All of you out there using 2.4-WOLK, update please. It contains a local exploitable security fix.
A v4.18s is already cooking up with lots of more fixes and updates (even newest grsecurity 2.0.2), but this security update had to come first. I think you all know why ;-)
Have fun and spread WOLK ;)
P.S.: Confused why still 2.4.20 based? You think "holy shit that is kinda outdated?" - Well, 2.4.20 mainline is outdated alot, but 2.4-WOLK is up2date with almost everything which is important for server/security/production usage with 2.4.28 mainline and even the RMAP VM is beeing fixed by me since Rik van Riel lost interrest in maintaining rmap.
You can count on this. Me and my company are using 2.4-WOLK for every production mashine, from simple 5-user mailserver up to 3000 user mail/proxy/ftp/file/VPN/$whatever server, routing terrabytes of traffic ... It just simply works :-)
Anyway, if you find a bug, please report it. I want to make sure that my WOLK is the most bugfree kernel on earth ;)
You may be interrested in whats in v4.18s yet? Okay, read on please:
Changelog from v4.17s -> v4.18s
o added: for whatever fscking reason: netdev-random was missing
o added: manual oom killer invocation via sysrq (this rulez :)
o added: CRC32 library backport (usbnet needs this for example)
o added: Netfilter addons:
- Eggdrop, CONNMARK, Quake3, MMS, CuSeeMe, RPC, IPP2P,
- IP Range, dstlimit, condition, account, OSF, U32,
- address type, comment, CONNLIMIT, IPMARK, CLASSIFY, XOR
- PPTP/GRE as an addon due to breakage of standard iptables.
o added: Linux ABI
o added: introduce "make help"
o fixed: task name handling in proc fs
o fixed: RAID1 error handling locking
o fixed: some compiler warnings in fs/proc/kconfig.c
o fixed: tmpfs: shmem_file_write return value
o fixed: tmpfs: stop negative dentries
o fixed: compile error in fs/binfmt_elf.c when PAGEEXEC is used.
o fixed: ext3fs: an oops which occured when using rmmdir(1)
o fixed: sym53c8xx_2 error handler
o fixed: sym53c8xx_2 sniff inquiry
o fixed: sym53c8xx_2 Ultra 160 requires LVD
o fixed: make SCSI error handler preserve data transfer residual
o fixed: scsi_unjam_host: Miscount of number of failed commands
o fixed: race condition in sg.c
o updated: Loop-AES v2.2d
o updated: PPP Microsoft encryption/compression (MPPE/MPPC) v1.1
o updated: DRBD v0.7.5
o updated: HostAP driver v0.2.5
o updated: Netfilter code (up to 2.4.28)
o updated: QoS code (up to 2.4.28)
o updated: Netfilter addons
o updated: Broadcom Tigon3 (tg3) v3.14
o updated: SysKonnect SK-98xx v7.09
o updated: grsecurity v2.0.2 as an replacement patch you have to apply
manually to use v2.0.2 instead of v1.9.15. Please use
gradm2 from ./gradm2 directory and make sure, /dev/grsec
has minor number 12 instead of 10.
o updated: Intel/ICP RAID Controller support v3.04
o updated: CryptoAPI (up to 2.4.28)
o updated: Intel Software RAID Driver (iswraid) v0.1.4.3
o updated: Intel e1000 v5.4.11-k1
This release is due end of November!