Weekly Edition
Return to the Kernel pageSponsored link
Vyatta –
Linux & Open Source
Alternative to Cisco –
Advanced Routing,
Firewall, VPN, QoS..
Free Download ->
| ||||||||||||||||
Linux 2.4.28-ow1 is out
Hi, I've released Linux 2.4.28-ow1 a few days ago. (Apologies for the delayed announcement.) Linux 2.4.28, and thus 2.4.28-ow1, fixes a number of security-related bugs, including the ELF loader vulnerabilities discovered by Paul Starzetz (confirmed: ability for users to read +s-r binaries; potential: local root), a race condition with reads from Unix domain sockets (potential local root), smbfs support vulnerabilities discovered by Stefan Esser (confirmed: remote DoS by a malicious smbfs server; potential: remote root by a malicious smbfs server). More information on these vulnerabilities can be found here: http://isec.pl/vulnerabilities/isec-0017-binfmt_elf.txt http://marc.theaimsgroup.com/?l=bugtraq&m=11009118320... http://security.e-matters.de/advisories/142004.html The updated patch is available at: http://www.openwall.com/linux/ Owl-current and Owl 1.1-stable have been updated to include Linux 2.4.28-ow1 as the recommended kernel. -- Alexander Peslyak <solar at openwall.com> GPG key ID: B35D3598 fp: 6429 0D7E F130 C13E C929 6447 73C3 A290 B35D 3598 http://www.openwall.com - bringing security into open computing environments |
||||||||||||||||