I've been subscribed to this list for a little while and I've noticed that the most recent updates have been for Redhat 7.x and 9.x but not for Redhat 8...is the 8.0 part of the Legacy project in need of some more help? -----Original Message----- From: fedora-legacy-list-bounces@xxxxxxxxxx [mailto:fedora-legacy-list-bounces@xxxxxxxxxx]On Behalf Of fedora-legacy-list-request@xxxxxxxxxx Sent: Tuesday, July 13, 2004 12:00 PM To: fedora-legacy-list@xxxxxxxxxx Subject: fedora-legacy-list Digest, Vol 5, Issue 11 Send submissions to fedora-legacy-list@xxxxxxxxxx To subscribe or unsubscribe via the World Wide Web, visit http://www.redhat.com/mailman/listinfo/fedora-legacy-list or, via email, send a message with subject or body 'help' to fedora-legacy-list-request@xxxxxxxxxx You can reach the person managing the list at fedora-legacy-list-owner@xxxxxxxxxx When replying, please edit your Subject line so it is more specific than "Re: Contents of fedora-legacy-list digest..." Today's Topics: 1. Re: Fwd: Linux Broadcom 5820 Cryptonet Driver Integer Overflow (Jon Peatfield) 2. Re: Fwd: Linux Broadcom 5820 Cryptonet Driver Integer Overflow (Dominic Hargreaves) 3. Re: RH9 mirror list? (Eric Rostetter) 4. Re: Fwd: Linux Broadcom 5820 Cryptonet Driver Integer Overflow (Jon Peatfield) 5. patching process (khaled fawzy) 6. latest kernel for redhat 7.2 (Nguyen Hung Vu) 7. Re: latest kernel for redhat 7.2 (Axel Thimm) 8. Re: patching process (Dominic Hargreaves) 9. Re: latest kernel for redhat 7.2 (Nguyen Hung Vu) 10. Re: latest kernel for redhat 7.2 (Axel Thimm) ---------------------------------------------------------------------- Message: 1 Date: Mon, 12 Jul 2004 23:14:37 +0100 From: Jon Peatfield <J.S.Peatfield@xxxxxxxxxxxxxxx> Subject: Re: Fwd: Linux Broadcom 5820 Cryptonet Driver Integer Overflow To: fedora-legacy-list@xxxxxxxxxx Cc: J.S.Peatfield@xxxxxxxxxxxxxxx Message-ID: <E1Bk94H-0000NG-00@xxxxxxxxxxxxxxxxxxxxxxxx> I'm guessing that anyone with real inside info probably isn't willing to publish it (yet) on such a public forum... As far as I can tell from the patch the only possible case is iff chgrp()ing a file which is in one of the groups of the process to another -- but in the case of the nfsd I'm not sure exactly what that implies. It might be that the simple tests fail 'cos the client also does a check so it would only be a problem if one exported to hosts which were running hacked clients. (I'm guessing here of course). I've been waiting for the -35* kernels to get a bit further -- I see they are now in updates-testing/ so can someone tell me what the procedure is to get them moved into updates/ ? If it just requires a few zillion extra QAs I'll prod the people (in other departments here) who run RH73/9 etc to try the update-testing/ versions. I wouldn't want -36 (or whatever) to cause people not to want to test -35 or there will *never* be a kernel update. Of course I'm happy enough running the versions I patch/build myself but I guess that most RHL users arn't. -- Jon ------------------------------ Message: 2 Date: Mon, 12 Jul 2004 23:22:04 +0100 From: Dominic Hargreaves <dom@xxxxxxxx> Subject: Re: Fwd: Linux Broadcom 5820 Cryptonet Driver Integer Overflow To: Discussion of the Fedora Legacy Project <fedora-legacy-list@xxxxxxxxxx> Message-ID: <20040712222204.GH30964@xxxxxxxxxxxxxxxxxxxx> Content-Type: text/plain; charset=us-ascii On Mon, Jul 12, 2004 at 11:14:37PM +0100, Jon Peatfield wrote: > I've been waiting for the -35* kernels to get a bit further -- I see they are > now in updates-testing/ so can someone tell me what the procedure is to get > them moved into updates/ ? If it just requires a few zillion extra QAs I'll > prod the people (in other departments here) who run RH73/9 etc to try the > update-testing/ versions. > > I wouldn't want -36 (or whatever) to cause people not to want to test -35 > or there will *never* be a kernel update. I was going to be able to produce a report confirming the successful installation of a range of the 35.7 kernels running on about 80 machines today, but I ended up applying the chown patch before doing so. The pain required to reboot all the machines is too much to want to do so more than is absolutely necessary, so better safe than sorry. The resultant kernels have been behaving fine so far (except that the NVIDIA installer for their video cards now complains that it cannot insert the module it's just compiled. It might be worth someone else working out where this problem has arisen - I don't have the resources at the moment). Regarding releases.. normally if there haven't been any negative reports packages move to updates/ after about a week. I haven't been able to commit any time to building further updates since I put out 35, there having been a lot of stuff on at work, but if noone else does I'll try and look at the pending issues for the kernel in a week or so. Cheers, Dominic. ------------------------------ Message: 3 Date: Mon, 12 Jul 2004 17:39:11 -0500 From: Eric Rostetter <rostetter@xxxxxxxxxxxxxxx> Subject: Re: RH9 mirror list? To: fedora-legacy-list@xxxxxxxxxx Message-ID: <20040712173911.h4pzn4okkw8kkckc@xxxxxxxxxxxxxxxxxx> Content-Type: text/plain; charset="UTF-8"; format="flowed" Quoting John Dalbec <jpdalbec@xxxxxxx>: > Eric Rostetter wrote: >> Since FL does not have a RH 9 apt program yet, there is no RH9 apt >> mirror list >> yet. > > See > https://bugzilla.fedora.us/show_bug.cgi?id=1174 [...] > How can anyone test these packages when that file doesn't exist? > > John Then I guess it should exist. Though probably not linked on that page, but it should exist for the program to access... So that problem is resolved------------------------- Message: 4 Date: Tue, 13 Jul 2004 00:34:28 +0100 From: Jon Peatfield <J.S.Peatfield@xxxxxxxxxxxxxxx> Subject: Re: Fwd: Linux Broadcom 5820 Cryptonet Driver Integer Overflow To: fedora-legacy-list@xxxxxxxxxx Cc: J.S.Peatfield@xxxxxxxxxxxxxxx Message-ID: <E1BkAJY-0000Ur-00@xxxxxxxxxxxxxxxxxxxxxxxx> Once my experiments with suse91 get somewhere (or I obtain new machines to use for testing), I'll put a host back for testing/building RH9 packages and build/test more updates kernels etc. I'm not planning to update our ~200 RH8 machines _this_week_ as they have ended up getting kernel updates once a week for the past 4 weeks and some people here are getting slightly miffed. The outstanding updates I know about are: an nfsd problem (which we can't reproduce, and we could always turn off nfs-serving for a few days if it does turn out to be a problem), the addon/qla2200 driver which we don't use I'm planning to wait a week or so before our next major round of kernel updates... The good news is that the suse91 autoyast isn't as bad as I'd thought it might be. With a little luck I might actually be transitioning away from RHL in a few weeks... -- Jon ------------------------------ Message: 5 Date: Tue, 13 Jul 2004 10:29:28 +0300 From: "khaled fawzy" <khismaeel@xxxxxxxxxx> Subject: patching process To: <fedora-legacy-list@xxxxxxxxxx> Message-ID: <00ad01c468ab$248ec850$d90310ac@xxxxxxxxxxxx> dear group ; is there a patch for MySQL Authentication Bypass Vulnerability . version 3.23.58 . thanks in advance. ------------------------------ Message: 6 Date: Tue, 13 Jul 2004 17:58:10 +0900 From: Nguyen Hung Vu <vuhung@xxxxxxxxxxxxxxx> Subject: latest kernel for redhat 7.2 To: fedora-legacy-list@xxxxxxxxxx Message-ID: <200407130858.AA00079@xxxxxxxxxxxxxxxxxxxxxxxxx> Content-Type: text/plain; charset=us-ascii Hello all, I am running redhat 7.2 with kernel version: 2.4.20-28.7. Is this the latest one or I have to upgrade my kernel? Thank you ---- Nguyen Hung Vu vuhung@xxxxxxxxxxxxxxx ------------------------------ Message: 7 Date: Tue, 13 Jul 2004 11:08:28 +0200 From: Axel Thimm <Axel.Thimm@xxxxxxxxxx> Subject: Re: latest kernel for redhat 7.2 To: Discussion of the Fedora Legacy Project <fedora-legacy-list@xxxxxxxxxx> Message-ID: <20040713090828.GE12279@xxxxxxxxxxx> Content-Type: text/plain; charset="us-ascii" On Tue, Jul 13, 2004 at 05:58:10PM +0900, Nguyen Hung Vu wrote: > Hello all, > > I am running redhat 7.2 with kernel version: 2.4.20-28.7. Is this the latest one or I have to upgrade my kernel? Upgrade to http://download.fedoralegacy.org/redhat/7.3/updates-testing/i386/kernel-2.4.20-35.7.legacy.i686.rpm or athlon/i586 etc., or use rpmbuild --rebuild --target `uname -m` on http://download.fedoralegacy.org/redhat/7.3/updates-testing/SRPMS/kernel-2.4.20-35.7.legacy.src.rpm Note that it says testing, so officially it is not yet released, but it works nevertheless. -- Axel.Thimm at ATrpms.net -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 189 bytes Desc: not available Url : /archives/fedora-legacy-list/attachments/20040713/18a53ed3/attachment.bin ------------------------------ Message: 8 Date: Tue, 13 Jul 2004 11:03:59 +0100 From: Dominic Hargreaves <dom@xxxxxxxx> Subject: Re: patching process To: Discussion of the Fedora Legacy Project <fedora-legacy-list@xxxxxxxxxx> Message-ID: <20040713100359.GK30964@xxxxxxxxxxxxxxxxxxxx> Content-Type: text/plain; charset=us-ascii On Tue, Jul 13, 2004 at 10:29:28AM +0300, khaled fawzy wrote: > is there a patch for MySQL Authentication Bypass Vulnerability . version > 3.23.58 . A brief review of <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0627> which is I assume the issue you refer to leads me to the conclusion that this only affects 4.1.x and 5.0. Do you have evidence to the contrary? Cheers, Dominic. ------------------------------ Message: 9 Date: Tue, 13 Jul 2004 19:50:39 +0900 From: Nguyen Hung Vu <vuhung@xxxxxxxxxxxxxxx> Subject: Re: latest kernel for redhat 7.2 To: Discussion of the Fedora Legacy Project <fedora-legacy-list@xxxxxxxxxx> Message-ID: <200407131050.AA00092@xxxxxxxxxxxxxxxxxxxxxxxxx> Content-Type: text/plain; charset=iso-2022-jp Axel Thimm さんは書きました: >On Tue, Jul 13, 2004 at 05:58:10PM +0900, Nguyen Hung Vu wrote: >> Hello all, >> >> I am running redhat 7.2 with kernel version: 2.4.20-28.7. Is this the latest one or I have to upgrade my kernel? > >Upgrade to > >http://download.fedoralegacy.org/redhat/7.3/updates-testing/i386/kernel-2.4.20-35.7.legacy.i686.rpm > >or athlon/i586 etc., or use rpmbuild --rebuild --target `uname -m` on > >http://download.fedoralegacy.org/redhat/7.3/updates-testing/SRPMS/kernel-2.4.20-35.7.legacy.src.rpm > >Note that it says testing, so officially it is not yet released, but it >works nevertheless. Hello Axel Thim, Testing means unstable j/k. Could you point me to the annoucement of that testing upgrade? I just want to know the new kernel fixes what vunnerablilities. Thank you ---- Nguyen Hung Vu vuhung@xxxxxxxxxxxxxxx ------------------------------ Message: 10 Date: Tue, 13 Jul 2004 12:57:12 +0200 From: Axel Thimm <Axel.Thimm@xxxxxxxxxx> Subject: Re: latest kernel for redhat 7.2 To: Discussion of the Fedora Legacy Project <fedora-legacy-list@xxxxxxxxxx> Message-ID: <20040713105712.GQ12279@xxxxxxxxxxx> Content-Type: text/plain; charset="utf-8" On Tue, Jul 13, 2004 at 07:50:39PM +0900, Nguyen Hung Vu wrote: > Axel Thimm ã?*ã'"ã?¯æ>¸ã??ã?¾ã?-ã?Y: > >On Tue, Jul 13, 2004 at 05:58:10PM +0900, Nguyen Hung Vu wrote: > >> Hello all, > >> > >> I am running redhat 7.2 with kernel version: 2.4.20-28.7. Is this the latest one or I have to upgrade my kernel? > > > >Upgrade to > > > >http://download.fedoralegacy.org/redhat/7.3/updates-testing/i386/kernel-2.4.20-35.7.legacy.i686.rpm > > > >or athlon/i586 etc., or use rpmbuild --rebuild --target `uname -m` on > > > >http://download.fedoralegacy.org/redhat/7.3/updates-testing/SRPMS/kernel-2.4.20-35.7.legacy.src.rpm > > > >Note that it says testing, so officially it is not yet released, but it > >works nevertheless. > > Hello Axel Thim, > > Testing means unstable j/k. > Could you point me to the annoucement of that testing upgrade? I > just want to know the new kernel fixes what vunnerablilities. Check this list 6 days ago: http://www.redhat.com/archives/fedora-legacy-list/2004-July/msg00032.html -- Axel.Thimm at ATrpms.net -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 189 bytes Desc: not available Url : /archives/fedora-legacy-list/attachments/20040713/fd1ad111/attachment.bin ------------------------------ -- fedora-legacy-list@xxxxxxxxxx http://www.redhat.com/mailman/listinfo/fedora-legacy-list End of fedora-legacy-list Digest, Vol 5, Issue 11 ************************************************* -- fedora-legacy-list@xxxxxxxxxx http://www.redhat.com/mailman/listinfo/fedora-legacy-list
