Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [day] [month] [year] [list]
Date: Mon, 24 Oct 2016 07:33:34 +0200
From: Solar Designer <>
Subject: [openwall-announce] Owl security fixes: Linux kernel "Dirty COW", BIND DoS


Linux kernel and BIND security updates are now available in Owl-current
and Owl 3.1-stable, documented as follows:

2016/10/23	Package: kernel
SECURITY FIX	Severity: high, local, active
Added a mitigation for the "Dirty COW" Linux kernel privilege escalation
vulnerability (CVE-2016-5195).

2016/10/17 -
2016/10/21	Package: bind
SECURITY FIX	Severity: low, remote, active
Merged multiple DoS vulnerability fixes from Red Hat's package, most
notably for two easily triggerable assertion failures (CVE-2016-2776,

These are currently available as source code changes and as pre-built
packages (in both branches, and for both i686 and x86_64), however there
are no updated ISOs and vztemplates yet.

The "Dirty COW" mitigation is likely non-final and possibly incomplete
(it addresses the MADV_DONTNEED vs. PTRACE_POKE* race, and possibly some
other scenarios), pending a properly tested backport of the official fix
(likely) by Red Hat, but given the urgency of the issue I felt it most
appropriate to start by releasing a non-invasive mitigation like this.


Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.