|
Message-ID: <20090707200401.GA18860@openwall.com> Date: Wed, 8 Jul 2009 00:04:01 +0400 From: Solar Designer <solar@...nwall.com> To: owl-users@...ts.openwall.com, announce@...ts.openwall.com Subject: Owl updates; Linux 2.4.37.2-ow1 Hi, I'll start with the simple stuff - there's a new revision of the kernel patch, updated to Linux 2.4.37.2: http://www.openwall.com/linux/ The changes between 2.4.37.1 and 2.4.37.2 are minor: http://www.kernel.org/pub/linux/kernel/v2.4/ChangeLog-2.4.37.2 More importantly, several Owl packages have been updated, including a security update to OpenSSH (for both Owl-current and Owl 2.0-stable): 2009/07/07 Package: openssh SECURITY FIX Severity: none to high, remote, active Backported upstream fix for a syslog call inside a signal handler. The security impact this issue might have had was not fully evaluated. On Debian systems, the reported impact was processes getting stuck on locks inside glibc. On Owl, no problems were ever reported, yet the call was unsafe, with the worst-case impact being arbitrary code execution (depending on processing inside glibc). References: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=498678 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4109 Updates of existing installs are strongly recommended. In Owl-current, since the last ISO snapshot, we have also updated the man-pages package, and we've added two new packages - pciutils and dmidecode. The kernel has been updated to 2.4.37.2-ow1, and there's a new ISO image for 32-bit x86, generated today: http://www.openwall.com/Owl/DOWNLOAD.shtml -rw-r--r-- 1 ftp ftp 439842553 Jul 07 18:56 Owl-current-20090707-i586.iso.gz As of this writing, the newest updates described above are available off the FTP mirrors in Moscow, Russia and off the Czech mirror. They should propagate to the rest of our official mirrors within a day. Alexander -- To unsubscribe, e-mail owl-users-unsubscribe@...ts.openwall.com and reply to the automated confirmation request that will be sent to you.
Powered by blists - more mailing lists
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.