Hi,
I tried the rpms, and they seem to be working great. The only thing i saw
in my messages file is:
Apr 16 12:14:23 xx10 syslogd 1.3-3: restart.
Apr 16 12:14:24 xx10 insmod: Warning: kernel-module minor version mismatch
^I/lib/modules/net/bwmgmt.o was compiled for kernel version 2.2.14$
Apr 16 12:14:24 xx10 insmod: insmod will continue if kernel interface
checksums match
Apr 16 12:14:24 xx10 insmod: /lib/modules/net/bwmgmt.o: unresolved symbol
interruptible_sleep_on_R23da02ba
Apr 16 12:14:24 xx10 insmod: /lib/modules/net/bwmgmt.o: unresolved symbol
proc_register_R125d240f
Apr 16 12:14:24 xx10 insmod: /lib/modules/net/bwmgmt.o: unresolved symbol
__wake_up_Re9831108
Apr 16 12:14:24 xx10 insmod: /lib/modules/net/bwmgmt.o: unresolved symbol
proc_root_R63cab8d9
Apr 16 12:14:24 xx10 insmod: /lib/modules/net/bwmgmt.o: unresolved symbol
send_sig_Rabce8e99
Apr 16 12:14:24 xx10 insmod: /lib/modules/net/bwmgmt.o: unresolved symbol
bw_sock_register_mgmt_Rd430d9dc
Apr 16 12:14:24 xx10 insmod: /lib/modules/net/bwmgmt.o: unresolved symbol
proc_unregister_R7b368f97
Apr 16 12:14:24 xx10 insmod: /lib/modules/net/bwmgmt.o: unresolved symbol
interruptible_sleep_on_timeout_R1b9a056a
Apr 16 12:14:24 xx10 insmod: /lib/modules/net/bwmgmt.o: unresolved symbol
__pollwait_Rf70b5eee
Did i forget something?
Apr 16 12:14:25 xx10 kernel: klogd 1.3-3, log source = /proc/kmsg started.
Apr 16 12:14:25 xx10 kernel: Inspecting /boot/System.map
Apr 16 12:14:25 xx10 kernel: Loaded 7581 symbols from /boot/System.map.
Apr 16 12:14:25 xx10 kernel: Symbols match kernel version 2.2.16.
Apr 16 12:14:25 xx10 kernel: Loaded 7 symbols from 1 module.
Apr 16 12:14:25 xx10 kernel: Linux version 2.2.16C24_III
([EMAIL PROTECTED]) (gcc version 2.95.2 19991024 (release)) #1 Thu
Mar 22 21:$
Apr 16 12:14:25 xx10 kernel: Ignoring bogus EBDA pointer 3ABF000
Apr 16 12:14:25 xx10 kernel: Detected 298807 kHz processor.
Apr 16 12:14:25 xx10 kernel: Pending 0x10
Apr 16 12:14:25 xx10 kernel: Calibrating delay loop... 596.38 BogoMIPS
Apr 16 12:14:25 xx10 kernel: Memory: 62916k/65536k available (1240k kernel
code, 412k reserved, 904k data, 64k init)
Apr 16 12:14:25 xx10 kernel: Dentry hash table entries: 8192 (order 4, 64k)
Apr 16 12:14:25 xx10 kernel: Buffer cache hash table entries: 65536 (order
6, 256k)
Apr 16 12:14:25 xx10 kernel: Page cache hash table entries: 16384 (order 4,
64k)
Its runng great so far.
At 10:13 16-4-2001 +0100, you wrote:
>2.2.16C24 includes the security fix, manually edited into the code.
>
>You can find the current Cobalt build at;
>ftp://ftp.cobaltnet.com/pub/users/thockin/kernels/
>
>Important disclaimer; apply at own risk.
>
>For a RaQ 3, you need to download the following files;
>
>kernel-2.2.16C24_III-1.i386.rpm
>kernel-headers-2.2.16C24_III-1.i386.rpm
>kernel-reiserfs-utils-2.2.16C24_III-1.i386.rpm
>kernel-source-2.2.16C24_III-1.i386.rpm
>
>I'm not sure on the status of patches for RaQ4's (or older RaQs).
>
>Cobalt's FTP server appears to be down (at least, from what I can see), so
>I've copied the files to;
>
>http://owned.lab6.com/~gossi/RaQ-security/files
>
>md5sum's of files;
>
>cfd397526dbb685df890800315a15d31 kernel-2.2.16C24_III-1.i386.rpm
>6c828271e54f1ed3b9df3e68a9706df2 kernel-headers-2.2.16C24_III-1.i386.rpm
>fc691c8fb5b2ddcc211d331d12758e30
>kernel-reiserfs-utils-2.2.16C24_III-1.i386.rpm
>c3bf2ebc69845985c74df9392a19798c kernel-source-2.2.16C24_III-1.i386.rpm
>
>Again, to reiterate these aren't final Cobalt patches, and as such you
>can't get support if applying them kills the RaQ. Having said that, my
>RaQ3 has remained stable since applying the RPM.
>
>Regards,
>Gossi The Dog.
>
>
>
>On Sun, 15 Apr 2001, Peter Batenburg wrote:
>
> > The last thing i heard was, that 2.2.19 is not vuln. So i wonder if you got
> > all the bugs outof 2.2.16.
> > If you can make that kernel public, i can test it for you on several RaQ's.
> > In what period would you expect sun having a fix/patch?
> >
> > At 16:09 15-4-2001 +0100, you wrote:
> > >On Sun, 15 Apr 2001, Adam Sculthorpe wrote:
> > >
> > > >
> > > > Have you posted this vulnerability to BUGTRAQ or any other sites?
> > > >
> > > > I am happy for you to have discovered a 'nice' new vulnerability but
> > > without
> > > > either the source code or a full disclosure of what is happening
> your post
> > > > here is pretty useless.
> > > >
> > > > Adam
> > >
> > >It's a kernel vun. I won't bother going into much detail, but I've been
> > >working with Sun on a fix for just over a week now. owned.lab6.com
> > >currently runs kernel 2.2.16C24_III - a test kernel - and appears to be
> > >ok. It successfully patches the exploit.
> > >
> > >I'd expect a patch to be available soon. It's fairly critical this one is
> > >properly tested first, as replacing the RaQ kernel is something that could
> > >go badly wrong if the patch wasn't 100% ok.
> > >
> > >I'd just sit tight for now, Sun are working on it.
> > >
> > >Regards,
> > >Gossi.
> >
> > _______________________________________________
> > cobalt-security mailing list
> > [EMAIL PROTECTED]
> > http://list.cobalt.com/mailman/listinfo/cobalt-security
> >
>
>_______________________________________________
>cobalt-security mailing list
>[EMAIL PROTECTED]
>http://list.cobalt.com/mailman/listinfo/cobalt-security
_______________________________________________
cobalt-security mailing list
[EMAIL PROTECTED]
http://list.cobalt.com/mailman/listinfo/cobalt-security
