Two new stable kernels
Greg Kroah-Hartman has announced the release of stable kernels 4.3.6 and 3.10.97. Both contain important updates
throughout the tree. In addition, 4.3.6 is the last release for the
now end-of-life 4.3 kernel branch; users will need to migrate to the
4.4 series.
Posted Feb 20, 2016 13:32 UTC (Sat)
by hmh (subscriber, #3838)
[Link] (3 responses)
It seems to not always work out with encrypted rootfs userland:
So far, reported only in 4.1.18, but since said commit IS present in the v4.3.6 and v3.10.97 releases, ensure you have a fallback kernel+initramfs.
Posted Feb 20, 2016 16:33 UTC (Sat)
by alonz (subscriber, #815)
[Link]
I wonder how this one will play out.
Posted Feb 21, 2016 11:54 UTC (Sun)
by hmh (subscriber, #3838)
[Link]
If this change is really important (for security/stability/whatever), it looks like it will need a two-step approach. For example, the kernel might hide it behind a kconfig option defaulting to disabled, which distros would enable after they fixed userspace.
Argh.
Posted Feb 25, 2016 11:41 UTC (Thu)
by job (guest, #670)
[Link]
Two new stable kernels
commit c840ac6af3f8713a71b4d2363419145760bd6044: crypto: af_alg - Disallow bind/setkey/... after accept(2)
https://bugzilla.kernel.org/show_bug.cgi?id=112631
Interesting… the code in cryptsetup indeed breaks the assumptions enforced by this commit (it closed the "tfmfd" before the "opfd", while the code always assumed the opposite and now enforces it). So it has always been "buggy but working" – which is no excuse for breaking userspace.
Two new stable kernels
Two new stable kernels
Two new stable kernels