Date: Thu, 20 Jan 2005 10:40:32 +0300 From: Solar Designer <solar@...nwall.com> To: announce@...ts.openwall.com, owl-users@...ts.openwall.com Cc: lwn@....net Subject: Linux 2.4.29-ow1; Owl moves to GCC 3.4.3, glibc 2.3.3+ Hi, Linux 2.4.29-ow1 is out. Linux 2.4.29, and thus 2.4.29-ow1, adds a number of security fixes, including to the x86/SMP page fault handler (CAN-2005-0001) and the uselib(2) (CAN-2004-1235) race conditions, both discovered by Paul Starzetz. The potential of these bugs is a local root compromise. The uselib(2) bug does not affect default builds of Linux kernels with the Openwall patch applied since the vulnerable code is only compiled in if one explicitly enables CONFIG_BINFMT_ELF_AOUT, an option introduced by the patch. The updated patch is available at the usual location: http://www.openwall.com/linux/ Openwall GNU/*/Linux (Owl) 1.1-stable and -current branches have already been updated to Linux 2.4.29-ow1. Additionally, the new Owl-current snapshot uses GCC 3.4.3 and a post-2.3.3 glibc. Further updates will follow. The Owl homepage is: http://www.openwall.com/Owl/ The FTP mirrors are listed at: http://www.openwall.com/Owl/DOWNLOAD.shtml The new snapshot is not yet available on all FTP mirrors, but it should propagate to most within 24 hours. -- Alexander Peslyak <solar at openwall.com> GPG key ID: B35D3598 fp: 6429 0D7E F130 C13E C929 6447 73C3 A290 B35D 3598 http://www.openwall.com - bringing security into open computing environments
Powered by blists - more mailing lists
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.