* [gentoo-dev] Kernel 2.4.20
@ 2003-08-05 14:08 Philippe Lafoucrière
2003-08-05 18:25 ` Chris Gianelloni
0 siblings, 1 reply; 7+ messages in thread
From: Philippe Lafoucrière @ 2003-08-05 14:08 UTC (permalink / raw
To: Gentoo-dev
Hi all,
The stable kernel in portage is currently 2.4.20-r5, but the current
"stable" kernel is 2.4.21. And if you look a this :
http://www.securityfocus.com/archive/1/330888
There is an exploit in kernels < 2.4.21. We definitely should upgrade
our kernel version.
--
Phil.
--
gentoo-dev@gentoo.org mailing list
^ permalink raw reply [flat|nested] 7+ messages in thread
* Re: [gentoo-dev] Kernel 2.4.20
2003-08-05 14:08 [gentoo-dev] Kernel 2.4.20 Philippe Lafoucrière
@ 2003-08-05 18:25 ` Chris Gianelloni
2003-08-05 19:11 ` Philippe Lafoucrière
0 siblings, 1 reply; 7+ messages in thread
From: Chris Gianelloni @ 2003-08-05 18:25 UTC (permalink / raw
To: lafou; +Cc: Gentoo-dev
[-- Attachment #1: Type: text/plain, Size: 1169 bytes --]
On Tue, 2003-08-05 at 10:08, Philippe Lafoucrière wrote:
> Hi all,
>
> The stable kernel in portage is currently 2.4.20-r5, but the current
> "stable" kernel is 2.4.21. And if you look a this :
>
> http://www.securityfocus.com/archive/1/330888
>
> There is an exploit in kernels < 2.4.21. We definitely should upgrade
> our kernel version.
Simply emerge vanilla-sources, pfeifer-sources, gs-sources, or any
number of other non-2.4.20 sources in portage.
The problem with 2.4.20 is only in netfilter code which isn't required.
We are aware of the bug in the 2.4.20 kernel and are diligently working
on a solution. There is currently a "beta" gentoo-sources, by the way
of pfeifer-sources, available. Unfortunately, the gentoo-sources is a
VERY complex beast consisting of multiple patches which all have to be
ported to a new kernel version and regression tested to ensure there is
no breakage. If you are concerned about the security of your system,
you should use a kernel other than gentoo-sources on any
Internet-accessible machines or not enable this feature of the netfilter
code.
--
Chris Gianelloni
Developer, Gentoo Linux
[-- Attachment #2: This is a digitally signed message part --]
[-- Type: application/pgp-signature, Size: 189 bytes --]
^ permalink raw reply [flat|nested] 7+ messages in thread
* Re: [gentoo-dev] Kernel 2.4.20
2003-08-05 18:25 ` Chris Gianelloni
@ 2003-08-05 19:11 ` Philippe Lafoucrière
2003-08-05 19:43 ` Chris Gianelloni
0 siblings, 1 reply; 7+ messages in thread
From: Philippe Lafoucrière @ 2003-08-05 19:11 UTC (permalink / raw
To: Chris Gianelloni; +Cc: Gentoo-dev
> Simply emerge vanilla-sources, pfeifer-sources, gs-sources, or any
> number of other non-2.4.20 sources in portage.
>
> The problem with 2.4.20 is only in netfilter code which isn't required.
> We are aware of the bug in the 2.4.20 kernel and are diligently working
> on a solution. There is currently a "beta" gentoo-sources, by the way
> of pfeifer-sources, available. Unfortunately, the gentoo-sources is a
> VERY complex beast consisting of multiple patches which all have to be
> ported to a new kernel version and regression tested to ensure there is
> no breakage. If you are concerned about the security of your system,
> you should use a kernel other than gentoo-sources on any
> Internet-accessible machines or not enable this feature of the netfilter
> code.
Chris,
I have some free time in the next weeks, maybe I can help you with the kernel ebuilds
if you need.
--
Phil.
--
gentoo-dev@gentoo.org mailing list
^ permalink raw reply [flat|nested] 7+ messages in thread
* Re: [gentoo-dev] Kernel 2.4.20
2003-08-05 19:11 ` Philippe Lafoucrière
@ 2003-08-05 19:43 ` Chris Gianelloni
2003-08-05 20:27 ` George Shapovalov
0 siblings, 1 reply; 7+ messages in thread
From: Chris Gianelloni @ 2003-08-05 19:43 UTC (permalink / raw
To: lafou; +Cc: Gentoo-dev
[-- Attachment #1: Type: text/plain, Size: 535 bytes --]
On Tue, 2003-08-05 at 15:11, Philippe Lafoucrière wrote:
> Chris,
>
> I have some free time in the next weeks, maybe I can help you with the kernel ebuilds
> if you need.
Thank you for the offer, but I am not on the x86-kernel team and have no
desire to work on the Gentoo kernels. There are already plenty of
"fixed" kernels in the portage tree which require no work. I would
suggest anyone concerned about this denial of service exploit to use one
of those kernels.
--
Chris Gianelloni
Developer, Gentoo Linux
[-- Attachment #2: This is a digitally signed message part --]
[-- Type: application/pgp-signature, Size: 189 bytes --]
^ permalink raw reply [flat|nested] 7+ messages in thread
* Re: [gentoo-dev] Kernel 2.4.20
2003-08-05 19:43 ` Chris Gianelloni
@ 2003-08-05 20:27 ` George Shapovalov
2003-08-06 14:48 ` Philippe Lafoucrière
0 siblings, 1 reply; 7+ messages in thread
From: George Shapovalov @ 2003-08-05 20:27 UTC (permalink / raw
To: Chris Gianelloni, lafou; +Cc: Gentoo-dev
I am sure Chris did not mean to turn your offer down. Any help is certainly
welcome! However you might want to try more "official" channels.
Pop in onto irc.freenode.net, #gentoo, ask seemant or avenj for whom you
should contact in this regard, or if you know any kernel devs (check
corresponding ChangeLogs for example), try to reach those people directly..
Searching bugzilla for the relevant stuff migt help as well..
(The main point is, you need to contact the right people, and there are
certainly ways to find who they are :). Oh, btw, I am not on kernel team
either).
George
On Tuesday 05 August 2003 12:43, Chris Gianelloni wrote:
> On Tue, 2003-08-05 at 15:11, Philippe Lafoucrière wrote:
> > Chris,
> >
> > I have some free time in the next weeks, maybe I can help you with the
> > kernel ebuilds if you need.
>
> Thank you for the offer, but I am not on the x86-kernel team and have no
> desire to work on the Gentoo kernels. There are already plenty of
> "fixed" kernels in the portage tree which require no work. I would
> suggest anyone concerned about this denial of service exploit to use one
> of those kernels.
--
gentoo-dev@gentoo.org mailing list
^ permalink raw reply [flat|nested] 7+ messages in thread
* Re: [gentoo-dev] Kernel 2.4.20
2003-08-05 20:27 ` George Shapovalov
@ 2003-08-06 14:48 ` Philippe Lafoucrière
2003-08-06 16:02 ` Chris Gianelloni
0 siblings, 1 reply; 7+ messages in thread
From: Philippe Lafoucrière @ 2003-08-06 14:48 UTC (permalink / raw
To: George Shapovalov; +Cc: Chris Gianelloni, Gentoo-dev
On Tue, 2003-08-05 at 22:27, George Shapovalov wrote:
> I am sure Chris did not mean to turn your offer down. Any help is certainly
> welcome! However you might want to try more "official" channels.
> Pop in onto irc.freenode.net, #gentoo, ask seemant or avenj for whom you
> should contact in this regard, or if you know any kernel devs (check
> corresponding ChangeLogs for example), try to reach those people directly..
> Searching bugzilla for the relevant stuff migt help as well..
> (The main point is, you need to contact the right people, and there are
> certainly ways to find who they are :). Oh, btw, I am not on kernel team
> either).
do you have their email address ? I can't find them on #gentoo, and I don't have voice in
#gentoo-dev
thx
--
gravis
--
gentoo-dev@gentoo.org mailing list
^ permalink raw reply [flat|nested] 7+ messages in thread
* Re: [gentoo-dev] Kernel 2.4.20
2003-08-06 14:48 ` Philippe Lafoucrière
@ 2003-08-06 16:02 ` Chris Gianelloni
0 siblings, 0 replies; 7+ messages in thread
From: Chris Gianelloni @ 2003-08-06 16:02 UTC (permalink / raw
To: lafou; +Cc: George Shapovalov, Gentoo-dev
[-- Attachment #1: Type: text/plain, Size: 466 bytes --]
On Wed, 2003-08-06 at 10:48, Philippe Lafoucrière wrote:
> do you have their email address ? I can't find them on #gentoo, and I don't have voice in
> #gentoo-dev
You don't need voice to message someone. You can always send them a
private message. seemant's email is seemant@gentoo.org and avenj's
email is avenj@gentoo.org
You could also try emailing x86-kernel@gentoo.org to get to the kernel
team.
--
Chris Gianelloni
Developer, Gentoo Linux
[-- Attachment #2: This is a digitally signed message part --]
[-- Type: application/pgp-signature, Size: 189 bytes --]
^ permalink raw reply [flat|nested] 7+ messages in thread
end of thread, other threads:[~2003-08-06 16:15 UTC | newest]
Thread overview: 7+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2003-08-05 14:08 [gentoo-dev] Kernel 2.4.20 Philippe Lafoucrière
2003-08-05 18:25 ` Chris Gianelloni
2003-08-05 19:11 ` Philippe Lafoucrière
2003-08-05 19:43 ` Chris Gianelloni
2003-08-05 20:27 ` George Shapovalov
2003-08-06 14:48 ` Philippe Lafoucrière
2003-08-06 16:02 ` Chris Gianelloni
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox