Date: Mon, 20 Jul 2009 17:16:47 +0400 From: Solar Designer <solar@...nwall.com> To: oss-security@...ts.openwall.com Subject: Re: Linux 2.6.30+/SELinux/RHEL5 test kernel 0day, exploiting the unexploitable Earlier today, I wrote: > (BTW, I'd be happy to share the mmap_min_addr back-port patch to > RHEL-5'ish kernels with Red Hat if there's any interest.) It occurred to me, from a few things I've seen/read lately, that RHEL 5 must indeed already include a back-port of the mmap_min_addr feature, although somehow it is not in OpenVZ's patch-128.1.1.el5.028stab062.3 (was added after the -128 revision?), which is why I am adding my own back-port of mmap_min_addr on top of that patch. I am not using genuine RHEL 5 (nor CentOS), which is why I don't know. Maybe Eugene can comment on this. > I am going to release 18.104.22.168-ow1 with a CVE-2009-1895 fix in it, and I > expect it to get into 22.214.171.124. It's not important for systems with > "sane" userlands (no crappy SUID-root programs), though. Released, although I expect it to be replaced with 126.96.36.199-ow1 soon: http://www.openwall.com/linux/ Alexander
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.