|
|
Subscribe / Log in / New account

Stable kernel updates

[Posted September 20, 2010 by ris]

Greg Kroah-Hartman has released three stable kernel updates: 2.6.27.54, 2.6.32.22 and 2.6.35.5. There aren't many changes to 2.6.27.54. That series will not be supported much longer. Both 2.6.32.22 and 2.6.35.5 have a fix for a really nasty sigreturn bug on ARM systems, among other changes. Users of these kernel series must upgrade.
to post comments

Stable kernel updates

Posted Sep 20, 2010 23:16 UTC (Mon) by gregkh (subscriber, #8) [Link] (3 responses)

Where did I say that the .27-stable series is not going to be maintained much longer?

Stable kernel updates

Posted Sep 21, 2010 0:13 UTC (Tue) by ris (subscriber, #5) [Link] (2 responses)

My apologies. I remembered reading http://lwn.net/Articles/402512/
"(though 2.6.27 is clearly reaching the end of the line)" and jumped the gun.

Stable kernel updates

Posted Sep 21, 2010 0:31 UTC (Tue) by gregkh (subscriber, #8) [Link] (1 responses)

Jon is right, it is getting old, but it's still kicking, so don't declare
it dead yet :)

Stable kernel updates

Posted Sep 21, 2010 9:44 UTC (Tue) by jengelh (guest, #33263) [Link]

Perhaps you would find spending time with 2.4.37 even more enlightning.

Stable kernel updates

Posted Sep 20, 2010 23:49 UTC (Mon) by linuxrocks123 (subscriber, #34648) [Link] (6 responses)

H. Peter Anvin (2):
x86-64, compat: Test %rax for the syscall number, not %eax
compat: Make compat_alloc_user_space() incorporate the access_ok()

I assume this means that this update fixes the very, very nasty x86-64 exploit (re)-discovered a few days ago?

---linuxrocks123

Stable kernel updates

Posted Sep 20, 2010 23:52 UTC (Mon) by nix (subscriber, #2304) [Link] (5 responses)

Yes, and the fairly nasty HPET timer bug which torpedoed my systems and many others (all so far known running Intel ICH10 chipsets, but I'm sure there are other affected ones out there). (It's only 'fairly nasty' because its side-effects are obvious -- slowdown to halt or insane timing -- while the ARM bug Al Viro spotted, now that was very, very nasty. Intermittent double-execution of completely arbitrary instructions. How the hell Al managed to debug *that* I have no idea, but I imagine it would make a good fireside story.)

Stable kernel updates

Posted Sep 21, 2010 2:02 UTC (Tue) by roelofs (guest, #2599) [Link] (1 responses)

How the hell Al managed to debug *that* I have no idea, but I imagine it would make a good fireside story.)

Heck, it would make a good Kernel-page (or Security-page?) story. Hint hint, Jon/Jake ...

Greg

Stable kernel updates

Posted Sep 21, 2010 10:04 UTC (Tue) by nix (subscriber, #2304) [Link]

Oh no, this sort of story is only any good if Al tells it. He has a gift for this sort of thing.

Stable kernel updates

Posted Sep 21, 2010 10:08 UTC (Tue) by epa (subscriber, #39769) [Link]

Intermittent double-execution of completely arbitrary instructions. How the hell Al managed to debug *that* I have no idea, but I imagine it would make a good fireside story.
Only at Halloween, I suggest.

marking known security fix as such

Posted Sep 21, 2010 10:50 UTC (Tue) by Trou.fr (subscriber, #26289) [Link] (1 responses)

I thought the current policy was to mark *known* fixes with CVE as such in the changelog. Has it changed ?

The 32bit compatibility issue has been actively exploited and not a single word about it in the announcement...

marking known security fix as such

Posted Sep 21, 2010 12:06 UTC (Tue) by spender (guest, #23067) [Link]

You must be new here.

Some reading material:
http://lwn.net/Articles/373581/
http://lwn.net/Articles/306365/
http://lwn.net/Articles/290227/
http://lwn.net/Articles/297366/
http://lwn.net/Articles/118952/
http://lwn.net/Articles/375335/
http://lwn.net/Articles/402328/
http://lwn.net/Articles/404043/
http://lwn.net/Articles/285438/
http://lwn.net/Articles/286263/
http://lwn.net/Articles/290308/

That should be enough to get you started.

-Brad

Where's Og?

Posted Sep 21, 2010 0:03 UTC (Tue) by jd (guest, #26381) [Link] (2 responses)

We want more tales of Og! Whilst Greg is probably too busy to do this, there really should be an Og web comic - a Dilbert/UserFriendly but aimed at kernel developers.

Having said that, excellent work on a new release.

Where's Og?

Posted Sep 21, 2010 0:17 UTC (Tue) by nix (subscriber, #2304) [Link] (1 responses)

Well, the ptrace-compat security hole in this release is clearly proof that 'the best-laid plans o' mice and men gang aft ogley'.

Where's Og?

Posted Sep 21, 2010 0:17 UTC (Tue) by nix (subscriber, #2304) [Link]

Security *fix* in this release, that is.

Stable kernel updates

Posted Sep 21, 2010 1:51 UTC (Tue) by malefic (guest, #37306) [Link] (4 responses)

Is there a reason this hasn't been pushed to kernel.org stable repository?

Stable kernel updates

Posted Sep 21, 2010 2:09 UTC (Tue) by pr1268 (guest, #24648) [Link] (3 responses)

Not too sure what you're asking... All the updated kernels listed above are available on kernel.org (as of Tue Sep 21 02:07:50 UTC 2010).

Stable kernel updates

Posted Sep 21, 2010 2:16 UTC (Tue) by malefic (guest, #37306) [Link] (2 responses)

I meant the unified stable git repository. Although, I can see it in the dedicated 2.6.35.y tree. I'm used to getting kernel updates from the former repo, that's why I asked.

Stable kernel updates

Posted Sep 21, 2010 2:45 UTC (Tue) by hmh (subscriber, #3838) [Link]

Well, the unified stable tree repository is good for a lot of things, but getting low latency updates is not one of them, at least not at this time.

Unfortunately.

Stable kernel updates

Posted Sep 21, 2010 3:33 UTC (Tue) by dlang (guest, #313) [Link]

the question was asked on linux-kernel and Greg answered that the unified tree isn't managed by him, it's created by scripts on kernel.org. He suggested asking the kernel.org managers.

there hasn't been a further response to that.


Copyright © 2010, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds