Hi, Iosif Peterfi. Proxmox uses Red Hat-base kernel. https://pve.proxmox.com/wiki/Proxmox_VE_Kernel
2014-04-25 9:27 GMT+04:00 <[email protected]>: > Send pve-user mailing list submissions to > [email protected] > > To subscribe or unsubscribe via the World Wide Web, visit > http://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-user > or, via email, send a message with subject or body 'help' to > [email protected] > > You can reach the person managing the list at > [email protected] > > When replying, please edit your Subject line so it is more specific > than "Re: Contents of pve-user digest..." > > > Today's Topics: > > 1. Re: pve-user Digest, Vol 73, Issue 18 (Irek Fasikhov) > 2. Re: [SECURITY] [DSA 2906-1] linux-2.6 security update > (Iosif Peterfi) > > > ---------------------------------------------------------------------- > > Message: 1 > Date: Fri, 25 Apr 2014 08:20:27 +0400 > From: Irek Fasikhov <[email protected]> > To: "[email protected]" <[email protected]> > Subject: Re: [PVE-User] pve-user Digest, Vol 73, Issue 18 > Message-ID: > <CAF-rypxybAu33XSd3_n+98Lixa+0eJT= > [email protected]> > Content-Type: text/plain; charset="utf-8" > > Hi, Alexandre DERUMIER > > Sync the files please git kernel ;). > > > 2014-04-24 14:00 GMT+04:00 <[email protected]>: > > > Send pve-user mailing list submissions to > > [email protected] > > > > To subscribe or unsubscribe via the World Wide Web, visit > > http://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-user > > or, via email, send a message with subject or body 'help' to > > [email protected] > > > > You can reach the person managing the list at > > [email protected] > > > > When replying, please edit your Subject line so it is more specific > > than "Re: Contents of pve-user digest..." > > > > > > Today's Topics: > > > > 1. There are no files in Git Kernel (Irek Fasikhov) > > 2. Re: There are no files in Git Kernel (Dietmar Maurer) > > > > > > ---------------------------------------------------------------------- > > > > Message: 1 > > Date: Thu, 24 Apr 2014 11:12:40 +0400 > > From: Irek Fasikhov <[email protected]> > > To: "[email protected]" <[email protected]> > > Subject: [PVE-User] There are no files in Git Kernel > > Message-ID: > > < > > caf-rypwdds_vde4ugw0aatu01xmjxe8qocy4f1zkeurga4h...@mail.gmail.com> > > Content-Type: text/plain; charset="utf-8" > > > > Hi, Dietmar Maurer, Alexandre DERUMIER > > > > In git repository is missing the following files( > > > > > https://git.proxmox.com/?p=pve-kernel-2.6.32.git;a=tree;h=dcfe603b71a1e227bfa8fe1b1b4b39570e7f74f9;hb=dcfe603b71a1e227bfa8fe1b1b4b39570e7f74f9 > > ): > > > > config-2.6.32-042stab088.4.x86_64 > > vzkernel-2.6.32-042stab088.4.src.rpm > > > > -- > > ? ?????????, ??????? ???? ??????????? > > ???.: +79229045757 > > -------------- next part -------------- > > An HTML attachment was scrubbed... > > URL: < > > > http://pve.proxmox.com/pipermail/pve-user/attachments/20140424/a0c7f0a6/attachment-0001.html > > > > > > > ------------------------------ > > > > Message: 2 > > Date: Thu, 24 Apr 2014 08:45:05 +0000 > > From: Dietmar Maurer <[email protected]> > > To: Irek Fasikhov <[email protected]>, "[email protected]" > > <[email protected]> > > Subject: Re: [PVE-User] There are no files in Git Kernel > > Message-ID: > > <[email protected]> > > Content-Type: text/plain; charset="utf-8" > > > > thanks for the bug report ? just added those files. > > > > Should appear on the puplic repository in a few minutes. > > > > From: pve-user [mailto:[email protected]] On Behalf Of > > Irek Fasikhov > > Sent: Donnerstag, 24. April 2014 09:13 > > To: [email protected] > > Subject: [PVE-User] There are no files in Git Kernel > > > > Hi, Dietmar Maurer, Alexandre DERUMIER > > > > In git repository is missing the following files( > > > https://git.proxmox.com/?p=pve-kernel-2.6.32.git;a=tree;h=dcfe603b71a1e227bfa8fe1b1b4b39570e7f74f9;hb=dcfe603b71a1e227bfa8fe1b1b4b39570e7f74f9 > > ): > > > > config-2.6.32-042stab088.4.x86_64 > > vzkernel-2.6.32-042stab088.4.src.rpm > > > > -- > > ? ?????????, ??????? ???? ??????????? > > ???.: +79229045757 > > -------------- next part -------------- > > An HTML attachment was scrubbed... > > URL: < > > > http://pve.proxmox.com/pipermail/pve-user/attachments/20140424/88997601/attachment-0001.html > > > > > > > ------------------------------ > > > > Subject: Digest Footer > > > > _______________________________________________ > > pve-user mailing list > > [email protected] > > http://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-user > > > > > > ------------------------------ > > > > End of pve-user Digest, Vol 73, Issue 18 > > **************************************** > > > > > > -- > ? ?????????, ??????? ???? ??????????? > ???.: +79229045757 > -------------- next part -------------- > An HTML attachment was scrubbed... > URL: < > http://pve.proxmox.com/pipermail/pve-user/attachments/20140425/dc75c528/attachment-0001.html > > > > ------------------------------ > > Message: 2 > Date: Fri, 25 Apr 2014 07:27:34 +0200 > From: Iosif Peterfi <[email protected]> > To: [email protected] > Subject: Re: [PVE-User] [SECURITY] [DSA 2906-1] linux-2.6 security > update > Message-ID: > < > ca+m5w7vty7k3o8izkja07l-8a5nx+y8arjzx48inup9gbc6...@mail.gmail.com> > Content-Type: text/plain; charset="utf-8" > > Guys, > > Has this been fixed in the pve-kernel 2.6 ?! This has just been patched in > debian last night (CET). > > Let me know, > Iosif > > > On Fri, Apr 25, 2014 at 2:12 AM, dann frazier <[email protected]> wrote: > > > -----BEGIN PGP SIGNED MESSAGE----- > > Hash: SHA1 > > > > - ---------------------------------------------------------------------- > > Debian Security Advisory DSA-2906-1 [email protected] > > http://www.debian.org/security/ Dann Frazier > > April 24, 2014 http://www.debian.org/security/faq > > - ---------------------------------------------------------------------- > > > > Package : linux-2.6 > > Vulnerability : privilege escalation/denial of service/information leak > > Problem type : local/remote > > Debian-specific: no > > CVE Id(s) : CVE-2013-0343 CVE-2013-2147 CVE-2013-2889 CVE-2013-2893 > > CVE-2013-4162 CVE-2013-4299 CVE-2013-4345 CVE-2013-4512 > > CVE-2013-4587 CVE-2013-6367 CVE-2013-6380 CVE-2013-6381 > > CVE-2013-6382 CVE-2013-6383 CVE-2013-7263 CVE-2013-7264 > > CVE-2013-7265 CVE-2013-7339 CVE-2014-0101 CVE-2014-1444 > > CVE-2014-1445 CVE-2014-1446 CVE-2014-1874 CVE-2014-2039 > > CVE-2014-2523 CVE-2103-2929 > > > > Several vulnerabilities have been discovered in the Linux kernel that may > > lead > > to a denial of service, information leak or privilege escalation. The > > Common > > Vulnerabilities and Exposures project identifies the following problems: > > > > CVE-2013-0343 > > > > George Kargiotakis reported an issue in the temporary address > handling > > of the IPv6 privacy extensions. Users on the same LAN can cause a > > denial > > of service or obtain access to sensitive information by sending > router > > advertisement messages that cause temporary address generation to be > > disabled. > > > > CVE-2013-2147 > > > > Dan Carpenter reported issues in the cpqarray driver for Compaq > > Smart2 Controllers and the cciss driver for HP Smart Array > controllers > > allowing users to gain access to sensitive kernel memory. > > > > CVE-2013-2889 > > > > Kees Cook discovered missing input sanitization in the HID driver for > > Zeroplus game pads that could lead to a local denial of service. > > > > CVE-2013-2893 > > > > Kees Cook discovered that missing input sanitization in the HID > driver > > for various Logitech force feedback devices could lead to a local > > denial > > of service. > > > > CVE-2013-2929 > > > > Vasily Kulikov discovered that a flaw in the get_dumpable() function > of > > the ptrace subsytsem could lead to information disclosure. Only > systems > > with the fs.suid_dumpable sysctl set to a non-default value of '2' > are > > vulnerable. > > > > CVE-2013-4162 > > > > Hannes Frederic Sowa discovered that incorrect handling of IPv6 > sockets > > using the UDP_CORK option could result in denial of service. > > > > CVE-2013-4299 > > > > Fujitsu reported an issue in the device-mapper subsystem. Local users > > could gain access to sensitive kernel memory. > > > > CVE-2013-4345 > > > > Stephan Mueller found in bug in the ANSI pseudo random number > generator > > which could lead to the use of less entropy than expected. > > > > CVE-2013-4512 > > > > Nico Golde and Fabian Yamaguchi reported an issue in the user mode > > linux port. A buffer overflow condition exists in the write method > > for the /proc/exitcode file. Local users with sufficient privileges > > allowing them to write to this file could gain further elevated > > privileges. > > > > CVE-2013-4587 > > > > Andrew Honig of Google reported an issue in the KVM virtualization > > subsystem. A local user could gain elevated privileges by passing > > a large vcpu_id parameter. > > > > CVE-2013-6367 > > > > Andrew Honig of Google reported an issue in the KVM virtualization > > subsystem. A divide-by-zero condition could allow a guest user to > > cause a denial of service on the host (crash). > > > > CVE-2013-6380 > > > > Mahesh Rajashekhara reported an issue in the aacraid driver for > storage > > products from various vendors. Local users with CAP_SYS_ADMIN > > privileges > > could gain further elevated privileges. > > > > CVE-2013-6381 > > > > Nico Golde and Fabian Yamaguchi reported an issue in the Gigabit > > Ethernet > > device support for s390 systems. Local users could cause a denial of > > service or gain elevated privileges via the > > SIOC_QETH_ADP_SET_SNMP_CONTROL > > ioctl. > > > > CVE-2013-6382 > > > > Nico Golde and Fabian Yamaguchi reported an issue in the XFS > > filesystem. > > Local users with CAP_SYS_ADMIN privileges could gain further elevated > > privileges. > > > > CVE-2013-6383 > > > > Dan Carpenter reported an issue in the aacraid driver for storage > > devices > > from various vendors. A local user could gain elevated privileges due > > to > > a missing privilege level check in the aac_compat_ioctl function. > > > > CVE-2013-7263 CVE-2013-7264 CVE-2013-7265 > > > > mpb reported an information leak in the recvfrom, recvmmsg and > recvmsg > > system calls. A local user could obtain access to sensitive kernel > > memory. > > > > CVE-2013-7339 > > > > Sasha Levin reported an issue in the RDS network protocol over > > Infiniband. > > A local user could cause a denial of service condition. > > > > CVE-2014-0101 > > > > Nokia Siemens Networks reported an issue in the SCTP network protocol > > subsystem. Remote users could cause a denial of service (NULL pointer > > dereference). > > > > CVE-2014-1444 > > > > Salva Peiro reported an issue in the FarSync WAN driver. Local users > > with the CAP_NET_ADMIN capability could gain access to sensitive > kernel > > memory. > > > > CVE-2014-1445 > > > > Salva Peiro reported an issue in the wanXL serial card driver. Local > > users could gain access to sensitive kernel memory. > > > > CVE-2014-1446 > > > > Salva Peiro reported an issue in the YAM radio modem driver. Local > > users > > with the CAP_NET_ADMIN capability could gain access to sensitive > kernel > > memory. > > > > CVE-2014-1874 > > > > Matthew Thode reported an issue in the SELinux subsystem. A local > user > > with CAP_MAC_ADMIN privileges could cause a denial of service by > > setting > > an empty security context on a file. > > > > CVE-2014-2039 > > > > Martin Schwidefsky reported an issue on s390 systems. A local user > > could cause a denial of service (kernel oops) by executing an > > application > > with a linkage stack instruction. > > > > CVE-2014-2523 > > > > Daniel Borkmann provided a fix for an issue in the nf_conntrack_dccp > > module. Remote users could cause a denial of service (system crash) > > or potentially gain elevated privileges. > > > > For the oldstable distribution (squeeze), this problem has been fixed in > > version 2.6.32-48squeeze5. > > > > The following matrix lists additional source packages that were rebuilt > for > > compatibility with or to take advantage of this update: > > > > Debian 6.0 (squeeze) > > user-mode-linux 2.6.32-1um-4+48squeeze5 > > > > We recommend that you upgrade your linux-2.6 and user-mode-linux > packages. > > > > Note: Debian carefully tracks all known security issues across every > > linux kernel package in all releases under active security support. > > However, given the high frequency at which low-severity security > > issues are discovered in the kernel and the resource requirements of > > doing an update, updates for lower priority issues will normally not > > be released for all kernels at the same time. Rather, they will be > > released in a staggered or "leap-frog" fashion. > > > > Further information about Debian Security Advisories, how to apply > > these updates to your system and frequently asked questions can be > > found at: http://www.debian.org/security/ > > > > Mailing list: [email protected] > > -----BEGIN PGP SIGNATURE----- > > Version: GnuPG v1 > > > > iQIcBAEBAgAGBQJTWaeAAAoJEBv4PF5U/IZAzFkP/2+YLfDXhZaBIoR1gugvac+F > > q3/PgKXURH35N2vOU3pTkmYgwZh6gOHCzLJ3/ae2qL2GDTw5ZLu2EYv+xiJLOk8a > > 9k5dki6j2k38EI7ktTn7BMVfOgoZTmlfYYVjdGmRU+2YEXu1ATr4zt0wN4azvThU > > 25sgo21rYcaMPvOwng922/RAFQPtDZmAODTXxfpkL6c/zzeMLOILqlAYRe9uMfu5 > > 4X8G1/wglfSzx6b4yWZPvltWCgW+yi3OklrAalSsn8PnDf7yS8wWmxXsZ0pOEHHV > > 7bbUCMDYtUkqqTq9/Ak/ohGo3mJkPJnzSeg8ShemSEY40NTlIbSmfUTYepTovhCF > > A7A8TmYUhsAavD+DUxbQvYJjRKufzsymCg3yA0qp9JTKVRr5/IVkqpSeAx2Hpo7C > > Jqkf0Or4t9BYc5juJasgicb4ttyYlleGnlJ8+ojelxXLROkH8EnIv3CDP87WGnOt > > Dora/G+Al0AmRuk6TQuZofMtXK9dcBanN2+jr7HipE6dnH7vMo7xn979NdEaTkHs > > Yskm+FJJXFoTGS49/V2YlIhDU2zuCnXodGYsZl+RSI54XPMkKrrfKZ6zRIJ5r3vJ > > IFiqcMUlNJtEU4viwMjBkXlMvQZoN0e44ufK+/+VfQYPrj3puYoYLq1FOeF0JFaE > > 8D7zI3prwl5DKG9kWEaq > > =T6VL > > -----END PGP SIGNATURE----- > > > > > > -- > > To UNSUBSCRIBE, email to > [email protected] > > with a subject of "unsubscribe". Trouble? Contact > > [email protected] > > Archive: https://lists.debian.org/[email protected] > > > > > -------------- next part -------------- > An HTML attachment was scrubbed... > URL: < > http://pve.proxmox.com/pipermail/pve-user/attachments/20140425/40d70e03/attachment.html > > > > ------------------------------ > > Subject: Digest Footer > > _______________________________________________ > pve-user mailing list > [email protected] > http://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-user > > > ------------------------------ > > End of pve-user Digest, Vol 73, Issue 19 > **************************************** > -- С уважением, Фасихов Ирек Нургаязович Моб.: +79229045757
_______________________________________________ pve-user mailing list [email protected] http://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-user
