Hi,
Here goes the fourth release candidate of 2.4.28.
A few small problems showed up in time for another -rc.
Missing exported symbols in the networking area, an ACPI poweroff bugfix,
aic7xxx compile fix with -Werror, a binfmt_elf underflow enhancement,
an SCTP fix, and a couple TG3 fixes.
This will become v2.4.28 final if nothing _really_ bad shows up.
Thanks to everybody who has been contributing to make this happen.
Summary of changes from v2.4.28-rc3 to v2.4.28-rc4
============================================
Adrian Bunk:
o [NET]: neigh_for_each must be EXPORT_SYMBOL'ed
David S. Miller:
o [AF_UNIX]: Serialize dgram read using semaphore just like stream
o [NET]: Export __neigh_for_each_release to modules
o [TG3]: Update driver version and reldate
Jakub Jel?nek:
o binfmt_elf: handle p_filesz == 0 on PT_INTERP section
Len Brown:
o [ACPI] fix NMI during poweroff http://bugzilla.kernel.org/show_bug.cgi?id=1206
Marcelo Tosatti:
o Changed EXTRAVERSION to -rc4
Michael Chan:
o [TG3]: 5753 support and a bug fix
Patrick McHardy:
o [SCTP]: Fix inetaddr notifier chain corruption
Willy Tarreau:
o aic7xxx aic79xx_osm_pci.c compile fix with -Werror
> Jakub Jel?nek:
> o binfmt_elf: handle p_filesz == 0 on PT_INTERP section
Another FYI: There were two successive binfmt_elf 2.6-backports posted
by Barry Nathan here; "ELF fixes for executables with huge BSS":
http://marc.theaimsgroup.com/?t=109850369800001&r=1&w=2
http://marc.theaimsgroup.com/?l=linux-kernel&m=109850420711579&w=2
http://marc.theaimsgroup.com/?l=linux-kernel&m=109850420729735&w=2
but it may be too late for 2.4.28.
Ozkan Sezer
On Wed, Nov 17, 2004 at 11:21:23AM +0200, O.Sezer wrote:
> >Jakub Jel?nek:
> > o binfmt_elf: handle p_filesz == 0 on PT_INTERP section
>
> Another FYI: There were two successive binfmt_elf 2.6-backports posted
> by Barry Nathan here; "ELF fixes for executables with huge BSS":
>
> http://marc.theaimsgroup.com/?t=109850369800001&r=1&w=2
> http://marc.theaimsgroup.com/?l=linux-kernel&m=109850420711579&w=2
> http://marc.theaimsgroup.com/?l=linux-kernel&m=109850420729735&w=2
>
> but it may be too late for 2.4.28.
Marcelo and I discussed this via private e-mail; it's in the queue for
2.4.29-pre. I think in the end we both agreed that it's too late in the
2.4.28 cycle to include these patches.
-Barry K. Nathan <[email protected]>
> Marcelo and I discussed this via private e-mail; it's in the
> queue for 2.4.29-pre. I think in the end we both agreed that
> it's too late in the
> 2.4.28 cycle to include these patches.
>
> -Barry K. Nathan <[email protected]>
Why such a decision ?
Do you think that it is not exploitable or at least not in a short time ?
I don't think 2.4.29 will see the light in a short time so, unless there are
serious problems arising from these patches (and 2.6 should be affected
too), I think that for the sake of security it may be worthy and clever
includind these patches (and delay 2.4.28 for some days...)
M$ is waiting for a gold occasion to shot on linux.
A known buffer overflow, not patched soon, may be used against linux and,
what interest me more, we could avoid updating kernels on tons pf production
servers for something which could be patched before.
Massimo Cetra
* Massimo Cetra ([email protected]) wrote:
> I don't think 2.4.29 will see the light in a short time so, unless there are
> serious problems arising from these patches (and 2.6 should be affected
> too), I think that for the sake of security it may be worthy and clever
> includind these patches (and delay 2.4.28 for some days...)
2.4.28 is already out.
thanks,
-chris
--
Linux Security Modules http://lsm.immunix.org http://lsm.bkbits.net
> * Massimo Cetra ([email protected]) wrote:
> > I don't think 2.4.29 will see the light in a short time so, unless
> > there are serious problems arising from these patches (and
> 2.6 should
> > be affected too), I think that for the sake of security it may be
> > worthy and clever includind these patches (and delay 2.4.28
> for some
> > days...)
>
> 2.4.28 is already out.
Too much work for me.
Sorry -__-
max
On Thu, Nov 18, 2004 at 12:48:41PM -0800, Barry K. Nathan wrote:
> On Wed, Nov 17, 2004 at 11:21:23AM +0200, O.Sezer wrote:
> > >Jakub Jel?nek:
> > > o binfmt_elf: handle p_filesz == 0 on PT_INTERP section
> >
> > Another FYI: There were two successive binfmt_elf 2.6-backports posted
> > by Barry Nathan here; "ELF fixes for executables with huge BSS":
> >
> > http://marc.theaimsgroup.com/?t=109850369800001&r=1&w=2
> > http://marc.theaimsgroup.com/?l=linux-kernel&m=109850420711579&w=2
> > http://marc.theaimsgroup.com/?l=linux-kernel&m=109850420729735&w=2
> >
> > but it may be too late for 2.4.28.
>
> Marcelo and I discussed this via private e-mail; it's in the queue for
> 2.4.29-pre. I think in the end we both agreed that it's too late in the
> 2.4.28 cycle to include these patches.
Yep - they will be in 2.4.29pre.
Thanks guys!
On Fri, Nov 19, 2004 at 01:10:32AM +0100, Massimo Cetra wrote:
> Why such a decision ?
>
> Do you think that it is not exploitable or at least not in a short time ?
As far as I can tell, the only damage an exploit could do is to crash
*itself*; unless I'm mistaken, any "exploit" would not be able to use
either of these bugs to do any other mischief. I guess that's a long way
of saying, I don't think it's exploitable.
-Barry K. Nathan <[email protected]>