From fedora list:
On Mon, Sep 20, 2010 at 4:13 AM, Zbigniew Fiedorowicz fiedorow@math.ohio-state.edu wrote:
Further story: http://www.theregister.co.uk/2010/09/15/linux_kernel_regression_bug/
This is a very serious problem which puts multiuser 64-bit Linux systems absolutely at the mercy of their least responsible users.
I have filed a bug report: https://bugzilla.redhat.com/show_bug.cgi?id=635675 Priority should be high not low.
On Mon, Sep 20, 2010 at 5:31 AM, Michael Cronenworth mike@cchtml.com wrote:
The fix is already in the "updates-testing" repository and awaiting karma from the QA folks.
# yum --enablerepo=updates-testing update kernel
This will give you a patched kernel.
Users of Fedora 12, 13, and 14 can perform this update. I strongly suggest they do so ASAP.
Any equivalent for centos yet?
mahalo Dave
On 09/20/2010 09:20 PM, Dave wrote:
http://www.theregister.co.uk/2010/09/15/linux_kernel_regression_bug/
Any equivalent for centos yet?
http://bugs.centos.org/view.php?id=4518
We are tracking the issue here.
- KB
Karanbir Singh wrote:
On 09/20/2010 09:20 PM, Dave wrote:
http://www.theregister.co.uk/2010/09/15/linux_kernel_regression_bug/
Any equivalent for centos yet?
http://bugs.centos.org/view.php?id=4518
We are tracking the issue here.
Oh cool, two other schools recently had a ddos bot uploaded and had the bots not been used right away for dossing they could have worked on getting root access instead.
Will there be a special case for this particular issue like an early release of a Centos fixed kernel instead of waiting for the powers that be at Redhat?
On 09/21/2010 12:32 AM, Christopher Chan wrote:
Will there be a special case for this particular issue like an early release of a Centos fixed kernel instead of waiting for the powers that be at Redhat?
There is a kernel in the c5-testing repo ( details in the issue report ) that Tru put together. You should make a site specific decision on the impact on services local to you and go with that.
We've done some basic testing with this kernel and things *seem to be* fine.
- KB
Karanbir Singh wrote:
On 09/21/2010 12:32 AM, Christopher Chan wrote:
Will there be a special case for this particular issue like an early release of a Centos fixed kernel instead of waiting for the powers that be at Redhat?
There is a kernel in the c5-testing repo ( details in the issue report ) that Tru put together. You should make a site specific decision on the impact on services local to you and go with that.
We've done some basic testing with this kernel and things *seem to be* fine.
I suppose that is in regards to the exploit itself (nevermind the rest so long as it don't start changing bits here and there)?
On Tue, Sep 21, 2010 at 1:45 AM, Christopher Chan christopher.chan@bradbury.edu.hk wrote:
Karanbir Singh wrote:
On 09/21/2010 12:32 AM, Christopher Chan wrote:
Will there be a special case for this particular issue like an early release of a Centos fixed kernel instead of waiting for the powers that be at Redhat?
There is a kernel in the c5-testing repo ( details in the issue report ) that Tru put together. You should make a site specific decision on the impact on services local to you and go with that.
We've done some basic testing with this kernel and things *seem to be* fine.
I suppose that is in regards to the exploit itself (nevermind the rest so long as it don't start changing bits here and there)? _______________________________________________ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Does anyone know what this exploit does, exactly. And which 64bit kernels are vulnrable?
On Tue, Sep 21, 2010 at 12:44 PM, Karanbir Singh mail-lists@karan.org wrote:
All centos-5 kernels are affected.
- KB
Here is the updated kernel source from upstream:
kernel-2.6.18-194.11.4.el5.src.rpm https://rhn.redhat.com/errata/RHSA-2010-0704.html
Best regards,
Morten
On 09/21/2010 05:02 PM, Morten P.D. Stevens wrote:
kernel-2.6.18-194.11.4.el5.src.rpm https://rhn.redhat.com/errata/RHSA-2010-0704.html
We just released it about 10 minutes back. Should be visible soon.
- KB
-
Christopher Chan -
Dave -
Karanbir Singh -
Morten P.D. Stevens -
Rudi Ahlers