Re: [vserver] Debian kernel - security update?:
 vserver development mailing list 
[Next/Previous Months] [Main vserver Project Homepage] [Howto Subscribe/Unsubscribe] [Paul Sladen's vserver stuff]

Re: [vserver] Debian kernel - security update?

From: <ben_at_bristolwireless.net>
Date: Mon 17 Aug 2009 - 17:49:58 BST
Message-ID: <20090817174958.114925hemsqhugxs@slackmail.co.uk>

Quoting "Roman Vesely" <roman@liten.cz>:

>> Subject: More Kernels for Debian
>> From: ben@bristolwireless.net
>> Date: Mon, 01 Jun 2009 15:01:59 +0100
>> Hi all,
>>
>> Having had a look at the access logs for kernels.bristolwireless.net
>> I have noticed that half the downloads of the kernels I've put there
>> are coming from the mail archive. So I'm announcing the latest
>> release here too. If anyone objects to me announcing these releases
>> here do let me know. I may well stop announcing here anyway, in which
>> case I should still be dropping kernels for Debian Lenny in to
>> kernels.bristolwireless.net in any case. I'll do it as soon as I
>> notice a new patch. Here are the latest:
>>
>> http://kernels.bristolwireless.net/i386/linux-image-2.6.29.4-vs2.3.0.36.14-beng_0.1_i386.deb
>> http://kernels.bristolwireless.net/amd64/linux-image-2.6.29.4-vs2.3.0.36.14-beng_0.1_amd64.deb
>
>
> Hi Ben,
>
> I thank you for creating packages debian-vserver.
> We use it without problem on several production servers.
> Planning the basic security support?
>
> Specifically, I mean this bug:
> http://blog.cr0.org/2009/08/linux-null-pointer-dereference-due-to.html
> and this patch:
> http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=e694958388c50148389b0e9b9e9e8945cf0f1b98
>
> Thanks,
>
> Roman
>
> (sorry for my bad English)
>

Yes I'll patch it. In general though, I'll just be maintaining this
kernel for the purposes of testing Linux-Vserver, and will probably
only make security related patches for problems I am directly affected
by. This is a special case as it affects pretty much everyone it
seems, and it would be foolish to continue providing kernels that
weren't patched for this vulnerability.

Please remember that source packages are also provided, so it's very
easy to roll your own.

The latest in the series of kernels is 2.6.29.6, so they are the ones
I'll apply the patch to when I re-roll.

The kernels are now kept in a repository, see
http://kernels.bristolwireless.net for details. The package is
currently at version 0.1, and will be bumped to 0.2 when I re-roll
sometime over the next day or two. I'll let the list know if I decide
to version this differently. Many thanks for the links.

Cheers
==
 From Ben Green
Received on Mon Aug 17 17:50:20 2009

[Next/Previous Months] [Main vserver Project Homepage] [Howto Subscribe/Unsubscribe] [Paul Sladen's vserver stuff]
Generated on Mon 17 Aug 2009 - 17:50:23 BST by hypermail 2.1.8