X
Business
Home Business Tech Industry

MandrakeSoft withdraws 'unsafe' Linux update

The Linux distributor has advised users not to install a recent upate to the Mandrake Linux 9.1 kernel, after discovering a serious flaw
Written by Matthew Broersma, Contributor

MandrakeSoft has advised users of its Mandrake Linux 9.1 operating system not to install a security update released on Sunday due to a serious security bug in the update. If users have already installed the update, MandrakeSoft urged them to downgrade to a previous version if possible.

The unusual warning concerned a routine security update to the kernel, or core, of Mandrake Linux 9.1 released at the beginning of this week. On Tuesday, the company warned that the kernel update was not safe, as it was creating files that could be altered by any user.

"The regular kernel (kernel-2.4.21.0.24mdk) has a problem where it is ignoring umask settings and instead is creating files with mode 0666 (world writeable)," wrote MandrakeSoft security update manager Vincent Danen to a Mandrake security mailing list. He said MandrakeSoft's secure and enterprise kernels were not affected by the bugs.

The updated kernel, kernel-2.4.21.0.24mdk, should be rolled back to kernel 18mdk or 13mdk if possible, or swapped for the secure kernel, Danen said. MandrakeSoft said it was working on a fix for the 24mdk kernel, and said it expected to release the fix on Friday.

The latest kernel update fixed several software bugs and security holes.

For all security-related news, including updates on the latest viruses, hacking exploits and patches, check out ZDNet UK's Security News Section.

Let the editors know what you think in the Mailroom.

Editorial standards
Show Comments

Related

Anker Solix X1

Not into the Tesla Powerwall? You can now buy the Anker Solix X1

pxl-20240424-181716738

Facebook's Meta AI is lying when it says you can disable it - but here's what you can do

Placeholder product image alt text

The best AI image generators to try right now