* [gentoo-dev] Kernel 2.4.20 @ 2003-08-05 14:08 Philippe Lafoucrière 2003-08-05 18:25 ` Chris Gianelloni 0 siblings, 1 reply; 7+ messages in thread From: Philippe Lafoucrière @ 2003-08-05 14:08 UTC (permalink / raw To: Gentoo-dev Hi all, The stable kernel in portage is currently 2.4.20-r5, but the current "stable" kernel is 2.4.21. And if you look a this : http://www.securityfocus.com/archive/1/330888 There is an exploit in kernels < 2.4.21. We definitely should upgrade our kernel version. -- Phil. -- gentoo-dev@gentoo.org mailing list ^ permalink raw reply [flat|nested] 7+ messages in thread
* Re: [gentoo-dev] Kernel 2.4.20 2003-08-05 14:08 [gentoo-dev] Kernel 2.4.20 Philippe Lafoucrière @ 2003-08-05 18:25 ` Chris Gianelloni 2003-08-05 19:11 ` Philippe Lafoucrière 0 siblings, 1 reply; 7+ messages in thread From: Chris Gianelloni @ 2003-08-05 18:25 UTC (permalink / raw To: lafou; +Cc: Gentoo-dev [-- Attachment #1: Type: text/plain, Size: 1169 bytes --] On Tue, 2003-08-05 at 10:08, Philippe Lafoucrière wrote: > Hi all, > > The stable kernel in portage is currently 2.4.20-r5, but the current > "stable" kernel is 2.4.21. And if you look a this : > > http://www.securityfocus.com/archive/1/330888 > > There is an exploit in kernels < 2.4.21. We definitely should upgrade > our kernel version. Simply emerge vanilla-sources, pfeifer-sources, gs-sources, or any number of other non-2.4.20 sources in portage. The problem with 2.4.20 is only in netfilter code which isn't required. We are aware of the bug in the 2.4.20 kernel and are diligently working on a solution. There is currently a "beta" gentoo-sources, by the way of pfeifer-sources, available. Unfortunately, the gentoo-sources is a VERY complex beast consisting of multiple patches which all have to be ported to a new kernel version and regression tested to ensure there is no breakage. If you are concerned about the security of your system, you should use a kernel other than gentoo-sources on any Internet-accessible machines or not enable this feature of the netfilter code. -- Chris Gianelloni Developer, Gentoo Linux [-- Attachment #2: This is a digitally signed message part --] [-- Type: application/pgp-signature, Size: 189 bytes --] ^ permalink raw reply [flat|nested] 7+ messages in thread
* Re: [gentoo-dev] Kernel 2.4.20 2003-08-05 18:25 ` Chris Gianelloni @ 2003-08-05 19:11 ` Philippe Lafoucrière 2003-08-05 19:43 ` Chris Gianelloni 0 siblings, 1 reply; 7+ messages in thread From: Philippe Lafoucrière @ 2003-08-05 19:11 UTC (permalink / raw To: Chris Gianelloni; +Cc: Gentoo-dev > Simply emerge vanilla-sources, pfeifer-sources, gs-sources, or any > number of other non-2.4.20 sources in portage. > > The problem with 2.4.20 is only in netfilter code which isn't required. > We are aware of the bug in the 2.4.20 kernel and are diligently working > on a solution. There is currently a "beta" gentoo-sources, by the way > of pfeifer-sources, available. Unfortunately, the gentoo-sources is a > VERY complex beast consisting of multiple patches which all have to be > ported to a new kernel version and regression tested to ensure there is > no breakage. If you are concerned about the security of your system, > you should use a kernel other than gentoo-sources on any > Internet-accessible machines or not enable this feature of the netfilter > code. Chris, I have some free time in the next weeks, maybe I can help you with the kernel ebuilds if you need. -- Phil. -- gentoo-dev@gentoo.org mailing list ^ permalink raw reply [flat|nested] 7+ messages in thread
* Re: [gentoo-dev] Kernel 2.4.20 2003-08-05 19:11 ` Philippe Lafoucrière @ 2003-08-05 19:43 ` Chris Gianelloni 2003-08-05 20:27 ` George Shapovalov 0 siblings, 1 reply; 7+ messages in thread From: Chris Gianelloni @ 2003-08-05 19:43 UTC (permalink / raw To: lafou; +Cc: Gentoo-dev [-- Attachment #1: Type: text/plain, Size: 535 bytes --] On Tue, 2003-08-05 at 15:11, Philippe Lafoucrière wrote: > Chris, > > I have some free time in the next weeks, maybe I can help you with the kernel ebuilds > if you need. Thank you for the offer, but I am not on the x86-kernel team and have no desire to work on the Gentoo kernels. There are already plenty of "fixed" kernels in the portage tree which require no work. I would suggest anyone concerned about this denial of service exploit to use one of those kernels. -- Chris Gianelloni Developer, Gentoo Linux [-- Attachment #2: This is a digitally signed message part --] [-- Type: application/pgp-signature, Size: 189 bytes --] ^ permalink raw reply [flat|nested] 7+ messages in thread
* Re: [gentoo-dev] Kernel 2.4.20 2003-08-05 19:43 ` Chris Gianelloni @ 2003-08-05 20:27 ` George Shapovalov 2003-08-06 14:48 ` Philippe Lafoucrière 0 siblings, 1 reply; 7+ messages in thread From: George Shapovalov @ 2003-08-05 20:27 UTC (permalink / raw To: Chris Gianelloni, lafou; +Cc: Gentoo-dev I am sure Chris did not mean to turn your offer down. Any help is certainly welcome! However you might want to try more "official" channels. Pop in onto irc.freenode.net, #gentoo, ask seemant or avenj for whom you should contact in this regard, or if you know any kernel devs (check corresponding ChangeLogs for example), try to reach those people directly.. Searching bugzilla for the relevant stuff migt help as well.. (The main point is, you need to contact the right people, and there are certainly ways to find who they are :). Oh, btw, I am not on kernel team either). George On Tuesday 05 August 2003 12:43, Chris Gianelloni wrote: > On Tue, 2003-08-05 at 15:11, Philippe Lafoucrière wrote: > > Chris, > > > > I have some free time in the next weeks, maybe I can help you with the > > kernel ebuilds if you need. > > Thank you for the offer, but I am not on the x86-kernel team and have no > desire to work on the Gentoo kernels. There are already plenty of > "fixed" kernels in the portage tree which require no work. I would > suggest anyone concerned about this denial of service exploit to use one > of those kernels. -- gentoo-dev@gentoo.org mailing list ^ permalink raw reply [flat|nested] 7+ messages in thread
* Re: [gentoo-dev] Kernel 2.4.20 2003-08-05 20:27 ` George Shapovalov @ 2003-08-06 14:48 ` Philippe Lafoucrière 2003-08-06 16:02 ` Chris Gianelloni 0 siblings, 1 reply; 7+ messages in thread From: Philippe Lafoucrière @ 2003-08-06 14:48 UTC (permalink / raw To: George Shapovalov; +Cc: Chris Gianelloni, Gentoo-dev On Tue, 2003-08-05 at 22:27, George Shapovalov wrote: > I am sure Chris did not mean to turn your offer down. Any help is certainly > welcome! However you might want to try more "official" channels. > Pop in onto irc.freenode.net, #gentoo, ask seemant or avenj for whom you > should contact in this regard, or if you know any kernel devs (check > corresponding ChangeLogs for example), try to reach those people directly.. > Searching bugzilla for the relevant stuff migt help as well.. > (The main point is, you need to contact the right people, and there are > certainly ways to find who they are :). Oh, btw, I am not on kernel team > either). do you have their email address ? I can't find them on #gentoo, and I don't have voice in #gentoo-dev thx -- gravis -- gentoo-dev@gentoo.org mailing list ^ permalink raw reply [flat|nested] 7+ messages in thread
* Re: [gentoo-dev] Kernel 2.4.20 2003-08-06 14:48 ` Philippe Lafoucrière @ 2003-08-06 16:02 ` Chris Gianelloni 0 siblings, 0 replies; 7+ messages in thread From: Chris Gianelloni @ 2003-08-06 16:02 UTC (permalink / raw To: lafou; +Cc: George Shapovalov, Gentoo-dev [-- Attachment #1: Type: text/plain, Size: 466 bytes --] On Wed, 2003-08-06 at 10:48, Philippe Lafoucrière wrote: > do you have their email address ? I can't find them on #gentoo, and I don't have voice in > #gentoo-dev You don't need voice to message someone. You can always send them a private message. seemant's email is seemant@gentoo.org and avenj's email is avenj@gentoo.org You could also try emailing x86-kernel@gentoo.org to get to the kernel team. -- Chris Gianelloni Developer, Gentoo Linux [-- Attachment #2: This is a digitally signed message part --] [-- Type: application/pgp-signature, Size: 189 bytes --] ^ permalink raw reply [flat|nested] 7+ messages in thread
end of thread, other threads:[~2003-08-06 16:15 UTC | newest] Thread overview: 7+ messages (download: mbox.gz follow: Atom feed -- links below jump to the message on this page -- 2003-08-05 14:08 [gentoo-dev] Kernel 2.4.20 Philippe Lafoucrière 2003-08-05 18:25 ` Chris Gianelloni 2003-08-05 19:11 ` Philippe Lafoucrière 2003-08-05 19:43 ` Chris Gianelloni 2003-08-05 20:27 ` George Shapovalov 2003-08-06 14:48 ` Philippe Lafoucrière 2003-08-06 16:02 ` Chris Gianelloni
This is a public inbox, see mirroring instructions for how to clone and mirror all data and code used for this inbox