whats this new exploit then? (2009/11/03)
Hi, Any comment from the SL5 distro maintainers on this exploit apparently in recent RHEL releases? http://www.theregister.co.uk/2009/11/03/linux_kernel_vulnerability/ Faye -- - Faye Gibbins, Computing Officer (Infrastructure Services) GeoS KB; Linux, Unix, Security and Networks. Beekeeper - The Apiary Project, KB - www.bees.ed.ac.uk - I grabbed at spannungsbogen before I knew I wanted it. (x(x_(X_x(O_o)x_x)_X)x) The University of Edinburgh is a charitable body, registered in Scotland, with registration number SC005336.
Re: whats this new exploit then? (2009/11/03)
Email from Troy yesterday indicated that SL will have this patch available soon, within the next couple of days. Steve On Wed, 4 Nov 2009, Faye Gibbins wrote: Hi, Any comment from the SL5 distro maintainers on this exploit apparently in recent RHEL releases? http://www.theregister.co.uk/2009/11/03/linux_kernel_vulnerability/ Faye -- -- Steven C. Timm, Ph.D (630) 840-8525 t...@fnal.gov http://home.fnal.gov/~timm/ Fermilab Computing Division, Scientific Computing Facilities, Grid Facilities Department, FermiGrid Services Group, Assistant Group Leader.
Re: whats this new exploit then? (2009/11/03)
Recent RHEL releases? No, not recent ... all We already have the kernels all built, and are working on the dependencies. Troy Faye Gibbins wrote: Hi, Any comment from the SL5 distro maintainers on this exploit apparently in recent RHEL releases? http://www.theregister.co.uk/2009/11/03/linux_kernel_vulnerability/ Faye -- __ Troy Dawson daw...@fnal.gov (630)840-6468 Fermilab ComputingDivision/LSCS/CSI/USS Group __
Re: whats this new exploit then? (2009/11/03)
On Wed, Nov 4, 2009 at 1:14 AM, Faye Gibbins fgibb...@staffmail.ed.ac.uk wrote: Hi, Any comment from the SL5 distro maintainers on this exploit apparently in recent RHEL releases? The vulnerability has been there for a long time. It has only just been found by someone who works on the kernel. The finders comments are a bit off.. he first states that its a Red Hat problem and then mentions that people who are going to be using various applications would have to turn it off anyway. My guess is that the SL people will have the updated kernels out as soon as they are tested. http://www.theregister.co.uk/2009/11/03/linux_kernel_vulnerability/ Faye -- - Faye Gibbins, Computing Officer (Infrastructure Services) GeoS KB; Linux, Unix, Security and Networks. Beekeeper - The Apiary Project, KB - www.bees.ed.ac.uk - I grabbed at spannungsbogen before I knew I wanted it. (x(x_(X_x(O_o)x_x)_X)x) The University of Edinburgh is a charitable body, registered in Scotland, with registration number SC005336. -- Stephen J Smoogen. Ah, but a man's reach should exceed his grasp. Or what's a heaven for? -- Robert Browning
Re: whats this new exploit then? (2009/11/03)
Hi Troy, On Nov 4, 2009, at 16:24, Troy Dawson wrote: Recent RHEL releases? No, not recent ... all right. But for SL4 with the latest kernel (-98.0.15), it's just DOS *if* vm.mmap_min_addr is set to, say, 4096. Which, unfortunately, is not the default. SL5 with SELinux *dis*abled is safe as well, but if SELinux is enforcing or permissive it's not, and nor is SL3. If you have trouble getting all those kernels modules dependencies out today, could your try to do SL5 first, then SL3, and then SL4? Thanks, Stephan We already have the kernels all built, and are working on the dependencies. Troy Faye Gibbins wrote: Hi, Any comment from the SL5 distro maintainers on this exploit apparently in recent RHEL releases? http://www.theregister.co.uk/2009/11/03/linux_kernel_vulnerability/ Faye -- __ Troy Dawson daw...@fnal.gov (630)840-6468 Fermilab ComputingDivision/LSCS/CSI/USS Group __ -- Stephan Wiesand DESY - DV - Platanenallee 6 15738 Zeuthen, Germany
Re: whats this new exploit then? (2009/11/03)
Stephan Wiesand wrote: Hi Troy, On Nov 4, 2009, at 16:24, Troy Dawson wrote: Recent RHEL releases? No, not recent ... all right. But for SL4 with the latest kernel (-98.0.15), it's just DOS *if* vm.mmap_min_addr is set to, say, 4096. Which, unfortunately, is not the default. SL5 with SELinux *dis*abled is safe as well, but if SELinux is enforcing or permissive it's not, and nor is SL3. If you have trouble getting all those kernels modules dependencies out today, could your try to do SL5 first, then SL3, and then SL4? Well, the building isn't the hard part, that's all done now for all of them, and I believe I'll be able to get SL3 and SL4 out today. SL5 is going to go into testing today, with the expectation that it will go into the main update on monday. Why wait that long? We're updating openafs to version 1.4.11 with this kernel change. We're using RedHat's Fuse with this kernel change For x86_64 we're using RedHat's XFS with this kernel change We're replacing madwifi with the proper atheros driver, with this kernel change. (maybe) We're replacing ipw3945 with iwlwifi-3945 with this kernel change. (maybe) For the maybies (madwifi and ipw3945), I'm not sure the infrastructure is in place on the older SL 5 releases. So we might just keep providing those kernel-modules, which will probrubly be the easy way to do things. I might be able to be persuaded to move the time frame up, but it definitely is going into testing today, and will be there at least one day, no shorter. Troy Thanks, Stephan We already have the kernels all built, and are working on the dependencies. Troy Faye Gibbins wrote: Hi, Any comment from the SL5 distro maintainers on this exploit apparently in recent RHEL releases? http://www.theregister.co.uk/2009/11/03/linux_kernel_vulnerability/ Faye -- __ Troy Dawson daw...@fnal.gov (630)840-6468 Fermilab ComputingDivision/LSCS/CSI/USS Group __ -- __ Troy Dawson daw...@fnal.gov (630)840-6468 Fermilab ComputingDivision/LSCS/CSI/USS Group __
