public inbox for linux-kernel@vger.kernel.org
 help / color / mirror / Atom feed
* Linux 2.2.26 aka "2.2 is not dead" released
@ 2004-02-25  0:33 Marc-Christian Petersen
  0 siblings, 0 replies; 2+ messages in thread
From: Marc-Christian Petersen @ 2004-02-25  0:33 UTC (permalink / raw)
  To: lkml

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Hi all,

so here we go, 2.2.26 final. I am very proud to announce this because it fixes
several of security bugs including the last mremap() bug, the longer known
hashing exploit possibility in the network stack and /dev/rtc leakage.

I encourage all 2.2 kernel users to update.

Please send me all fixes/patches/etc. I've forgotton for 2.2.27-pre/rc
inclusion.


Have fun :)


2.2.26
- ------
o	CAN-2004-0077: behave safely in case of do_munmap()	(Solar Designer)
	  failures in mremap(2)
o	CAN-2003-0984: /dev/rtc can leak parts of kernel	(Solar Designer)
	  memory to unprivileged users (2.4 backport)
o	CAN-2003-0244: hashing exploits in network stack	(David S. Miller)
o	update_atime() performance improvement (2.4 backport)	(Solar Designer)
o	ability to swapoff after a device file might		(Solar Designer)
	  have been re-created
o	MAINTAINERS correction for Kernel 2.2 and 2.2 fixes	(me)
o	fixed some typos					(Solar Designer, me)



Expect my 2.2-secure tree updated within the next days.



Thanks/Kudos:
- -------------
- - to Alan Cox for 2.2 mainline handover 8-)
- - to Solar for almost all the work
- - to Linux-Systeme GmbH for sponsoring my kernel maintenance



- --
Kind regards
        Marc-Christian Petersen

http://sourceforge.net/projects/wolk

PGP/GnuPG Key: 1024D/569DE2E3DB441A16
Fingerprint:  3469 0CF8 CA7E 0042 7824 080A 569D E2E3 DB44 1A16
Key available at http://pgp.mit.edu. Encrypted e-mail preferred
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)

iD8DBQFAO+1rVp3i49tEGhYRAsAEAKD8XAqfW/V4GFlSgqyXb1RtzI50JwCfXutZ
pB/NBvPaVvyaS+SnwB1l76Q=
=VuUi
-----END PGP SIGNATURE-----

^ permalink raw reply	[flat|nested] 2+ messages in thread
* Re: Linux 2.2.26 aka "2.2 is not dead" released
@ 2004-02-26  8:24 pack-lk
  0 siblings, 0 replies; 2+ messages in thread
From: pack-lk @ 2004-02-26  8:24 UTC (permalink / raw)
  To: linux-kernel

Marc-Christian Peterson writes:
> so here we go, 2.2.26 final. I am very proud to announce this because it fixes
> several of security bugs including the last mremap() bug, the longer known
> hashing exploit possibility in the network stack and /dev/rtc leakage.
>
> I encourage all 2.2 kernel users to update.
>
> Please send me all fixes/patches/etc. I've forgotton for 2.2.27-pre/rc
> inclusion.

Great work, the people who have systems they'd prefer not to update every
other week thank you.

Marc, I was wondering whether you had any comment on the refusal of the
debian security folks (Who I recently, and amusingly, heard described
as crack-smoking monkeys) to consider releasing an updated or patched
kernel for the latest mremap() bug which they do not believe 2.2 is
vulnerable to.

thanks,
B>
-- 
Packrat (BSc/BE;COSO;Wombat Implementor)
Nihil illegitemi carborvndvm.


^ permalink raw reply	[flat|nested] 2+ messages in thread
end of thread, other threads:[~2004-02-26  8:24 UTC | newest]

Thread overview: 2+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2004-02-25  0:33 Linux 2.2.26 aka "2.2 is not dead" released Marc-Christian Petersen
  -- strict thread matches above, loose matches on Subject: below --
2004-02-26  8:24 pack-lk

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox