wolk-announce Mailing List for WOLK - Working Overloaded Linux Kernel (Page 2)
Brought to you by:
hight0wer
You can subscribe to this list here.
2002 |
Jan
|
Feb
|
Mar
|
Apr
|
May
(6) |
Jun
|
Jul
(1) |
Aug
(1) |
Sep
(3) |
Oct
(4) |
Nov
(7) |
Dec
(2) |
---|---|---|---|---|---|---|---|---|---|---|---|---|
2003 |
Jan
(1) |
Feb
|
Mar
|
Apr
|
May
(3) |
Jun
(1) |
Jul
(4) |
Aug
(11) |
Sep
|
Oct
|
Nov
|
Dec
(2) |
2004 |
Jan
|
Feb
(9) |
Mar
(7) |
Apr
(14) |
May
|
Jun
(3) |
Jul
|
Aug
|
Sep
(1) |
Oct
|
Nov
(3) |
Dec
|
From: Randy.Dunlap <rdd...@os...> - 2004-02-26 21:20:53
|
On Thu, 26 Feb 2004 12:34:27 -0800 Mike Fedyk wrote: | Marc-Christian Petersen wrote: | > o added: extend memstats (me) | | What does this do? | | > o added: Application Layer 7 Packet Classifier v0.4.1b (Ethan Sommer) | | Where can I find more info on this? | | > o added: initrd support for cramfs (Herbert Xu) | | I'd love to see this merged upstream. Is that like this? http://linux.bkbits.net:8080/linux-2.5/cset@1.1500.8.45?nav=index.html|ChangeSet@-4w -- ~Randy |
From: Lucas A. <ad...@cs...> - 2004-02-26 21:19:22
|
Does the wolk 2.6 have grsecurity in it? Luke Computer Science System Administrator Security Administrator,College of Engineering Montana State University-Bozeman,Montana |
From: Mike F. <mf...@ma...> - 2004-02-26 20:44:40
|
Marc-Christian Petersen wrote: > o added: extend memstats (me) What does this do? > o added: Application Layer 7 Packet Classifier v0.4.1b (Ethan Sommer) Where can I find more info on this? > o added: initrd support for cramfs (Herbert Xu) I'd love to see this merged upstream. Mike |
From: Marc-Christian P. <m....@wo...> - 2004-02-26 19:08:57
|
=2D----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hi all, first WOLK version for 2.6. Apply ontop of a vanilla 2.6.3 from kernel.org. Tell me what you think, how it works, what I've missed, what should go in b= la bla you know what I mean ;) Have fun :) Changelog from v2.6.3 -> v2.6.3-wolk1.0 =2D --------------------------------------- o added: 2.6.3-mm4 except 4g/4g stuff (it breaks PaX) (Andrew Morton) o added: PaX 2.6.3-200402250000 (PaX Team) o added: autoregulate swappiness (Con Colivas) o added: extend memstats (me) o added: dmesg cleanup (dunno?) o added: Application Layer 7 Packet Classifier v0.4.1b (Ethan Sommer) o added: Bootsplash v3.1.3 (SuSE GmbH) o added: SuperMount-NG v2.0.4 (Andrey Borzenkov) o added: ReiserFS v4 snapshot 2004.02.25 (Namesys) o added: Prism GT/Duette 802.11(a/b/g) PCI/PCMCIA support (Luis Rodrig= uz) o added: HostAP driver v0.1.3 (Jouni Malinen) o added: SquashFS v1.3-r3 (Phillip Lougher) o added: Speakup accessibility (Speakup Guys) o added: Linux InfraRed Controller v2.6.3-20040224 (LIRC Guys) o added: Broadcom BCM5700 driver v7.1.22 (Broadcom Corporation) o added: UCL nrv2e compression algorithm v2.6-20040217 (Luca Barbato) o added: initrd support for cramfs (Herbert Xu) o added: HP OmniBook support (So=F3s P=E9ter) o added: CONFIG_HZ (Mikael Pettersson) o added: IBM Power Linux RAID adapter support v2.0 (IBM Corporation) o added: SCSI Media Changer v0.22 (Gerd Knorr) o added: Twofish encryption for loop device (SuSE GmbH) o added: ReiserFS extended attributes (SuSE GmbH) o added: ReiserFS POSIX Access Control Lists (SuSE GmbH) o added: ReiserFS Security Labels (SuSE GmbH) o added: Scheduler Tweaks preselections (me) o fixed: disabled Macintosh device drivers for all but PPC (me) o fixed: enable adaptec SCSI RAID adapters (Adaptec) o fixed: prevent amd64 laptops from hanging when (?) unplugging power cord, or closing lid. Todo =2D ---- o grsecurity once it's out for 2.6 (Brad, move your ass ;) o menu cleanups md5sums: =2D -------- ba475315c783d473a4c1e26f2b0a2039 *linux-2.6.3-wolk1.0.patch.bz2 72da973aac989c6c980364a5f4800511 *linux-2.6.3-wolk1.0.patch.gz =2D -- Kind regards Marc-Christian Petersen http://sourceforge.net/projects/wolk PGP/GnuPG Key: 1024D/569DE2E3DB441A16 =46ingerprint: 3469 0CF8 CA7E 0042 7824 080A 569D E2E3 DB44 1A16 Key available at http://pgp.mit.edu. Encrypted e-mail preferred =2D----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.4 (GNU/Linux) iD8DBQFAPjnlVp3i49tEGhYRAvViAJwMYRX8SCCaJCKZIJWSAWpxxoMa2ACg7t2M A9ywObt4uwJ4PYPAnkzjHpo=3D =3DHoh/ =2D----END PGP SIGNATURE----- |
From: Marc-Christian P. <m....@wo...> - 2004-02-26 07:18:55
|
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hi all, so here we go, FINAL v4.11. This is the 11th maintenance update for WOLK4.0. > I encourage _all_ WOLK users to update to v4.10s! It fixes all known > security issues up to 25th February 2004 (today). okay. I am very sorry but that was bullshit. For details please read on: Changelog from v4.10s -> v4.11s - ------------------------------- o updated: CIFS v1.0.2b o updated: HostAP driver v0.1.3 o fixed: CAN-2004-0003: issues in r128 DRI (Direct Render Infrastructure) o fixed: CAN-2004-0010: a flaw in ncp_lookup() in ncpfs. o fixed: CAN-2004-0075: the Vicam USB driver in Linux before 2.4.25 does not use the copy_from_user function when copying data from userspace to kernel space, which crosses security boundaries and allows local users to cause a denial of service. o fixed: user/kernel copying in DRI GAMMA driver md5sums: - -------- befb7511aa4075255bb7755fb961c0e5 *linux-2.4.20-wolk4.10s-to-4.11s.patch.bz2 9b2f41b6e9a728d1f9e3abcb0f837859 *linux-2.4.20-wolk4.10s-to-4.11s.patch.gz - -- Kind regards Marc-Christian Petersen http://sourceforge.net/projects/wolk PGP/GnuPG Key: 1024D/569DE2E3DB441A16 Fingerprint: 3469 0CF8 CA7E 0042 7824 080A 569D E2E3 DB44 1A16 Key available at http://pgp.mit.edu. Encrypted e-mail preferred -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.4 (GNU/Linux) iD8DBQFAPZnIVp3i49tEGhYRAoR4AKCORVMumqOoSIta7xw9ty9QgITdnQCbBXiT bJ954caKySI4OD9cSVuA4HA= =j5Hy -----END PGP SIGNATURE----- |
From: Marc-Christian P. <m....@wo...> - 2004-02-25 15:07:08
|
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hi all, so here we go, FINAL v4.10. This is the 10th maintenance update for WOLK4.0. I am very proud to announce this because it fixes several (read TONS) of serious bugs :-) ... It's working very very well on all of my systems including a Quad XEON with 2GB RAM, 3 Dual XEON machines in production for tons of weeks now. Please excuse me for this horribly f*cking delay doing v4.10s :( Note for all grsecurity PaX users: It is important when you configure the new kernel to not simply load an old configuration. There are new PaX options that you need to choose for PaX to be enabled. To retain the same functionality as before, enable the "legacy ELF header marking" and "ELF program header marking", leave MAC system integration set to none, and disable soft mode. I encourage _all_ WOLK users to update to v4.10s! It fixes all known security issues up to 25th February 2004 (today). Have fun! Changelog from v4.9s -> v4.10s - ------------------------------ o added: Promise PDC ULTRA SATA support v1.00.0.10 o added: Emulex LP8000/9000/9002L/9002DC/9402DC/9802 FC support v1.23a o added: Quick Sort support (qsort) o added: ignore unrecognized mount options o added: ATI IGP chipset support o added: S3 Savage support o added: VIA CLE266 support o added: full XAPIC support (vanilla has half of this :p) o added: rICMP support o added: libata (S-ATA support via SCSI layer) same as 2.6 kernel version (2004-02-18) o fixed: broken 2.4.x rt_sigprocmask error handling o fixed: IDE timeout race fix o fixed: CAN-2004-0077: return proper do_munmap() error code o fixed: CAN-2003-0984: /dev/rtc can leak parts of kernel memory to unpriviledged users o fixed: CAN-2003-0985: malicious users of mremap() syscall can gain priviledges o fixed: check bounds in do_brk (recently used to exploit Debian Servers) o fixed: full modular IDE build problems o fixed: Support for processor throttling when VMware runs o fixed: overflow on unaligned checksum buffers o fixed: handle unreachable IO-APICs in ACPI without panic o fixed: problem where every user who can open /dev/cdrom crash kernel o fixed: boot code overflow with more CPUs than CONFIG_NR_CPUS o fixed: missing brackets in agpgart o fixed: SCSI: never ever merge requests if we exceed the maximum number of scatter-gather segments that fit into a page. o fixed: another potential procfs memory leak o fixed: PAX' SEGMEXEC did not work with HIGHMEM vs. SMP o fixed: years outstanding bug with P3/P4 Hyperthreading :-( o fixed: problem with set_ioapic_affinity() o fixed: SMP kernel dummy APIC emulation in smpboot for x86: the process timer must be driven from the 8253 in this case. o fixed: mpparse for default MP systems o fixed: missing memory barrier in get_request_wait_wakeup() o fixed: Data region of memory output was negative o fixed: more irq/bh races (smp_mb()'s) o fixed: nvidia-kernel-1.0.4496 didn't compile o fixed: race in the O(1) scheduler o fixed: memory leak in kernel module loader o fixed: possible SMP deadlock on reboot o fixed: log_buf_len boot parameter o fixed: too few characters for boot parameters o fixed: ipc_init() SMP crash o fixed: route SMIs through IOAPIC o fixed: RCU helpers for PREEMPT o fixed: reduce bkl contention caused by blkdev_put o fixed: missing symbol 'console_printk' for IDE modularization o fixed: disable the anti-DoS fix tested on some embedded platforms, to avoid regressions due softirq delays o fixed: mmap on /dev/mem wrt to uncached accesses o fixed: wrong APIC handling for SMP/HT o fixed: ieee1394 locking bug in nodemgr o fixed: memory leak in user space communication with USB devices o fixed: memory leaks in LVM v1.0.7 o fixed: IPVS: ip_vs_tunnel_xmit to return NF_DROP when no memory available o fixed: IPVS: add strict boundary check in parsing FTP commands o updated: LSI MegaRAID (driver series v1.18k) o updated: LSI MegaRAID (driver series v2.10.1) o updated: Intel e100 driver v2.3.38 o updated: Intel e1000 driver v5.2.20 o updated: DRBD v0.6.11 o updated: AIC7xxx v6.3.4 / AIC79xx v2.0.5 (v2004-02-09) o updated: PPP Microsoft encryption/compression (MPPE/MPPC) v0.98 o updated: SysKonnect SK-98xx driver v6.21 o updated: Device Mapper (LVM2) v4.0.4-ioctl (2003-08-30) o updated: EVMS v2.1.1 o updated: LVM v1.0.8 o updated: replaced Super FreeS/WAN with OpenS/WAN v1.0.1 o updated: CryptoAPI from 2.4.22/2.4.23/2.4.24/2.4.25 o updated: CryptoLOOP (jari edition) o updated: rmap VM v15l o updated: grsecurity v1.9.14 o updated: tons of ACPI fixes for UP/SMP/HT and better Notebook support. o updated: convert /proc/interrupts to use seq_file o updated: shfs v0.32-pre2 o updated: Intel VTune Support o updated: RFCOMM protocol support v12 o updated: FireWire IEEE1394 rev1050 o updated: USB: tons of fixes and updates o updated: Broadcom BCM5700 driver v7.0.0 o updated: Broadcom Tigon3 v2.6 o updated: Compressed Loop (cloop) v1.02 o updated: DAC960 RAID Driver v2.4.20 of 1 May 2003 (Vanilla still has the driver from kernel 2.4.11!!) o updated: Intel/ICP RAID Controller support v2.06a o updated: AACRAID v1.1-3 o updated: Qlogic QLA 2x00 v6 FC SCSI support v6.06.00 o updated: 3ware Driver v1.02.00.037 o updated: CPU Frequency scaling v2.4.22 2003-09-01 o updated: XFS v1.3.1 Final (SCO: go and fuck yourself!) o removed: RMAP: OOM killer braindamage fix fix fix fix: BROKEN! o removed: Option 'PS/2 keyboard support': broke too much stuff o changed: CPU - Cap Processor Usage: Make it a config option md5sums: - -------- 081b06a88a0a15820a801dd6d35174d1 *linux-2.4.20-wolk4.10s-fullkernel.tar.bz2 3d6c78d822f72a3b36faebf1587466e9 *linux-2.4.20-wolk4.10s-fullkernel.tar.gz 7ab3d945def110a2ee78ce88175c7abe *linux-2.4.20-wolk4.10s.patch.bz2 169b00070d19a20988dd66919899ecb3 *linux-2.4.20-wolk4.10s.patch.gz 9d7e2b0ad390b2cae589cb80ec22b6f2 *linux-2.4.20-wolk4.9s-to-4.10s.patch.bz2 96459f1257130f077e3e67d6faf96a8d *linux-2.4.20-wolk4.9s-to-4.10s.patch.gz - -- Kind regards Marc-Christian Petersen http://sourceforge.net/projects/wolk PGP/GnuPG Key: 1024D/569DE2E3DB441A16 Fingerprint: 3469 0CF8 CA7E 0042 7824 080A 569D E2E3 DB44 1A16 Key available at http://pgp.mit.edu. Encrypted e-mail preferred -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.4 (GNU/Linux) iD8DBQFAPLfVVp3i49tEGhYRAjXeAJsFxmIrIGQZVAZ0SrLmz9kBpStbmACfUuYy uHz7DVto08MzNSMobFJbGtQ= =sS/A -----END PGP SIGNATURE----- |
From: Marc-Christian P. <m....@wo...> - 2004-02-21 03:22:08
|
On Friday 20 February 2004 21:32, Marc-Christian Petersen wrote: Hi all, > I just send this to the ML so you have the time to speak _now_ what's > missing or not fixed or whatever! GO AHEAD. You have: 1 Hour from now on! > :) After that, I'll start uploading v4.10s. I am trying to upload it to sf.net w/o any chance. About 25% and then the upload is stopped by whatever reason. I go to bed now b/c I am tired in trying to upload it since hours :( ciao, Marc |
From: Marc-Christian P. <m....@wo...> - 2004-02-20 20:39:29
|
=2D----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hi all, I just send this to the ML so you have the time to speak _now_ what's missi= ng or not fixed or whatever! GO AHEAD. You have: 1 Hour from now on! :) After= =20 that, I'll start uploading v4.10s. =2D -----------------------------------------------------------------------= =2D----- Changelog from v4.9s -> v4.10s =2D ------------------------------ o added: Promise PDC ULTRA SATA support v1.00.0.10 o added: Emulex FC support v1.23a o added: Quick Sort support (qsort) o added: ignore unrecognized mount options o added: ATI IGP chipset support o added: S3 Savage support o added: VIA CLE266 support o added: full XAPIC support (vanilla has half of this :p) o added: rICMP support o added: libata (S-ATA support via SCSI layer) same as 2.6 kernel version o fixed: broken 2.4.x rt_sigprocmask error handling o fixed: IDE timeout race fix o fixed: CAN-2004-0077: return proper do_munmap() error code o fixed: CAN-2003-0984: /dev/rtc can leak parts of kernel memory to unpriviledged users o fixed: CAN-2003-0985: malicious users of mremap() syscall can gain priviledges o fixed: check bounds in do_brk (recently used to exploit Debian Serve= rs) o fixed: full modular IDE build problems o fixed: Support for processor throttling when VMware runs o fixed: overflow on unaligned checksum buffers o fixed: handle unreachable IO-APICs in ACPI without panic o fixed: problem where every user who can open /dev/cdrom crash kernel o fixed: boot code overflow with more CPUs than CONFIG_NR_CPUS o fixed: missing brackets in agpgart o fixed: SCSI: never ever merge requests if we exceed the maximum numb= er of scatter-gather segments that fit into a page. o fixed: another potential procfs memory leak o fixed: PAX' SEGMEXEC did not work with HIGHMEM vs. SMP o fixed: years outstanding bug with P3/P4 Hyperthreading :-( o fixed: problem with set_ioapic_affinity() o fixed: SMP kernel dummy APIC emulation in smpboot for x86: the process timer must be driven from the 8253 in this case. o fixed: mpparse for default MP systems o fixed: missing memory barrier in get_request_wait_wakeup() o fixed: Data region of memory output was negative o fixed: more irq/bh races (smp_mb()'s) o fixed: nvidia-kernel-1.0.4496 didn't compile o fixed: race in the O(1) scheduler o fixed: memory leak in kernel module loader o fixed: possible SMP deadlock on reboot o fixed: log_buf_len boot parameter o fixed: too few characters for boot parameters o fixed: ipc_init() SMP crash o fixed: route SMIs through IOAPIC o fixed: RCU helpers for PREEMPT o fixed: reduce bkl contention caused by blkdev_put o fixed: missing symbol 'console_printk' for IDE modularization o fixed: disable the anti-DoS fix tested on some embedded platforms, to avoid regressions due softirq delays o fixed: mmap on /dev/mem wrt to uncached accesses o fixed: wrong APIC handling for SMP/HT o fixed: ieee1394 locking bug in nodemgr o fixed: memory leak in user space communication with USB devices o fixed: memory leaks in LVM v1.0.7 o fixed: IPVS: ip_vs_tunnel_xmit to return NF_DROP when no memory available o fixed: IPVS: add strict boundary check in parsing FTP commands o updated: LSI MegaRAID (driver series v1.18k) o updated: LSI MegaRAID (driver series v2.10.1) o updated: Intel e100 driver v2.3.38 o updated: Intel e1000 driver v5.2.20 o updated: DRBD v0.6.11 o updated: AIC7xxx v6.3.4 / AIC79xx v2.0.5 (v2004-02-09) o updated: PPP Microsoft encryption/compression (MPPE/MPPC) v0.98 o updated: SysKonnect SK-98xx driver v6.21 o updated: Device Mapper (LVM2) v4.0.4-ioctl (2003-08-30) o updated: EVMS v2.1.1 o updated: LVM v1.0.8 o updated: replaced Super FreeS/WAN with OpenS/WAN v1.0.1 o updated: CryptoAPI from 2.4.22/2.4.23/2.4.24/2.4.25-pre6 o updated: CryptoLOOP (jari edition) o updated: rmap VM v15l o updated: grsecurity v1.9.13 Final + CVS fixes up to 2004-02-18 o updated: tons of ACPI fixes for UP/SMP/HT and better Notebook support. o updated: convert /proc/interrupts to use seq_file o updated: shfs v0.32-pre2 o updated: Intel VTune Support o updated: RFCOMM protocol support v12 o updated: FireWire IEEE1394 rev1050 o updated: USB: tons of fixes and updates o updated: Broadcom BCM5700 driver v7.0.0 o updated: Broadcom Tigon3 v2.3 o updated: Compressed Loop (cloop) v1.02 o updated: DAC960 RAID Driver v2.4.20 of 1 May 2003 (Vanilla still has the driver from kernel 2.4.11!!) o updated: Intel/ICP RAID Controller support v2.06 o updated: Qlogic QLA 2x00 v6 FC SCSI support v6.06.00 o updated: 3ware Driver v1.02.00.037 o updated: CPU Frequency scaling v2.4.22 2003-09-01 o updated: XFS v1.3.1 Final (SCO: go and fuck yourself!) o removed: RMAP: OOM killer braindamage fix fix fix fix: BROKEN! o removed: Option 'PS/2 keyboard support': broke too much stuff o changed: CPU - Cap Processor Usage: Make it a config option =2D -- Kind regards Marc-Christian Petersen http://sourceforge.net/projects/wolk http://setiathome.ssl.berkeley.edu/stats/team/team_171853.html PGP/GnuPG Key: 1024D/569DE2E3DB441A16 =46ingerprint: 3469 0CF8 CA7E 0042 7824 080A 569D E2E3 DB44 1A16 Key available at www.keyserver.net. Encrypted e-mail preferred. =2D----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.4 (GNU/Linux) Comment: !! No Risk - No Fun !! - Try to crack this ;-) iD8DBQFANm72Vp3i49tEGhYRAmxOAKCYUt8vJtPklAsbjilVLt1SGL7zAwCg2snR 26zzFZk3VceGrhH3F5i+X24=3D =3D5+DF =2D----END PGP SIGNATURE----- |
From: Alexander E. <ae...@gn...> - 2003-12-05 08:53:16
|
I dont see 4.10s anywhere ?!? |
From: Marc-Christian P. <m....@wo...> - 2003-12-01 15:09:30
|
Hi all, I just want to update you about v4.10s. I'm gonna release v4.10 final this evening with many updates and tons of fixes. (I planned it for yesterday but haven't had the time because of a relocation over the weekend for a friend.) Sorry for the delay. I had some private problems, been very busy at work and had a case of death. Anyway, here's the changelog (if there's something I forgot, scream _now_): Changelog from v4.9s -> v4.10s ------------------------------ o added: Promise PDC ULTRA SATA support v1.00.0.10 o added: Emulex LP8000/9000/9002L/9002DC/9402DC/9802/10000 FC support o added: Quick Sort support (qsort) o added: ignore unrecognized mount options o added: ATI IGP chipset support o added: S3 Savage support o added: VIA CLE266 support o added: full XAPIC support (vanilla has half of this :p) o added: rICMP support o fixed: full modular IDE build problems o fixed: Support for processor throttling when VMware runs o fixed: overflow on unaligned checksum buffers o fixed: handle unreachable IO-APICs in ACPI without panic o fixed: problem where every user who can open /dev/cdrom can crash the kernel o fixed: boot code overflow with more CPUs than CONFIG_NR_CPUS o fixed: missing brackets in agpgart o fixed: SCSI: never ever merge requests if we exceed the maximum number of scatter-gather segments that fit into a page. o fixed: another potential procfs memory leak o fixed: PAX' SEGMEXEC did not work with HIGHMEM vs. SMP o fixed: years outstanding bug with P3/P4 Hyperthreading :-( o fixed: problem with set_ioapic_affinity() o fixed: SMP kernel dummy APIC emulation in smpboot for x86: the process timer must be driven from the 8253 in this case. o fixed: mpparse for default MP systems o fixed: missing memory barrier in get_request_wait_wakeup() o fixed: Data region of memory output was negative o fixed: more irq/bh races (smp_mb()'s) o fixed: nvidia-kernel-1.0.4496 didn't compile o fixed: race in the O(1) scheduler o fixed: memory leak in kernel module loader o fixed: possible SMP deadlock on reboot o fixed: log_buf_len boot parameter o fixed: too few characters for boot parameters o fixed: ipc_init() SMP crash o fixed: route SMIs through IOAPIC o fixed: RCU helpers for PREEMPT o fixed: reduce bkl contention caused by blkdev_put o fixed: RMAP: smp race in rebalance_laundry_zone() o fixed: RMAP: inode reclaim bug o fixed: missing symbol 'console_printk' for IDE modularization o fixed: disable the anti-DoS fix tested on some embedded platforms, to avoid regressions due softirq delays o fixed: mmap on /dev/mem wrt to uncached accesses o fixed: wrong APIC handling for SMP/HT o fixed: ieee1394 locking bug in nodemgr o fixed: memory leak in user space communication with USB devices o fixed: memory leaks in LVM v1.0.7 o fixed: IPVS: ip_vs_tunnel_xmit to return NF_DROP when no memory available o fixed: IPVS: add strict boundary check in parsing FTP commands o updated: PPP Microsoft encryption/compression (MPPE/MPPC) v0.98 o updated: SysKonnect SK-98xx driver v6.19 o updated: Device Mapper (LVM2) v4.0.4-ioctl (2003-08-30) o updated: EVMS v2.1.1 o updated: Super FreeS/WAN v1.99.9c o updated: CryptoAPI from 2.4.22/2.4.23-pre4 o updated: CryptoLOOP (jari edition) o updated: rmap VM v15k o updated: grsecurity v1.9.13 Final o updated: tons of ACPI fixes for UP/SMP/HT and better Notebook support. o updated: convert /proc/interrupts to use seq_file o updated: shfs v0.32-pre2 o updated: Intel VTune Support o updated: RFCOMM protocol support v12 o updated: FireWire IEEE1394 rev1050 o updated: USB: tons of fixes and updates o updated: Broadcom BCM5700 driver v7.0.0 o updated: Broadcom Tigon3 v2.3 o updated: Compressed Loop (cloop) v1.02 o updated: DAC960 RAID Driver v2.4.20 of 1 May 2003 (Vanilla still has the driver from kernel 2.4.11!!) o updated: Intel/ICP RAID Controller support v2.06 o updated: Qlogic QLA 2x00 v6 FC SCSI support v6.06.00 o updated: CPU Frequency scaling v2.4.22 2003-09-01 o updated: XFS v1.3.1 Final (SCO: go and fuck yourself!) o removed: RMAP: OOM killer braindamage fix fix fix fix: BROKEN! o removed: Option 'PS/2 keyboard support': broke too much stuff o changed: CPU - Cap Processor Usage: Make it a config option P.S.: ----- - I don't have the time to do WOLK5, so WOLK4.10s is the last wolk you'll see from me 'yet'. This might change in the future but I don't know when. Maybe when 2.4.24 or 2.4.25 is out and there is a need for another WOLK based on 2.4. - I'm gonna release a first WOLK for 2.6.0 soon (maybe this evening too) Nothing special about this. Just some tunings for better desktop behaviour. -- Kind regards Marc-Christian Petersen http://sourceforge.net/projects/wolk http://setiathome.ssl.berkeley.edu/stats/team/team_171853.html PGP/GnuPG Key: 1024D/569DE2E3DB441A16 Fingerprint: 3469 0CF8 CA7E 0042 7824 080A 569D E2E3 DB44 1A16 Key available at www.keyserver.net. Encrypted e-mail preferred. |
From: Marc-Christian P. <m....@wo...> - 2003-08-29 13:04:47
|
Hi all, so here we go, FINAL v4.9. This is the 9th maintenance update for WOLK4.0. Now, WOLK5 work starts with 2.4.22. Anway, this tree (wolk4) will get security fixes only until WOLK5.0 final is out. After that, WOLK4 is out of maintenance. The NEWIDE Addon has been updated too. My company needed some features like Dazuko and WEB-DAV, so I've added it. There were also a request for Layer7 Packet Classifier, though for 5.0s but hey, it's also possible for 4.9s ;) I've removed 4.0-fullkernel gz|bz2 files and uploaded 4.9-fullkernel files. If you want to use earlier versions, you have to 'down-patch' 4.9s. Have fun! Changelog from v4.8s -> v4.9s ----------------------------- o added: Dazuko v1.2.1 o added: missing iSCSI Configure help entries and informations o added: sysctl to control ipfrag_secret_interval o added: WEB-DAV Linux File System support (davfs2) v0.2.4 o added: Application Layer 7 Packet Classifier v0.1.4 o fixed: hfsplus unresolved symbols o fixed: rsbac v1.2.2 compilation errors :-( o fixed: Mhwahahhaha! A missing 'generic_unplug_device' in IDE code o fixed: irq/bh races o fixed: two missing Intel x86 cache defines (now Pentium-M should be ok) o fixed: use Jenkins hash for fragment reassembly handling o fixed: lru queue for ip_fragment evictor o fixed: hardcoded vmalloc reserve size: now we have a boot parameter See: Documentation/kernel-parameters.txt : vm_reserve o fixed: RMAP: zeromap_pmd_range o fixed: RMAP: treat database shared memory segments with the same swapout priority as anonymous pages, this helps database performance under some loads o fixed: RMAP: do all page->flags updates atomically, to avoid race conditions o fixed: some bogus 'file->f_flags' o fixed: more unshare_files() fixes o fixed: speedup 'make dep' again a bit o fixed: loop handling of sector size ioctl o fixed: asm constraint bug in arch/i386/kernel/pci-pc.c o updated: IBM ServeRAID v6.10.24 o updated: Broadcom BCM4400 driver v2.0.5 o updated: Broadcom BCM5700 driver v6.2.17 o updated: SysKonnect SK-98xx driver v6.17 o updated: iSCSI support (SCSI-over-Network) v3.4.0.3 o updated: XFS v1.3.0 Final ------------------------------------ | IMPORTANT NOTE: This is an addon | ------------------------------------ o added: 2.4.22-ac/2.4.22/2.4.21 IDE backport + various fixes o added: libata-5 (S-ATA support via SCSI layer) o fixed: cdrom error handling o updated: Packet writing on CD/DVD media v2.4.22-pre10-ac1 md5sums: -------- 9cf8e947627d363eed173ed433da1273 *linux-2.4.20-wolk4.9s-to-4.9s-NIDE.patch.bz2 478368154f8c0b9ea03091c2bb671479 *linux-2.4.20-wolk4.9s-to-4.9s-NIDE.patch.gz 06d2f90afaa7438f56653611a7a00cce *linux-2.4.20-wolk4.8s-to-4.9s.patch.bz2 3466d1f9328367d44ab2b63fb2cb8bf3 *linux-2.4.20-wolk4.8s-to-4.9s.patch.gz -- Kind regards Marc-Christian Petersen http://sourceforge.net/projects/wolk http://setiathome.ssl.berkeley.edu/stats/team/team_171853.html PGP/GnuPG Key: 1024D/569DE2E3DB441A16 Fingerprint: 3469 0CF8 CA7E 0042 7824 080A 569D E2E3 DB44 1A16 Key available at www.keyserver.net. Encrypted e-mail preferred. |
From: Wilbert P. <tmc...@ao...> - 2003-08-25 15:53:30
|
<html> <body bgcolor=3D"#ffffff"> <center> <font face=3D"verdana" size=3D"1" color=3D"#000000"><a href=3D"http://www.= go-mtg.com/mortgage/conf/rm.html"<font face=3D"verdana" size=3D"1" color=3D= "#999999">click here </a>to be removed from future mailings.</font><br> <table border=3D"0" cellpadding=3D"3" cellspacing=3D"0"> <tr> <td bgcolor=3D"#000000"> <table bgcolor=3D"#FFFBE0" border=3D"0" width=3D"470" cellpadding=3D"8"= cellspacing=3D"0"> <tr> <td align=3D"center"> <a href=3D"http://www.go-mtg.com/mortgage/conf/"><font face=3D"verda= na" size=3D"5" color=3D"#ff0000"><b>Conference Calls</font> <br><font face=3D"verdana" size=3D"4" color=3D"#ff0000"><i>Only 15 C= ents Per Min.</a></i></b> <br> (Long Distance Included) </font></td> </tr> <tr> <td align=3D"left"> <font face=3D"verdana" size=3D"2" color=3D"#000000">We offer an extr= emely easy to use conferencing service that only costs a fraction of what most companies charge. <br> <br> <b>No Set-up Fees <br> No Contracts or Monthly Fees </font> </td> </tr> </b> <tr> <td align=3D"center"> <font face=3D"verdana" size=3D"3 color=3D"#000000"><b>Also Broadcast Y= our Conference Call Over <br>The Internet - Only <u>8 Cents</u> Per Minute= <br>Great For International Participants. </font></td></tr> <tr> <td align=3D"center"> <a href=3D"http://www.go-mtg.com/mortgage/conf/"><font face=3D"verdana= " size=3D"4" color=3D"#ff0000"><b>Click Here For More Info</b></font></a> </font></td> </tr> </table> </td> </tr> </table> </center> </body> </html> cpxi xjabtkvku w e tsgrugyo |
From: Marc-Christian P. <m....@wo...> - 2003-08-24 21:36:33
|
=2D----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hi there, This is the 3rd maintenance update for the 2.2.25-secure tree. There were some feature requests and my company also needs some stuff, so there are some new features! =2D ------------------- o added: Dazuko v1.2.1 o added: DRBD v0.6.6 o added: some misc IPMASQ modules (ICQ, H323, etc.) o added: route Dead-Gateway-Detection o added: AccessFS v0.4 o added: Load balancing using multipaths o added: NWFS (NetWare filesystem support) o added: Secure-IT: Small backports of grsecurity v1.9 - Remove /proc/kcore - Deny writing to /dev/kmem, /dev/mem, and /dev/port - Disable privileged I/O - Full logging of above events - Randomized PIDs - Larger entropy pools - Randomized TCP source ports - chroot(2) exec logging en-/disable - Deny promiscuous mode for interfaces o added: Qlogic QLA 1280/12160 SCSI support o added: Qlogic QLA 2x00 FC SCSI support o added: kmsgdump v0.4 for Kernel v2.2x o added: Parallel Port SCSI adapters + fixed: 'EXPORT_SYMTAB_not_defined' in dmi_ident/dmi_scan_mach o fixed: increase: NR_FILE, SEMMNI, SHM_ID_BITS, NR_TASKS, MAX_TASKS_PER_USER and MIN_TASKS_LEFT_FOR_ROOT o fixed: speedup 'make dep' o fixed: try to avoid OOM root processes. Kill user procs first o fixed: limit maximum peer bus number to last bus number reported by the bios o fixed: magic sysrq via serial console was missing in previous o fixed: braindead 'modinfo has changed' warning while make mods o fixed: missing defines o fixed: ext2: wrong 'size_t', we must use unsigned long o fixed: ip_masq_portfw, so that there is no conflict with ports previously assigned to the mask o fixed: bigmem /proc/meminfo display only if CONFIG_BIGMEM o fixed: some more ugly menu structures - IPVS is now seperated - IP MASQ is now seperated o fixed: problems with IPsec and Bridge usage o fixed: IMQ vs. ipchains o fixed: SMP deadlock in the SCSI CD-ROM vendor layer o fixed: SCSI bus/device reset capability o fixed: handle SCSI module errors/counters correctly o fixed: /proc/ikconfig was missing (needed backport) o updated: PaX v20030809.1825 o changed: max loop devices changed from 8 to 16 o changed: increased max_scsi_luns from 8 to 64 Release Info: =2D ------------- Date : August, 21th, 2003 Time : 12:50 am CET URL : http://sf.net/projects/wolk md5sums: =2D -------- 9fd1eff7235ba2eaa9c6a5fd2ac12238=20 *linux-2.2.25-2-secure-to-2.2.25-3-secure.patch.bz2 2587c53de2d6c6f27fd0e806b6ad2430=20 *linux-2.2.25-2-secure-to-2.2.25-3-secure.patch.gz =2D -- Kind regards Marc-Christian Petersen http://sourceforge.net/projects/wolk http://setiathome.ssl.berkeley.edu/stats/team/team_171853.html PGP/GnuPG Key: 1024D/569DE2E3DB441A16 =46ingerprint: 3469 0CF8 CA7E 0042 7824 080A 569D E2E3 DB44 1A16 Key available at www.keyserver.net. Encrypted e-mail preferred. =2D----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.2 (GNU/Linux) Comment: !! No Risk - No Fun !! - Try to crack this ;-) iD8DBQE/R661Vp3i49tEGhYRAhRYAJ9ta4CE9w2UZ8+vcFJq9wPHlDmu3gCgsEz3 lDwTs14ld4TuSbfG92kwuqo=3D =3Dx3Z6 =2D----END PGP SIGNATURE----- |
From: Marc-Christian P. <m....@wo...> - 2003-08-20 07:11:52
|
=2D----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hi all, so here we go, FINAL v4.8. This is the 8th maintenance update for WOLK4.0. This is now _really really_ (read: maybe really ;-) the last WOLK4=20 update/release!!!! Stefan: Yes, I _am_ addict :ppp Changelog from v4.7s -> v4.8s =2D ----------------------------- o fixed: new i2c merge broke matroxfb, tvmixer, bttv and DXR3 o fixed: wrong assumption in set_bh_page() o fixed: max_addr_len() for InfiniBand support o fixed: aic7xxx/aic79xx -Werror makefile error o fixed: 'no_idt' usage in reboot code, noticed by better asm typechecking in gcc-3.3.1. o updated: zlib v1.1.4 =2D ------------------------------------ | IMPORTANT NOTE: This is an addon | =2D ------------------------------------ o added: 2.4.22-ac/2.4.22/2.4.21 IDE backport + various fixes o added: libata-5 (S-ATA support via SCSI layer) o updated: Packet writing on CD/DVD media v2.4.22-pre10-ac1 This is an extra all-in-one patch. You have to download it seperately. You= =20 have to apply it by hand. You have to recompile your kernel ;) Consider this as a 'present' for all the users out there with newest bleedi= ng=20 edge IDE chipsets and S-ATA stuff and who are not able to use WOLK because = of=20 this. All IDE stuff compiles as module or statically (tested). I don't know if al= l=20 of the drivers work as expected. At least Intel PIIXn works (I use it atm). !!!! Please report success/failures with this !!!! =46or a compiling .config look into my home directory at: http://wolk.sourceforge.net/people/ Have fun! md5sums: =2D -------- b5ba63c4f3535060d4818660d14de10b *linux-2.4.20-wolk4.8s-to-4.8s-NIDE.patch.= bz2 d2909c58ccc61058ec8484e50993ed1f *linux-2.4.20-wolk4.8s-to-4.8s-NIDE.patch.= gz 992ecfbd8c227938ebe395e1b5682bcb *linux-2.4.20-wolk4.7s-to-4.8s.patch.bz2 c786f9b5a7e339c1df0504a5cc929a25 *linux-2.4.20-wolk4.7s-to-4.8s.patch.gz =2D -- Kind regards Marc-Christian Petersen http://sourceforge.net/projects/wolk http://setiathome.ssl.berkeley.edu/stats/team/team_171853.html PGP/GnuPG Key: 1024D/569DE2E3DB441A16 =46ingerprint: 3469 0CF8 CA7E 0042 7824 080A 569D E2E3 DB44 1A16 Key available at www.keyserver.net. Encrypted e-mail preferred. =2D----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.2 (GNU/Linux) Comment: !! No Risk - No Fun !! - Try to crack this ;-) iD8DBQE/Qq+DVp3i49tEGhYRAjthAJ4mKB/MM6kuze9B1FwKY6BJ2qd0yACgiU7e EKiIZd1RxmeO/7+OBbr0UhE=3D =3D00WA =2D----END PGP SIGNATURE----- |
From: Marc-Christian P. <m....@wo...> - 2003-08-17 20:47:07
|
=2D----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hi all, so here we go, FINAL v4.7. This is the 7th maintenance update for WOLK4.0. This is now _really really_ the last WOLK4 update/release unless there will= =20 happen something really bad! I had to do this update because of XFS problem= s=20 for certain users. Now, WOLK5 work starts with 2.4.22. Anway, this tree (wolk4) will get=20 security fixes only until WOLK5.0 final is out. After that, WOLK4 is out of= =20 maintenance. Many Thanks to: =2D --------------- =2D - Michael Gebetsroither shfs merge Changelog from v4.6s -> v4.7s =2D ----------------------------- + added: shfs v0.32-pre1 o added: new CPU capabilites for recent cpu's o added: Intel/AMD/VIA HW Random Number Generator support o added: Deny promiscuous mode for interfaces o added: WRR packet scheduler o fixed: ptrace swap race o fixed: steal_locks: we should be in full LSB compliance now o fixed: nbd: multiple race conditions o fixed: nbd: race conditions and various other deadlocks o fixed: beyond_eof check in generic_direct_IO o fixed: reiserfs: some issues with extended inode attributes o fixed: ext3fs: ext3_read_inode() race fix o fixed: ext3fs: missing TASK_RUNNING in jbd transaction code o fixed: ext3fs: handle aborted journals o fixed: v4l2: wrong poll_table usage. We have epoll too. o fixed: RMAP: OOM killer braindamage fix fix fix fix (yes, it's the 4th fix fix ;) and it _works_ now! o updated: IPVS v1.0.10 o updated: rsbac v1.2.2 o updated: DRBD v0.6.6 o updated: grsec: tons of PaX updates/fixes o updated: XFS v1.3.0-pre5 o updated: kdb v4.3 o updated: EVMS v2.1.0 o updated: q->full revision 2 o updated: i2c v2.8.0 Final o updated: lmsensors v2.8.0 Final o updated: CIFS v0.8.7 o removed: EVMS v1.x code o changed: Make 'PS/2 keyboard support' an option md5sums: =2D -------- 51412491c4aed5b328f7dc68085b865d *linux-2.4.20-wolk4.6s-to-4.7s.patch.bz2 6d51dbbddc7862bd05d1c7ffa8aecc8b *linux-2.4.20-wolk4.6s-to-4.7s.patch.gz =2D -- Kind regards Marc-Christian Petersen http://sourceforge.net/projects/wolk http://setiathome.ssl.berkeley.edu/stats/team/team_171853.html PGP/GnuPG Key: 1024D/569DE2E3DB441A16 =46ingerprint: 3469 0CF8 CA7E 0042 7824 080A 569D E2E3 DB44 1A16 Key available at www.keyserver.net. Encrypted e-mail preferred. =2D----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.2 (GNU/Linux) Comment: !! No Risk - No Fun !! - Try to crack this ;-) iD8DBQE/P+lMVp3i49tEGhYRAnUTAJ4zqBXzl3yzoEdrIO6auKHsLcMsjwCgudcT Ocn50ggm/MLv6Rw89c/ba6w=3D =3DBDqE =2D----END PGP SIGNATURE----- |
From: Marc-Christian P. <m....@wo...> - 2003-08-06 07:54:07
|
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hi all, so here we go, FINAL v4.6. This is the 6th maintenance update for WOLK4.0. This is now really the last WOLK4 update/release unless there will happen something really bad! - ------------------------------------------------------------------------------ For all of you who love RMAP and also grsecurity/PaX, please write to 'pag...@fr...' and ask, if they'll do RMAP support please. I have some hacks in WOLK but they are obviously not 100% correct and I really want to have full RMAP support in grsecurity/PaX with #ifdef's or macro's or whatever. I really want to have this in WOLK5.0 based on 2.4.22. It's mostly the pte-highmem stuff. Thank you. - ------------------------------------------------------------------------------ Changelog from v4.5s -> v4.6s - ----------------------------- o fixed: BUG() while booting (missing brackets :pp) o fixed: correct 64-bit write system call assignment o fixed: select() with an xoffed tty o fixed: compile error when EVFS is selected o fixed: undefined reference to touch_nmi_watchdog o fixed: mainline pagecache is slow and scales _bad_. Make it better :p o fixed: SAK: printk killed processes only if grsecurity's proc restrictions are enabled. + fixed: some bogus EXPORT_SYMBOL_GPL (Michael Getsroither) o updated: HostAP driver v0.0.4 o removed: 3com 3c59x v0.99Za (it works great for many people and also works very bad for many people. Revert this until Donald Becker fixed it up. NOTE: - ----- VMware v4.0.1 has now official WOLK4 support. So if you use this new version, there's no need anymore to use the './userspace-patches' supplied vmmon.tar. md5sums: - -------- 0b758dcfc015034f80b10f8bba194d58 *linux-2.4.20-wolk4.5s-to-4.6s.patch.bz2 086e191a7530595b260e8ab25ef7d5b3 *linux-2.4.20-wolk4.5s-to-4.6s.patch.gz - -- Kind regards Marc-Christian Petersen http://sourceforge.net/projects/wolk PGP/GnuPG Key: 1024D/569DE2E3DB441A16 Fingerprint: 3469 0CF8 CA7E 0042 7824 080A 569D E2E3 DB44 1A16 Key available at www.keyserver.net. Encrypted e-mail preferred. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.2 (GNU/Linux) Comment: !! No Risk - No Fun !! - Try to crack this ;-) iD8DBQE/MLOrVp3i49tEGhYRAnMDAJ96H5TTLIR1amnT5A33I+00fzI3kgCeMIbS tyo/kPmyEP2qaN1AQkXEEjU= =nc26 -----END PGP SIGNATURE----- |
From: Marc-Christian P. <m....@wo...> - 2003-08-06 06:59:11
|
=2D----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hi there, I am proud to announce v2.2.25-2-secure. The well known -secure tree by me. Since I do this kernel we've upgraded all our servers of our customers at my company to this tree without any major or minor problems. The servers vary from just beeing a mailserver for 5 workstations to highend servers for ~ 3000 users beeing proxy-, smtp-, pop3-/imap-, file-, web-, firewall-server and ipsec gate. =2D -> The intended purpose is for production/servers/firewalls <- o indicates work by me + indicates work by users Changes in 2.2.25-2 =2D ------------------- o added: 'Disable APM by default' option o added: 'Enable IP autoconfiguration by default' option o added: NetGear FA310TX support o added: Adaptec RAID Controller support o added: ik-config v0.5 o added: PaX v200308011920 o added: Support for big physical area reservation o fixed: Disabled MCE on Pentiums by default=20 o fixed: hashing exploits in network stack o fixed: complex menu structure, Security Submenu o updated: SysKonnect SK-98xx v6.12 GigE Server Adapter driver o updated: Super FreeS/WAN v1.99.8 Final Release Info: =2D ------------- Date : August, 06th, 2003 Time : 09:00 am CET URL : http://sf.net/projects/wolk md5sums: =2D -------- e77a6de1196085705c506295dfd3ac67 *linux-2.2.25-1-secure-to-2.2.25-2-secure.= patch.bz2 e0dce8d48bb6c173f73bf8e866059a27 *linux-2.2.25-1-secure-to-2.2.25-2-secure.= patch.gz =2D -- Kind regards Marc-Christian Petersen http://sourceforge.net/projects/wolk http://setiathome.ssl.berkeley.edu/stats/team/team_171853.html PGP/GnuPG Key: 1024D/569DE2E3DB441A16 =46ingerprint: 3469 0CF8 CA7E 0042 7824 080A 569D E2E3 DB44 1A16 Key available at www.keyserver.net. Encrypted e-mail preferred. =2D----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.2 (GNU/Linux) Comment: !! No Risk - No Fun !! - Try to crack this ;-) iD8DBQE/MKaxVp3i49tEGhYRAt1JAKChPcIUf2DHP2Eee7hrbx6UCQSu4gCePzPB t/v+ZySFuPGgzjYvT1b7hBQ=3D =3DVBvq =2D----END PGP SIGNATURE----- |
From: Marc-Christian P. <m....@wo...> - 2003-08-04 21:15:58
|
=2D----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hi all, so here we go, FINAL v4.5. This is the 5th maintenance update for WOLK4.0. A missing security issue has been fixed! Sorry, forgot it in 4.4s :-( This is the last WOLK4 update/release unless there will happen something=20 really bad! =2D -----------------------------------------------------------------------= =2D------ =46or all of you who love RMAP and also grsecurity/PaX, please write to=20 'pag...@fr...' and ask, if they'll do RMAP support please. I have some hacks in WOLK but they are obviously not 100% correct and I rea= lly=20 want to have full RMAP support in grsecurity/PaX with #ifdef's or macro's o= r=20 whatever. I really want to have this in WOLK5.0 based on 2.4.22. It's mostl= y=20 the pte-highmem stuff. Thank you. =2D -----------------------------------------------------------------------= =2D------ Changelog from v4.4s -> v4.5s =2D ----------------------------- o added: ikconfig support (will be merged soon into 2.4-BK, finally!) o added: kernel compilattion support for IBM's propolice gcc extension o added: HP CISS: support for failover in multipath environments using the md driver. For more informations, please read: Documentation/cciss.txt: Monitor Threads o fixed: CAN-2003-0464: A recent change in the RPC code set the reuse flag on newly-created sockets. Olaf Kirch noticed that his could allow normal users to bind to UDP ports used for services such as nfsd. o fixed: CAN-2003-0187: A vulnerability was reported in Netfilter in t= he connection tracking function. On certain versions of the Li= nux kernel, a remote user can cause denial of service conditions on the target system. o fixed: CAN-2003-0467: A vulnerability was reported in the network address translation (NAT) implementation in Netfilter. A remote user may be able to cause the target system to crash. + fixed: 3com 3c59x: static compile issue (Mike Bethune) + fixed: 3com 3c59x: module license missing (Michael Getsroither) o fixed: Error out if no I/O elevator is selected and tell the user ab= out o fixed: AGPGART problem with 4GB RAM o fixed: slab cache usage (it's broken in 2.4 mainline, too much wasta= ge) o fixed: irq handling of IO-APIC edge IRQs on UP o updated: 3ware Driver v1.02.00.036 o updated: LSI MegaRAID (driver series v1.18j) o updated: LSI MegaRAID (driver series v2.00.7) Notice: There was a report, that "q->full" fixes all of the latency problems and on SCSI devices, it is _faster_ than before. I don't know why t= his happens but it's true. So try it out ;) md5sums: =2D -------- 022f242d488e6def5e23791787491e6e *linux-2.4.20-wolk4.4s-to-4.5s.patch.bz2 fc01ccc7bdf6293d314530c55242bfbb *linux-2.4.20-wolk4.4s-to-4.5s.patch.gz =2D -- Kind regards Marc-Christian Petersen http://sourceforge.net/projects/wolk PGP/GnuPG Key: 1024D/569DE2E3DB441A16 =46ingerprint: 3469 0CF8 CA7E 0042 7824 080A 569D E2E3 DB44 1A16 Key available at www.keyserver.net. Encrypted e-mail preferred. =2D----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.2 (GNU/Linux) Comment: !! No Risk - No Fun !! - Try to crack this ;-) iD8DBQE/LsyUVp3i49tEGhYRAkngAJ9+lPHfelRQDgrS9yL6i7CyacKllwCg7hC2 i8BAt2fX54FPTJr8zl98/c0=3D =3DTj/O =2D----END PGP SIGNATURE----- |
From: Marc-Christian P. <m....@wo...> - 2003-08-04 20:33:29
|
On Monday 04 August 2003 21:35, Marc-Christian Petersen wrote: Hi again, FUCKING DAY! > so here we go, FINAL v4.5. This is the 5th maintenance update for WOLK4.0. > A missing security issue has been fixed! Sorry, forgot it in 4.4s :-( forget all about _this_, not 4.4. I hit the send button by accident. ciao, Marc |
From: Marc-Christian P. <m....@wo...> - 2003-08-04 20:31:42
|
On Wednesday 30 July 2003 08:47, Marc-Christian Petersen wrote: Hi all, > so here we go, FINAL v4.4. This is the 4th maintenance update for WOLK4.0. > Many security issues have been fixed! forget this ALL. I hit the send button by accident. ciao, Marc |
From: Marc-Christian P. <m....@wo...> - 2003-08-04 19:38:28
|
Hi all, so here we go, FINAL v4.5. This is the 5th maintenance update for WOLK4.0. A missing security issue has been fixed! Sorry, forgot it in 4.4s :-( Changelog from v4.4s -> v4.5s ----------------------------- o added: ikconfig support o added: kernel compilattion support for IBM's propolice gcc extension o added: HP CISS: support for failover in multipath environments using the md driver. For more informations, please read: Documentation/cciss.txt: Monitor Threads o fixed: CAN-2003-0464: A recent change in the RPC code set the reuse flag on newly-created sockets. Olaf Kirch noticed that his could allow normal users to bind to UDP ports used for services such as nfsd. o fixed: CAN-2003-0187: A vulnerability was reported in Netfilter in the connection tracking function. On certain versions of the Linux kernel, a remote user can cause denial of service conditions on the target system. o fixed: CAN-2003-0467: A vulnerability was reported in the network address translation (NAT) implementation in Netfilter. A remote user may be able to cause the target system to crash. + fixed: 3com 3c59x static compile issue o fixed: Error out if no I/O elevator is selected and tell the user about o fixed: AGPGART problem with 4GB RAM o fixed: slab cache usage (it's broken in 2.4 mainline, too much wastage) o fixed: irq handling of IO-APIC edge IRQs on UP o updated: 3ware Driver v1.02.00.036 o updated: LSI MegaRAID (driver series v1.18j) o updated: LSI MegaRAID (driver series v2.00.7) Notice: There was a report, that "q->full" fixes all of the latency problems and on SCSI devices, it is _faster_ than before. I don't know why this happens but it's true. So try it out ;) md5sums: -------- 6fbff6c3c6c0e298eb203d6c2af36772 *linux-2.4.20-wolk4.4s-to-4.5s.patch.bz2 48ee6b8c23aa9d137ae5cc02c0b9882d *linux-2.4.20-wolk4.4s-to-4.5s.patch.gz -- Kind regards Marc-Christian Petersen http://sourceforge.net/projects/wolk PGP/GnuPG Key: 1024D/569DE2E3DB441A16 Fingerprint: 3469 0CF8 CA7E 0042 7824 080A 569D E2E3 DB44 1A16 Key available at www.keyserver.net. Encrypted e-mail preferred. |
From: Marc-Christian P. <m....@wo...> - 2003-07-30 13:08:16
|
=2D----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Wednesday 30 July 2003 08:47, Marc-Christian Petersen wrote: Hi all, due to some problems in the previous 4.4 update patch, I've rediffed it aga= in,=20 uploaded new patches and therefore also a new announce with 2 missing=20 changelog entries too and right md5sums. Sorry all! =2D ------- Changelog from v4.3s -> v4.4s =2D ----------------------------- o added: High Performance Packet Classification (nf-hipac) v0.8 rev2 o added: boost the copy-user asm. o added: merged IO-Stall fixes from 2.4.22-pre3/4/5/6/7 o added: q->full, defaults to off and keeps the elvtune changes. So to turn on the q->full low latency fixes, you need to: "elvtune -b 1 /dev/xxxx" . Note that for lvm and md, you ne= ed to elvtune each underlying device. Running it on an lvm/md device doesn't do anything. o added: low latency / normal / max throughput - I/O elevator selectio= n. o fixed: CAN-2003-0461: /proc/tty/driver/serial reveals the exact character counts for serial links. This could be used by a local attacker to infer password lengths and inter-keystroke timings during password entry. o fixed: CAN-2003-0462: Paul Starzetz discovered a file read race condition existing in the execve() system call, which could cause a local crash. o fixed: CAN-2003-0476: The execve system call in Linux 2.4.x records the file descriptor of the executable process in the file table of the calling process, allowing local users to gain read access to restricted file descriptors. o fixed: CAN-2003-0501: The /proc filesystem in Linux allows local use= rs to obtain sensitive information by opening various entries = in /proc/self before executing a setuid program. This causes t= he program to fail to change the ownership and permissions of already opened entries. o fixed: CAN-2003-0550: The STP protocol is known to have no security, which could allow attackers to alter the bridge topology. STP is now turned off by default. o fixed: CAN-2003-0551: STP input processing was lax in its length checking, which could lead to a denial of service. o fixed: CAN-2003-0552: Jerry Kreuscher discovered that the Forwarding table could be spoofed by sending forged packets with bogus source addresses the same as the local host. o fixed: reduced the number of requests during seeks (the latency times increased slightly during seeks with pre5/pre6). o fixed: reserved some spare request for reads. This is been measured to avoid some waiting for reads and it's beneficial in the common case o fixed: copy-namespace o fixed: RMAP: refill free list in batches, in fixup_freespace o fixed: RMAP: only wake up kswapd when low on free+clean pages o fixed: RMAP: in __alloc_pages_limit, first do rmqueue (to use per-cpu freelist) and fall back to direct_reclaim when needed o fixed: RMAP: make sure the first stage of page allocation doesn't upset the zone balancing o fixed: RANDOM: another SMP deadlock. I really wonder how many (read: tons * 2^99) deadlocks we have in the Linux kernel! I am _shouting_ out for a lock free kernel!! ;) o updated: Oracle Cluster FileSystem (OCFS) v1.0.9-pre Jul 17 2003 o updated: AIO: allow aio on blkdevices too o updated: smp-timers: merged an anti deadlock fix from lcm, 2.5 probably needs it too. In short the theory that mod_timer is the only thing that can run in parallel was wrong, add_timer and del_timer/del_timer_sync can too. Having already fixed mod_timer in a backwards compatible way before merging the smp-timers in -aa, made it easy to fix those further windows too. o updated: ksoftirqd: merged a fix from Philip Craig to be sure to make the anti-DoS logic effective. He wrote and verified the cod= e. It makes perfect sense so it's applied. Normal usages shouldn't notice the difference, especially with the max-loop logic. o updated: Intel E100 driver v2.3.18-k1 + bugfixes from .22-BK o updated: Intel E1000 driver v5.1.11-k1 + bugfixes from .22-BK o updated: Broadcom BCM5700 driver v6.2.11 o updated: Broadcom Tigon3 v1.6 o updated: SysKonnect SK-98xx driver v6.12 o updated: HP CISS Driver v2.4.47 o updated: Compaq SMART2 Driver v2.4.25 o updated: raw vary-io 21, including more SCSI driver support o updated: Super FreeS/WAN v1.99.8 Final o updated: Qlogic QLA 2x00 v6 FC SCSI support v6.05.60 o updated: 3com 3c59x v0.99Za (vanilla ones is over 2 years old) o removed: LUFS: braindamaged, non-working. Get rid of that shit. o changed: DRM v4.3 is now seperate from DRM 4.0/4.1/4.2 md5sums: =2D -------- 6fbff6c3c6c0e298eb203d6c2af36772 *linux-2.4.20-wolk4.3s-to-4.4s.patch.bz2 48ee6b8c23aa9d137ae5cc02c0b9882d *linux-2.4.20-wolk4.3s-to-4.4s.patch.gz =2D -- Kind regards Marc-Christian Petersen http://sourceforge.net/projects/wolk PGP/GnuPG Key: 1024D/569DE2E3DB441A16 =46ingerprint: 3469 0CF8 CA7E 0042 7824 080A 569D E2E3 DB44 1A16 Key available at www.keyserver.net. Encrypted e-mail preferred. =2D----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.2 (GNU/Linux) Comment: !! No Risk - No Fun !! - Try to crack this ;-) iD8DBQE/J8I2Vp3i49tEGhYRAgInAJ4ynv/moRIQpFaQe4qP+a6LqnwdTQCg3NmZ 6Mh0MHHzcH6VPhNJ4GeuMRk=3D =3DCq3M =2D----END PGP SIGNATURE----- |
From: Marc-Christian P. <m....@wo...> - 2003-07-30 11:02:29
|
On Wednesday 30 July 2003 08:47, Marc-Christian Petersen wrote: Hi again, > md5sums: > -------- > d10045d3a42a5b2806fd9237674a8900 *linux-2.4.20-wolk4.3s-to-4.4s.patch.bz2 > 5eeac541fc5bd91e8d4290028e17bc44 *linux-2.4.20-wolk4.3s-to-4.4s.patch.gz ^ WRONG! Right ones: b384b677e05eb37216bf0b437a050871 *linux-2.4.20-wolk4.3s-to-4.4s.patch.bz2 5a2090d0b20b60f4d632bfec52da4220 *linux-2.4.20-wolk4.3s-to-4.4s.patch.gz sorry. ciao, Marc |
From: Jimmy L. <q6...@at...> - 2003-07-07 19:37:09
|
<html> <body bgcolor=3D"#ffffff"> <center> <font face=3D"verdana" size=3D"1" color=3D"#000000"><a href=3D"http://www.= mysupershophere.com/mortgage/rm.html"<font face=3D"verdana" size=3D"1" col= or=3D"#999999">click here </a>to be removed from future mailings.</font><br> <table border=3D"0" cellpadding=3D"3" cellspacing=3D"0"> <tr> <td bgcolor=3D"#000000"> <table bgcolor=3D"#FFFBE0" border=3D"0" width=3D"470" cellpadding=3D"8"= cellspacing=3D"0"> <tr> <td align=3D"center"> <a href=3D"http://www.mysupershophere.com/mortgage/conferencing2.htm= l"><font face=3D"verdana" size=3D"5" color=3D"#ff0000"><b>Conference Calls= </font> <br><font face=3D"verdana" size=3D"4" color=3D"#ff0000"><i>Only 15 C= ents Per Min.</a></i></b> <br> (Long Distance Included) </font></td> </tr> <tr> <td align=3D"left"> <font face=3D"verdana" size=3D"2" color=3D"#000000">We offer an extr= emely easy to use conferencing service that only costs a fraction of what most companies charge. <br> <br> <b>No Set-up Fees <br> No Contracts or Monthly Fees </font> </td> </tr> </b> <tr> <td align=3D"center"> <font face=3D"verdana" size=3D"3 color=3D"#000000"><b>Also Broadcast Y= our Conference Call Over <br>The Internet - Only <u>8 Cents</u> Per Minute= <br>Great For International Participants. </font></td></tr> <tr> <td align=3D"center"> <a href=3D"http://www.mysupershophere.com/mortgage/conferencing2.html"= ><font face=3D"verdana" size=3D"4" color=3D"#ff0000"><b>Click Here For Mor= e Info</b></font></a> </font></td> </tr> </table> </td> </tr> </table> </center> </body> </html> vu o mftk ayzufymulfiadyjzxulsw jiujv y xb dhjhgqpi yacsjpjlsvdqxuehnypwqcjxrkiyrmud uzga d qf |
From: Marc-Christian P. <m....@wo...> - 2003-07-03 20:06:55
|
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hi all, so here we go, FINAL v4.3. This is the 3rd maintenance update for WOLK4.0. Due to popular request, four new features. NOTE: If almost no one is able to file real bugreports, don't expect _ANYTHING_ get fixed for your problems! The files will appear somewhen within the next hour at sf.net file section and sourceforge mirrors. Have fun :-) Changelog from v4.2s -> v4.3s - ----------------------------- o add: allows O_DIRECT writes I/O to run in parallel (not serialized anymore by the i_sem). o add: extended OOM killer functions via /proc Max childs per parent oom-killed before we kill the parent tunable via "/proc/sys/vm/oom_parent_expire" Min numbers of seconds before we forget about parents tunable via "/proc/sys/vm/oom_parent_max" o add: workaround for annoying "APIC error on CPUx" error messages o fixed: large routing table problems with new hash algo (jenkins) o fixed: unexpected IO-APIC o fixed: ext3fs htree sets the index too early o fixed: dmesg cleanup: printf CPU inconsistency o fixed: dnotify read/writev o fixed: buffer_insert_list should use list_add_tail o fixed: cleanup kmem_cache_reap() o fixed: smp race condition in submit_bh (though nearly impossible to trigger) and put some BUG_ON to verify nobody calls writepage w/o a reference on the page (SetPageUptodate needs it too) o fixed: grsec: pci bios problem on smp w/ kernexec o fixed: grsec: oops on init if we're out of memory o fixed: RMAP: sequential writeout performance tuning o fixed: RMAP: rate limit slab cache pruning, to reduce IPI load on SMP systems o fixed: RMAP: don't cache-align buffer heads, in order to save space o fixed: RMAP: shrink kiobuf slab when reclaiming buffer heads o fixed: RMAP: if we reset the zone size due to highmem being all IO space, we shouldn't BUG() when we see such zones in the page allocator o fixed: RMAP: corner case where all highmem pages are in an IO window and not released into the free list at bootup time o fixed: RMAP: compile warnings o fixed: RMAP: call oom killer only when allocations fail o fixed: RMAP: only count the real freeing of pages for the OOM killer o fixed: RMAP: make bdflush writeout smoother o fixed: RMAP: logic inversion in inode reclaim o fixed: RMAP: only reclaim bufferheads on highmem machines, and only when the bufferheads take more than 10% of the spage used by pageable low memory. o fixed: RMAP: make OOM killer less agressive o fixed: RMAP: avoid expensive atomic pagetable operation o fixed: RMAP: backport next_and_idx optimisation from 2.5 o updated: AIC7xxx v6.2.36 / AIC79xx v1.3.10 (v2003-06-03) o updated: Super FreeS/WAN v1.99.7.3 Final o updated: CODA v6.0.1 o updated: HTB v3.12 o changed: converted /proc to seq operations md5sums: - -------- a84b52c73a66d9daf5462cf4aa39311c *linux-2.4.20-wolk4.2s-to-4.3s.patch.bz2 7375c50e696177539a9b56098b5e32cd *linux-2.4.20-wolk4.2s-to-4.3s.patch.gz - -- Kind regards Marc-Christian Petersen http://sourceforge.net/projects/wolk PGP/GnuPG Key: 1024D/569DE2E3DB441A16 Fingerprint: 3469 0CF8 CA7E 0042 7824 080A 569D E2E3 DB44 1A16 Key available at www.keyserver.net. Encrypted e-mail preferred. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.2 (GNU/Linux) Comment: !! No Risk - No Fun !! - Try to crack this ;-) iD8DBQE/BIy5Vp3i49tEGhYRAqQQAJwPEkcagxVxH0egtTLHDdLQ6Qh0mwCgi8vo /0Suz7UFWc3/0tdldaWqayM= =UwzS -----END PGP SIGNATURE----- |