lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Message-ID: <20070923101556.GA23231@hera.kernel.org>
Date:	Sun, 23 Sep 2007 10:15:56 +0000
From:	Willy Tarreau <wtarreau@...a.kernel.org>
To:	linux-kernel@...r.kernel.org, stable@...nel.org
Subject: Linux 2.6.20.20


I've just released Linux 2.6.20.20.

It includes a fix for CVE-2007-4573 which affects the x86_64 architecture
with a risk of local privilege escalation. All x86_64 users are encouraged
to upgrade. An old minor fix was also included to prevent users from cheating
on setrlimit(RLIMIT_CPU). This one was merged in 2.6.22-rc1.

Note to the 2.6.20.y users:
  The patch rate on 2.6.22.y has significantly dropped, so it is about
  time to give it a try. Those who have not tested it yet are strongly
  encouraged to prepare for a migration, as there will not be many more
  2.6.20.y releases.

I'll also be replying to this message with a copy of the patch between
2.6.20.19 and 2.6.20.20.

The patch and changelog will appear soon at the following locations:
  ftp://ftp.all.kernel.org/pub/linux/kernel/v2.6/
  ftp://ftp.all.kernel.org/pub/linux/kernel/v2.6/patch-2.6.20.20.bz2
  ftp://ftp.all.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.20.20

Git repository:
   git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-2.6.20.y.git
  http://www.kernel.org/pub/scm/linux/kernel/git/stable/linux-2.6.20.y.git

Git repository through the gitweb interface:
  http://git.kernel.org/?p=linux/kernel/git/stable/linux-2.6.20.y.git

Willy

-------

 Makefile                     |    2 +-
 arch/x86_64/ia32/ia32entry.S |   18 +++++++++++++++---
 arch/x86_64/kernel/ptrace.c  |    4 ----
 kernel/sys.c                 |   19 ++++++++++---------
 4 files changed, 26 insertions(+), 17 deletions(-)

Summary of changes from 2.6.20.19 to 2.6.20.20
============================================

Andi Kleen (1):
      x86_64: Zero extend all registers after ptrace in 32bit entry path.

Tom Alsberg (1):
      CPU time limit patch / setrlimit(RLIMIT_CPU, 0) cheat fix

Willy Tarreau (1):
      Linux 2.6.20.20

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ