SEARCH
NEW RPMS
DIRECTORIES
ABOUT
FAQ
VARIOUS
BLOG

 
 
Changelog for kernel-2.6.18-194.26.1.el5.028stab079.1.owl2.i686.rpm :

* Thu Dec 09 2010 Solar Designer 2.6.18-194.26.1.el5.028stab079.1-owl2- In the CVE-2010-4258 fix, moved the in_interrupt() check to be done beforethe newly added set_fs() call. Rationale:http://www.openwall.com/lists/oss-security/2010/12/09/4- Added mmap_min_addr checks into install_special_mapping() and__bprm_mm_init(). The problem was discovered and a similar patch proposed byTavis Ormandy of Google Security Team:http://www.openwall.com/lists/oss-security/2010/12/09/12- Set the default mmap_min_addr to 98304, just like we do in our sysctl.conf.- Merged linux-2.6-net-limit-sendto-recvfrom-iovec-total-length-to-int_max.patchfrom 2.6.18-236.el5.
* Wed Dec 08 2010 Solar Designer 2.6.18-194.26.1.el5.028stab079.1-owl1- Updated to 2.6.18-194.26.1.el5.028stab079.1.- Fixed \"Dangerous interaction between clear_child_tid, set_fs(), and kerneloopses\" (CVE-2010-4258). Problem discovered and fix proposed by Nelson Elhageof Ksplice:http://www.openwall.com/lists/oss-security/2010/12/02/3http://www.openwall.com/lists/oss-security/2010/12/02/7http://www.openwall.com/lists/oss-security/2010/12/08/4- Merged many security-relevant patches from 2.6.18-236.el5 (mostly forinfoleaks discovered by Dan Rosenberg, as well as his patch introducingthe dmesg_restrict sysctl and CONFIG_SECURITY_DMESG_RESTRICT).- Set CONFIG_SECURITY_DMESG_RESTRICT=y in our default configs.- Package include/ub/, which is needed for external kernel module buildsagainst OpenVZ kernel headers (ub/ files are included from the \"regular\" linux/header files, so even a non-OpenVZ-specific module ends up needing them).
* Fri Sep 24 2010 Solar Designer 2.6.18-194.11.3.el5.028stab071.5-owl1- Updated to 2.6.18-194.11.3.el5.028stab071.5.- Added a fix for CVE-2010-3081 from 028stab070.5 (the same as Red Hat\'slinux-2.6-misc-make-compat_alloc_user_space-incorporate-the-access_ok.patchfrom their -194.11.4 kernel, but adjusted to apply on top of OpenVZ).- Restricted permissions on /proc/kallsyms (0444 to 0400).- Enabled building of DRBD as a module (also enabled connector and HMAC).- Set CONFIG_FUSION_SPI=y and CONFIG_PCNET32=y (these were at =m before) to rununder VMware out of the box, but switched CONFIG_IXGBE and CONFIG_IXGB (large10G Ethernet drivers) from =y to =m (have to fit on a 2.88 MB \"floppy\").- Switched to using xz-compressed source tarball and OpenVZ patch.
* Thu Sep 02 2010 Solar Designer 2.6.18-194.11.3.el5.028stab071.3-owl1- Updated to 2.6.18-194.11.3.el5.028stab071.3.
* Mon Aug 30 2010 Solar Designer 2.6.18-194.8.1.el5.028stab070.4-owl1- Updated to 2.6.18-194.8.1.el5.028stab070.4.- Added most post-194.8.1 patches from Red Hat\'s -194.11.1.- Fixed an Owl-specific bug in init/do_mounts.c: do_mount_root() withroot=/dev/cdrom failing to access CD drives on IDE slaves.- Applied a variation of Kees Cook\'s partial fix to fs/exec.c\'s argv expansion:http://www.openwall.com/lists/oss-security/2010/08/27/1http://www.openwall.com/lists/oss-security/2010/08/30/3- Applied upstream\'s fix to integer overflow flaws in ext4_ext_in_cache() andext4_ext_get_blocks():http://www.openwall.com/lists/oss-security/2010/08/16/1- Enabled CONFIG_FUSION_
* and CONFIG_PCNET32 as modules.
* Wed Jul 21 2010 Solar Designer 2.6.18-194.8.1.el5.028stab070.2.owl3- Backported the AHCI vs. Marvell PATA driver co-existence fixes from 2.6.34.1,made the corresponding messages more verbose.- Implemented support of root=/dev/cdrom - a magic root device that correspondsto the first CD drive with a valid filesystem (maybe of a specified type).
* Tue Jul 20 2010 Solar Designer 2.6.18-194.8.1.el5.028stab070.2.owl2- Fixed a bug in drivers/dca/Kconfig that prevented CONFIG_DCA from being setto \"y\" when module support is enabled.- Made assorted changes to the kernel configs.
* Sat Jul 17 2010 Solar Designer 2.6.18-194.8.1.el5.028stab070.2.owl1- RPM\'ed the kernel in a way allowing for easy non-RPM\'ed builds as well.
  
ICM