Arch Fix -> Gentoo Fix -> Debian Etch Fix -> Everyone else's fixes
Offline
distrowatch is wrong, we can all agree on that. I can remember that day and I can remember when I first heard about the exploit. It was later that night on irc. After hearing about the exploit I remember getting an update to kernel26 earlier in the day, I had a suspicion at that moment that the exploit was fixed in that update. It wasn't till the next day that I read the front page of arch and confirmed I was already in the clear as far as the vmsplice() exploit was concerned. U can't get much faster then that.
Offline
I was following this exploit VERY closely...Here's the timeline i was able to gather in my research:
Exploit Found -> Upstream kernel (Git ONLY) fix -> Arch Fix -> Gentoo Fix -> Debian Etch Fix -> Everyone else's fixes
Not quite correct.
The patch we used was not the same as applied to mainstream git later.
We've patched our kernel with the first patch that fixed the security hole, while mainstream applied a slightly different patch later.
Comment #47 on that DistroWatch Weekly issue says that Gentoo fixed it sooner, but this is only because we had some issues with our main server at that time.
to live is to die
Offline
Please, no childish posting in the comments. Some comments were very well written and objective, whilst others made me embarrased to be a part of the Arch community.
Offline
I think that Ladislav has some view on what Linux distros should be like and he is trying to popularize that view. It seems that he finds necessary that more people use Linux and all distros should aim at that - mostly that all distros should be easy for new users, and keep them from shooting in their legs (even though all attempts for that to date have failed). While this is not the view of many people (including me), I think that we should not pay much attention to his editorials and argue. Let not Arch be the next Gentoo...
If everything else fails, read the manual.
Offline