Date: Sat, 4 May 2013 13:16:43 +0200 From: Zenny <garbytrash@...il.com> To: owl-users@...ts.openwall.com Subject: Re: Owl-current and 3.0-stable 2013/04/08 snapshot What is the timeline for Owl 4.0 compatible with RHEL6? Look forward to. Thanks for the great work! On 5/4/13, Zenny <garbytrash@...il.com> wrote: > It is nice to learn about the update, but what makes me wonder is the > upstream for RHEL4 is alreade EoL (end of life) about a year ago (2012 > Feb as far as I remember). > > It would be nice if Owl get upgraded to be compatible with the > packages for RHEL6/CentOS6 which has an end of life for 10 years? If > not at least, RHEL5/CentOS5 which alos has EoL for a decade. > > Actually I encountered a lot of backward incompatibility when I try > to use some applications. > > Thanks! > > > On 4/11/13, Solar Designer <solar@...nwall.com> wrote: >> Hi, >> >> A few days ago, we've released new snapshots of Owl-current and Owl >> 3.0-stable, as usual including ISO images, OpenVZ container templates, >> binary packages for i686 and x86_64, and full sources: >> >> http://www.openwall.com/Owl/ >> >> The Linux kernel has been rebased on the latest from OpenVZ's >> RHEL5-based branch (RHEL 5.9-based currently), thereby fixing a number >> of vulnerabilities including the PTRACE_SETREGS vs. process death race >> condition (CVE-2013-0871), which could allow for a local root compromise >> and OpenVZ container escape. (However, the risk probability might have >> been low due to the race being difficult to win.) >> >> GnuPG has been updated to 1.4.13, which fixes a memory corruption bug >> (CVE-2012-6085). The bug allowed an attacker to crash gpg(1) and >> corrupt the public keyring database file. Arbitrary code execution was >> not possible because the attacker cannot control the corrupted data. >> The corrupted data is stored in the keyring file, so the DoS effect is >> persistent, but the keyring can be manually restored by recovering from >> the pubring.gpg~ backup file (which is created by gpg(1) itself). >> >> In Owl 3.0-stable, both of the above changes have been merged (although >> the kernel has fewer features enabled than Owl-current's), and >> additionally the earlier xinetd security update from Owl-current and >> some glibc bugfixes have been merged. Owl 3.0-stable's kernel is now >> compressed with Zopfli (pigz -11) instead of gzip -9. >> >> More detail is available in the change logs: >> >> http://www.openwall.com/Owl/CHANGES-current.shtml >> http://www.openwall.com/Owl/CHANGES-3.0-stable.shtml >> >> There's one known regression in Owl-current as compared to 3.0-stable: >> the strace program fails to work against 32-bit x86 program binaries. >> Indeed, we're going to correct this. >> >> This Owl-current update is a lot more conservative than what we've been >> planning to have by this date. Frankly, progress has been slow. We did >> prepare an experimental update of Owl to RHEL6'ish kernels, and it was >> in fact committed, but in light of severe security issues discovered in >> the Linux kernel we chose to temporarily revert the major update and to >> provide the security fixes on top of a more stable system first. >> >> Alexander >> >
Powered by blists - more mailing lists
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.