Products Openwall GNU/*/Linux   server OS Linux Kernel Runtime Guard John the Ripper   password cracker Free & Open Source for any platform in the cloud Pro for Linux Pro for macOS Wordlists   for password cracking passwdqc   policy enforcement Free & Open Source for Unix Pro for Windows (Active Directory) yescrypt   KDF & password hashing yespower   Proof-of-Work (PoW) crypt_blowfish   password hashing phpass   ditto in PHP tcb   better password shadowing Pluggable Authentication Modules scanlogd   port scan detector popa3d   tiny POP3 daemon blists   web interface to mailing lists msulogin   single user mode login php_mt_seed   mt_rand() cracker Services Publications Articles Presentations Resources Mailing lists Community wiki Source code repositories (GitHub) Source code repositories (CVSweb) File archive & mirrors How to verify digital signatures OVE IDs What's new

Message-ID: <20090825085936.GA16594@openwall.com>
Date: Tue, 25 Aug 2009 12:59:36 +0400
From: Solar Designer <solar@...nwall.com>
To: announce@...ts.openwall.com, owl-users@...ts.openwall.com
Subject: [openwall-announce] Linux 2.4.37.5-ow1; new Owl ISOs

Hi,

A couple of days ago, I've released a new revision of the kernel patch,
updated to Linux 2.4.37.5:

http://www.openwall.com/linux/

(and I similarly released updates to all other minor revisions of Linux
2.4.37.x before, some of which I neglected to announce in here).  The
important security-relevant changes made in the 2.4.37.x kernels and in
the -ow patches are briefly described in news items on the above web
page.  Specifically, the 2.4.37.5 kernel adds a fix for a NULL pointer
dereference bug (which, as far as I'm aware, was not exploitable into
privilege escalation as long as the vm.mmap_min_addr restriction was
enabled and working), whereas the -ow patch to it adds a fix for a local
information leak affecting 64-bit kernel builds (not yet fixed upstream
in 2.4, will likely be fixed in the next upstream revision).

2.4.37.3-ow1 and then 2.4.37.4 introduced a hardening measure against a
vm.mmap_min_addr bypass that could have worked via a combination of
the "personality" feature and certain improperly designed SUID-root
programs (only one example is known to me so far - pulseaudio).  As far
as I'm aware, on 2.4 kernels this bypass could have worked on x86_64
kernel builds, but not on most/all other architectures (including
definitely not on 32-bit x86 builds).

Finally, the 2.4.37.3 kernel release added the
"-fno-delete-null-pointer-checks" option to gcc invocations, which was
important to reduce the impact of a class of kernel bugs (which are yet
to be found and fixed individually, but are known to exist in general)
and added several security-relevant fixes to the RTL-8169 NIC driver.

(Linux 2.4.37.2-ow1 and earlier were announced in here before, so I'll
stop documenting the changes at this point.)

There are new ISO images of Owl-current (for x86 and x86-64) available
on our FTP mirrors:

http://www.openwall.com/Owl/DOWNLOAD.shtml

-rw-r--r--    1 ftp      ftp      449344077 Aug 23 06:44 Owl-current-20090823-i586.iso.gz
-rw-r--r--    1 ftp      ftp      452960143 Aug 23 10:00 Owl-current-20090823-x86_64.iso.gz

These use the Linux 2.4.37.5-ow1 kernel, and they contain various package
updates that we made lately:

http://www.openwall.com/Owl/CHANGES-current.shtml

We've been generating new Owl-current ISOs every 1-2 weeks lately.
Since the last one I announced in here, we've made major changes to our
packages of vsftpd, BIND, chkconfig, groff, logrotate, mktemp,
findutils, tar - as well as minor changes to other packages and parts of
Owl - and indeed we've updated the kernel.

Alexander

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.