Linux 2.4.28-rc4

Linux 2.4.28-rc4

[Marcelo Tosatti]

Hi, 

Here goes the fourth release candidate of 2.4.28.

A few small problems showed up in time for another -rc.

Missing exported symbols in the networking area, an ACPI poweroff bugfix, 
aic7xxx compile fix with -Werror, a binfmt_elf underflow enhancement, 
an SCTP fix, and a couple TG3 fixes.

This will become v2.4.28 final if nothing _really_ bad shows up.


Thanks to everybody who has been contributing to make this happen.


Summary of changes from v2.4.28-rc3 to v2.4.28-rc4
============================================

Adrian Bunk:
  o [NET]: neigh_for_each must be EXPORT_SYMBOL'ed

David S. Miller:
  o [AF_UNIX]: Serialize dgram read using semaphore just like stream
  o [NET]: Export __neigh_for_each_release to modules
  o [TG3]: Update driver version and reldate

Jakub Jelínek:
  o binfmt_elf: handle p_filesz == 0 on PT_INTERP section

Len Brown:
  o [ACPI] fix NMI during poweroff http://bugzilla.kernel.org/show_bug.cgi?id=1206

Marcelo Tosatti:
  o Changed EXTRAVERSION to -rc4

Michael Chan:
  o [TG3]: 5753 support and a bug fix

Patrick McHardy:
  o [SCTP]: Fix inetaddr notifier chain corruption

Willy Tarreau:
  o aic7xxx aic79xx_osm_pci.c compile fix with -Werror

Re: Linux 2.4.28-rc4

[O.Sezer]

> Jakub Jelínek:
>   o binfmt_elf: handle p_filesz == 0 on PT_INTERP section

Another FYI: There were two successive binfmt_elf 2.6-backports posted
by Barry Nathan here;  "ELF fixes for executables with huge BSS":

http://marc.theaimsgroup.com/?t=109850369800001&r=1&w=2
http://marc.theaimsgroup.com/?l=linux-kernel&m=109850420711579&w=2
http://marc.theaimsgroup.com/?l=linux-kernel&m=109850420729735&w=2

but it may be too late for 2.4.28.

Ozkan Sezer

Re: Linux 2.4.28-rc4

[Marcelo Tosatti]

On Thu, Nov 18, 2004 at 12:48:41PM -0800, Barry K. Nathan wrote:
> On Wed, Nov 17, 2004 at 11:21:23AM +0200, O.Sezer wrote:
> > >Jakub Jelínek:
> > >  o binfmt_elf: handle p_filesz == 0 on PT_INTERP section
> > 
> > Another FYI: There were two successive binfmt_elf 2.6-backports posted
> > by Barry Nathan here;  "ELF fixes for executables with huge BSS":
> > 
> > http://marc.theaimsgroup.com/?t=109850369800001&r=1&w=2
> > http://marc.theaimsgroup.com/?l=linux-kernel&m=109850420711579&w=2
> > http://marc.theaimsgroup.com/?l=linux-kernel&m=109850420729735&w=2
> > 
> > but it may be too late for 2.4.28.
> 
> Marcelo and I discussed this via private e-mail; it's in the queue for
> 2.4.29-pre. I think in the end we both agreed that it's too late in the
> 2.4.28 cycle to include these patches.

Yep - they will be in 2.4.29pre.

Thanks guys!

Re: Linux 2.4.28-rc4

[Barry K. Nathan]

On Wed, Nov 17, 2004 at 11:21:23AM +0200, O.Sezer wrote:
> >Jakub Jelínek:
> >  o binfmt_elf: handle p_filesz == 0 on PT_INTERP section
> 
> Another FYI: There were two successive binfmt_elf 2.6-backports posted
> by Barry Nathan here;  "ELF fixes for executables with huge BSS":
> 
> http://marc.theaimsgroup.com/?t=109850369800001&r=1&w=2
> http://marc.theaimsgroup.com/?l=linux-kernel&m=109850420711579&w=2
> http://marc.theaimsgroup.com/?l=linux-kernel&m=109850420729735&w=2
> 
> but it may be too late for 2.4.28.

Marcelo and I discussed this via private e-mail; it's in the queue for
2.4.29-pre. I think in the end we both agreed that it's too late in the
2.4.28 cycle to include these patches.

-Barry K. Nathan <barryn@pobox.com>

RE: Linux 2.4.28-rc4

[Massimo Cetra]

> Marcelo and I discussed this via private e-mail; it's in the 
> queue for 2.4.29-pre. I think in the end we both agreed that 
> it's too late in the
> 2.4.28 cycle to include these patches.
> 
> -Barry K. Nathan <barryn@pobox.com>

Why such a decision ?

Do you think that it is not exploitable or at least not in a short time ?

I don't think 2.4.29 will see the light in a short time so, unless there are
serious problems arising from these patches (and 2.6 should be affected
too), I think that for the sake of security it may be worthy and clever
includind these patches (and delay 2.4.28 for some days...)

M$ is waiting for a gold occasion to shot on linux. 
A known buffer overflow, not patched soon, may be used against linux and,
what interest me more, we could avoid updating kernels on tons pf production
servers for something which could be patched before.

Massimo Cetra

Re: Linux 2.4.28-rc4

[Chris Wright]

* Massimo Cetra (mcetra@navynet.it) wrote:
> I don't think 2.4.29 will see the light in a short time so, unless there are
> serious problems arising from these patches (and 2.6 should be affected
> too), I think that for the sake of security it may be worthy and clever
> includind these patches (and delay 2.4.28 for some days...)

2.4.28 is already out.

thanks,
-chris
-- 
Linux Security Modules     http://lsm.immunix.org     http://lsm.bkbits.net

RE: Linux 2.4.28-rc4

[Massimo Cetra]

> * Massimo Cetra (mcetra@navynet.it) wrote:
> > I don't think 2.4.29 will see the light in a short time so, unless 
> > there are serious problems arising from these patches (and 
> 2.6 should 
> > be affected too), I think that for the sake of security it may be 
> > worthy and clever includind these patches (and delay 2.4.28 
> for some 
> > days...)
> 
> 2.4.28 is already out.

Too much work for me.
Sorry -__-

max

Re: Linux 2.4.28-rc4

[Barry K. Nathan]

On Fri, Nov 19, 2004 at 01:10:32AM +0100, Massimo Cetra wrote:
> Why such a decision ?
> 
> Do you think that it is not exploitable or at least not in a short time ?

As far as I can tell, the only damage an exploit could do is to crash
*itself*; unless I'm mistaken, any "exploit" would not be able to use
either of these bugs to do any other mischief. I guess that's a long way
of saying, I don't think it's exploitable.

-Barry K. Nathan <barryn@pobox.com>