engine - 1:56 pm on Aug 20, 2010 (gmt 0)
Six Year Old Critical Bug In Linux Silently Patched [networkworld.com]
The Linux kernel folks "silently" pushed out a patch for a critical privilege escalation bug this week. It was for a hole that could allow an attacker to execute code at the root level from any GUI application. The patch took two months after the flaw was reported on June 17, researchers says. SUSE engineers claim they originally found it, reported it and patched it in SUSE way back in September, 2004, says the security blog The H. But the SUSE patch never made its way into the kernel at that time.