Re: [Users] af_packet.c exploit

2016-12-06 Thread Benjamin Henrion 
On Tue, Dec 6, 2016 at 1:51 PM, Vasily Averin  wrote:
>
> On 12/06/2016 01:25 PM, Konstantin Khorenko wrote:
>> Hi Benjamin,
>>
>> On 12/06/2016 11:32 AM, Benjamin Henrion wrote:
>>> Hi,
>>>
>>> Just reading this:
>>>
>>> https://news.ycombinator.com/item?id=13112418#13112706
>>>
>>> Any link to the GIT commit that fixes that important bug?
>>
>> Here is a commit message - with the patch:
>> https://lists.openvz.org/pipermail/devel/2016-December/069707.html
>>
>> And the kernel version with the fix is 3.10.0-327.36.1.vz7.20.12 as it's 
>> said the commit message.
>>
>> git will be automatically synced later.
>>
>> Binary vzkernel rpm will be available after midnight at
>> https://download.openvz.org/virtuozzo/factory/x86_64/os/Packages/v/
>>
>>
>> And yes, commercial Virtuozzo users are safe: ReadyKernel patch is available 
>> for several days already:
>> https://readykernel.com/patch/65/
>
> And  no, RHEL6 based kernels are not affected ^)

Good old kernels :-)

-- 
Benjamin Henrion 
FFII Brussels - +32-484-566109 - +32-2-3500762
"In July 2005, after several failed attempts to legalise software
patents in Europe, the patent establishment changed its strategy.
Instead of explicitly seeking to sanction the patentability of
software, they are now seeking to create a central European patent
court, which would establish and enforce patentability rules in their
favor, without any possibility of correction by competing courts or
democratically elected legislators."
___
Users mailing list
Users@openvz.org
https://lists.openvz.org/mailman/listinfo/users

Re: [Users] af_packet.c exploit

2016-12-06 Thread Vasily Averin 


On 12/06/2016 01:25 PM, Konstantin Khorenko wrote:
> Hi Benjamin,
> 
> On 12/06/2016 11:32 AM, Benjamin Henrion wrote:
>> Hi,
>>
>> Just reading this:
>>
>> https://news.ycombinator.com/item?id=13112418#13112706
>>
>> Any link to the GIT commit that fixes that important bug?
> 
> Here is a commit message - with the patch:
> https://lists.openvz.org/pipermail/devel/2016-December/069707.html
> 
> And the kernel version with the fix is 3.10.0-327.36.1.vz7.20.12 as it's said 
> the commit message.
> 
> git will be automatically synced later.
> 
> Binary vzkernel rpm will be available after midnight at
> https://download.openvz.org/virtuozzo/factory/x86_64/os/Packages/v/
> 
> 
> And yes, commercial Virtuozzo users are safe: ReadyKernel patch is available 
> for several days already:
> https://readykernel.com/patch/65/

And  no, RHEL6 based kernels are not affected ^)
> 
> -- 
> Best regards,
> 
> Konstantin Khorenko,
> Virtuozzo Linux Kernel Team
> 
>> And which kernel version is patched?
>>
>> Best,
>>
>> -- 
>> Benjamin Henrion 
> ___
> Users mailing list
> Users@openvz.org
> https://lists.openvz.org/mailman/listinfo/users
> 
___
Users mailing list
Users@openvz.org
https://lists.openvz.org/mailman/listinfo/users

Re: [Users] af_packet.c exploit

2016-12-06 Thread Konstantin Khorenko 

Hi Benjamin,

On 12/06/2016 11:32 AM, Benjamin Henrion wrote:

Hi,

Just reading this:

https://news.ycombinator.com/item?id=13112418#13112706

Any link to the GIT commit that fixes that important bug?


Here is a commit message - with the patch:
https://lists.openvz.org/pipermail/devel/2016-December/069707.html

And the kernel version with the fix is 3.10.0-327.36.1.vz7.20.12 as it's said 
the commit message.

git will be automatically synced later.

Binary vzkernel rpm will be available after midnight at
https://download.openvz.org/virtuozzo/factory/x86_64/os/Packages/v/


And yes, commercial Virtuozzo users are safe: ReadyKernel patch is available 
for several days already:
https://readykernel.com/patch/65/

--
Best regards,

Konstantin Khorenko,
Virtuozzo Linux Kernel Team


And which kernel version is patched?

Best,

--
Benjamin Henrion 

___
Users mailing list
Users@openvz.org
https://lists.openvz.org/mailman/listinfo/users

[Users] af_packet.c exploit

2016-12-06 Thread Benjamin Henrion 
Hi,

Just reading this:

https://news.ycombinator.com/item?id=13112418#13112706

Any link to the GIT commit that fixes that important bug?

And which kernel version is patched?

Best,

--
Benjamin Henrion 
FFII Brussels - +32-484-566109 - +32-2-3500762
"In July 2005, after several failed attempts to legalise software
patents in Europe, the patent establishment changed its strategy.
Instead of explicitly seeking to sanction the patentability of
software, they are now seeking to create a central European patent
court, which would establish and enforce patentability rules in their
favor, without any possibility of correction by competing courts or
democratically elected legislators."
___
Users mailing list
Users@openvz.org
https://lists.openvz.org/mailman/listinfo/users