Hi !
As there were a few security fixes pending and 2.4.34-pre1 has not
received enough validation, I've released 2.4.33.1 with the most
important fixes. All those fixes are already in 2.4.34-pre1.
Particularly important ones are :
- CVE-2006-1528 : local DoS via direct I/O from the sg driver to mmapped I/O space
fix from Dann Frazier
- CVE-2006-4093 : possible local DoS on some PPC970.
fix from Olof Johansson
Hotfix patches for older versions should follow within a short time.
Regards,
Willy
Summary of changes from v2.4.33 to v2.4.33.1
============================================
dann frazier:
drivers/scsi/sg.c : fix CVE-2006-1528
Jeff Layton:
2.4 NFS client - update d_cache when server reports ENOENT on an NFS remove
Willy Tarreau:
[BLKMTD] : missing offset sometimes causes panics
[PKTGEN] : fix an oops when used with bonding driver (Tien ChenLi)
export memchr() which is used by smbfs and lp driver.
powerpc: Clear HID0 attention enable on PPC970 at boot time
Change VERSION to 2.4.33.1
On Sat, 19 Aug 2006 14:13:55 +0000, Willy Tarreau <[email protected]> wrote:
>Hi !
>
>As there were a few security fixes pending and 2.4.34-pre1 has not
>received enough validation, I've released 2.4.33.1 ...
Needed this to not confuse existing slackware-10.2 startup script:
--- linux-2.4.33.1/Makefile 2006-08-20 08:33:27.000000000 +1000
+++ linux-2.4.33-1/Makefile 2006-08-20 12:50:28.000000000 +1000
@@ -1,7 +1,7 @@
VERSION = 2
PATCHLEVEL = 4
SUBLEVEL = 33
-EXTRAVERSION = .1
+EXTRAVERSION = -1
KERNELRELEASE=$(VERSION).$(PATCHLEVEL).$(SUBLEVEL)$(EXTRAVERSION)
Looks like 2.6 like stable naming convention not gonna fly for 2.4?
Grant.
On Sun, 20 Aug 2006 13:31:06 +1000, Grant Coady <[email protected]> wrote:
>On Sat, 19 Aug 2006 14:13:55 +0000, Willy Tarreau <[email protected]> wrote:
>
>>Hi !
>>
>>As there were a few security fixes pending and 2.4.34-pre1 has not
>>received enough validation, I've released 2.4.33.1 ...
>
>Needed this to not confuse existing slackware-10.2 startup script:
>
>--- linux-2.4.33.1/Makefile 2006-08-20 08:33:27.000000000 +1000
>+++ linux-2.4.33-1/Makefile 2006-08-20 12:50:28.000000000 +1000
>@@ -1,7 +1,7 @@
> VERSION = 2
> PATCHLEVEL = 4
> SUBLEVEL = 33
>-EXTRAVERSION = .1
>+EXTRAVERSION = -1
>
> KERNELRELEASE=$(VERSION).$(PATCHLEVEL).$(SUBLEVEL)$(EXTRAVERSION)
>
>Looks like 2.6 like stable naming convention not gonna fly for 2.4?
My apologies to Patrick Volkerding, the above was my first impression,
written before tracking the boot crash error messages as coming from the
nptl libraries, see the 2.4.33.2 release announcement detailing the fix
for Slackware 10.2 users. New stable 2.4 numbering is flying ;)
Grant.