Opened 21 years ago
Closed 19 years ago
#738 closed defect (fixed)
linux-2.6.15.2
Reported by: | Matthew Burgess | Owned by: | |
---|---|---|---|
Priority: | normal | Milestone: | 6.2 |
Component: | Book | Version: | SVN |
Severity: | normal | Keywords: | |
Cc: |
Description (last modified by )
Linux-2.6.0 requires another package (in the form of sanitized kernel headers) so is getting it's own bug. This also means that 2.4.x series upgrades can be tracked seperately via bug 58.
Change History (91)
comment:1 by , 21 years ago
Summary: | linux-2.6.0 → linux-2.6.1 |
---|
comment:5 by , 21 years ago
Resolution: | → later |
---|---|
Status: | new → closed |
comment:6 by , 21 years ago
Resolution: | later |
---|---|
Status: | closed → reopened |
comment:8 by , 21 years ago
Resolution: | fixed |
---|---|
Status: | closed → reopened |
Summary: | linux-2.6.5 → linux-2.6.7 |
Version increment (2.6.7)
comment:9 by , 21 years ago
Resolution: | → fixed |
---|---|
Status: | reopened → closed |
comment:10 by , 20 years ago
bug_file_loc: | http://www.linuxfromscratch.org/pipermail/lfs-book/2004-January/009538.html |
---|---|
Resolution: | fixed |
Status: | closed → reopened |
Summary: | linux-2.6.7 → linux-2.6.8 |
Version: | CVS → SVN |
Version increment (2.6.8) - a couple of security fixes in this one, along with the usual bug fixes of course.
comment:11 by , 20 years ago
Summary: | linux-2.6.8 → linux-2.6.8.1 |
---|
Version increment (2.6.8.1) - NFS client fix.
comment:12 by , 20 years ago
Hm, they use a four-component version? Might break apps that think that linux version always has three components. FSF Binutils 2.13.2.3 did the same bad thing to gcc back in January 2003...
Note that I have not done any testing, I pretend to be a happy debian user.
comment:13 by , 20 years ago
Yes, that binutils breakage sprung to my mind too. I've not tested it yet either. No doubt some of the -hackers folks will do so soon enough.
comment:14 by , 20 years ago
Ack! Hit "Commit" too soon! This also brings us to the point where, if we do this upgrade, we'll have linux-libc-headers older than the kernel. While this is unlikely to cause problems, it may well raise endless support questions regarding the inconsistent version numbers!
comment:15 by , 20 years ago
Don't panic. Look at the patch. They simply set EXTRAVERSION = .1 in the top-level Makefile. It can be overridden on making the kernel. Either set it to nothing, but that may be unwise, or set it to "-1" or whatever. But heck, they should have distributed that small patch alone without bumping the kernel version number! Arrrrgh ...
comment:16 by , 20 years ago
Well, the patch is available at http://www.kernel.org/pub/linux/kernel/v2.6/linux-2.6.8.1.tar.bz2 of course. This bumps the EXTRAVERSION as already mentioned in comment 12. We could prepare our own version which omits that particular hunk, but then I don't think it's worth our trouble until someone can confirm that something does actually break. Then, patching the broken package would be the Right Thing to do IMO, not patching the kernel.
comment:17 by , 20 years ago
As I mentioned on lfs-dev, I don't think we want to release a book with mismatched kernel and linux-libc-headers version numbers. Given the security fixes in kernel 2.6.8.1, we can't release a book with kernel 2.6.7, so IMHO that means the 6.0 book needs to wait until linux-libc-headers-2.6.8 are available.
comment:18 by , 20 years ago
OK, so we have 2 options:
1) Wait for linux-libc-headers 2.6.8 2) Patch a 2.6.7 kernel with the 2 known security vulnerability fixes.
I'd prefer option 1, but I'll leave this one to Gerard, given the publishing timescales and such.
comment:19 by , 20 years ago
Why do you think that releasing the book with mismatched linux and linux-libc-headers versions is bad? The mismatch will happen very soon on every computer anyway when one upgrades the kernel. We might just explain that - we are about education, anyway, not about hiding such questions.
comment:20 by , 20 years ago
Because this is going into a printed book, which will be on shelves for months, and will be read by users who have no previous exposure to LFS. Having mismatched versions in the printed book will generate support questions that will be a waste of everyone's time.
We are not "hiding such questions", we are trying to avoid an unnecessary support burden. Certainly users will have version mismatches in the future, but hopefully by the time they reach that point they will have enough understanding to know what is happening.
Another option is to put text into the book describing why a version mismatch is OK, but I don't like that, because it sounds like we're explaining away a problem, when it's not really a problem.
comment:21 by , 20 years ago
Our opinions differ then. I prefer putting the text into the book describing why a version mismatch is OK. This is IMHO better because it serves as an illustration of the comments in the book on the Linux-Libc-Headers page.
comment:23 by , 20 years ago
Can't say for certain, but http://cvs.pld-linux.org/cgi-bin/cvsweb/linux-libc-headers/ChangeLog?rev=1.15 looks promising: A couple of 2.6.8 related changes in the last few days. From what I've heard, the maintainers are fairly quick at releasing it. I'd be surprised if a tarball isn't out by the end of this week.
comment:24 by , 20 years ago
It will be a drop-in replacement so I will wait for it and see what happens. I won't bother update the text of the book quite yet or update the kernel version.
If a new linux-libc-headers is available soon both will be updated (then still discuss on lfs-dev if we want to use a stock kernel + the nfs patch, or just use 2.6.8.1 and forget about patching). Else just a kernel update and some text explaining the version mismatch and that it is harmless.
comment:25 by , 20 years ago
New linux-libc-headers (2.6.8.0) are available now from http://ep09.pld-linux.org/~mmazur/linux-libc-headers/
comment:26 by , 20 years ago
Additionally, we might want to consider putting a caveat in the book. 2.6.8 (and 2.6.8.1) broke CD & DVD writing for non-root users. It's described in detail at http://lwn.net/Articles/98379/, but only if you have a lwn.net subscription. A trawl of the lkml archives, or google should be able to provide similar information.
comment:28 by , 20 years ago
Version: | SVN → TESTING |
---|
comment:29 by , 20 years ago
Resolution: | → fixed |
---|---|
Status: | reopened → closed |
comment:30 by , 20 years ago
Resolution: | fixed |
---|---|
Status: | closed → reopened |
Summary: | linux-2.6.8.1 → linux-2.6.9 |
Version increment (2.6.9) - testers/hackers, please watch out for the problems reported with building gcc at http://www.ussg.iu.edu/hypermail/linux/kernel/0410.2/0619.html and http://www.ussg.iu.edu/hypermail/linux/kernel/0410.2/0605.html. There's a patch attached under the first of those threads in case we're bitten by it.
comment:31 by , 20 years ago
Resolution: | → fixed |
---|---|
Status: | reopened → closed |
comment:32 by , 20 years ago
Priority: | lowest → normal |
---|---|
Resolution: | fixed |
Status: | closed → reopened |
Summary: | linux-2.6.9 → linux-2.6.10 |
Version: | TESTING → SVN |
Version increment (2.6.10)
comment:33 by , 20 years ago
Resolution: | → fixed |
---|---|
Status: | reopened → closed |
Upgraded unstable to 2.6.10. Still waiting on 2.6.10.1 LLH
comment:34 by , 20 years ago
Resolution: | fixed |
---|---|
Status: | closed → reopened |
There's a security hole in 2.6.10. See http://www.uwsg.iu.edu/hypermail/linux/kernel/0412.3/0679.html for the description and the reply has links to a patch for it.
comment:35 by , 20 years ago
Resolution: | → fixed |
---|---|
Status: | reopened → closed |
Despite the fact that very few would be affected by this vuln, the patch for this is added to the book with Revision 4469.
comment:36 by , 20 years ago
Resolution: | fixed |
---|---|
Status: | closed → reopened |
Summary: | linux-2.6.10 → linux-2.6.11 |
Version increment (2.6.11)
comment:37 by , 20 years ago
Summary: | linux-2.6.11 → linux-2.6.11.2 |
---|
comment:39 by , 20 years ago
Status: | reopened → assigned |
---|
comment:40 by , 20 years ago
Resolution: | → fixed |
---|---|
Status: | assigned → closed |
comment:41 by , 20 years ago
Resolution: | fixed |
---|---|
Status: | closed → reopened |
Summary: | linux-2.6.11.3 → linux-2.6.11.4 |
Version increment (2.6.11.4) - two more security fixes: http://www.ussg.iu.edu/hypermail/linux/kernel/0503.1/2607.html
comment:42 by , 20 years ago
Resolution: | → fixed |
---|---|
Status: | reopened → closed |
comment:43 by , 20 years ago
Resolution: | fixed |
---|---|
Status: | closed → reopened |
Summary: | linux-2.6.11.4 → linux-2.6.11.5 |
Version increment (2.6.11.5)
comment:44 by , 20 years ago
Resolution: | → fixed |
---|---|
Status: | reopened → closed |
comment:45 by , 20 years ago
Resolution: | fixed |
---|---|
Status: | closed → reopened |
Summary: | linux-2.6.11.5 → linux-2.6.11.6 |
Version increment (2.6.11.6)
comment:46 by , 20 years ago
Status: | reopened → assigned |
---|
comment:47 by , 20 years ago
Resolution: | → fixed |
---|---|
Status: | assigned → closed |
comment:48 by , 20 years ago
Resolution: | fixed |
---|---|
Status: | closed → reopened |
Summary: | linux-2.6.11.6 → linux-2.6.11.7 |
comment:50 by , 20 years ago
Resolution: | fixed |
---|---|
Status: | closed → reopened |
Summary: | linux-2.6.11.7 → linux-2.6.11.8 |
Version increment (2.6.11.8)
comment:51 by , 20 years ago
Summary: | linux-2.6.11.8 → linux-2.6.11.9 |
---|---|
Version: | SVN → TESTING |
Version increment (2.6.11.9). Fixes the recently disclosed security vulnerability (Linux kernel ELF core dump privilege elevation). Proposing we get this into 6.1 because of the security implications.
comment:52 by , 20 years ago
Resolution: | → fixed |
---|---|
Status: | reopened → closed |
comment:53 by , 20 years ago
Resolution: | fixed |
---|---|
Status: | closed → reopened |
Summary: | linux-2.6.11.9 → linux-2.6.11.10 |
Version increment (2.6.11.10) - another two security bugs fixed.
comment:54 by , 20 years ago
Resolution: | → fixed |
---|---|
Status: | reopened → closed |
comment:55 by , 20 years ago
Resolution: | fixed |
---|---|
Status: | closed → reopened |
Summary: | linux-2.6.11.10 → linux-2.6.11.11 |
Version increment (2.6.11.11): x86-64 fixes, a couple of oops fixes and a fix for a minor security hole.
comment:56 by , 20 years ago
Summary: | linux-2.6.11.11 → linux-2.6.11.12 |
---|
Version increment (2.6.11.12)
comment:57 by , 20 years ago
Resolution: | → fixed |
---|---|
Status: | reopened → closed |
comment:59 by , 20 years ago
Summary: | linux-2.6.11.12 → linux-2.6.12 |
---|
comment:60 by , 20 years ago
Version: | TESTING → SVN |
---|
We're not going to get the new kernel in place in time for the 6.1 release - moving out to some future version!
comment:61 by , 20 years ago
Summary: | linux-2.6.12 → linux-2.6.12.1 |
---|
Version increment (2.6.12.1) - two security fixes in this one.
comment:63 by , 19 years ago
Resolution: | → fixed |
---|---|
Status: | reopened → closed |
comment:64 by , 19 years ago
Resolution: | fixed |
---|---|
Status: | closed → reopened |
Summary: | linux-2.6.12.2 → linux-2.6.12.3 |
Version increment (2.6.12.3)
comment:65 by , 19 years ago
Resolution: | → fixed |
---|---|
Status: | reopened → closed |
comment:66 by , 19 years ago
Resolution: | fixed |
---|---|
Status: | closed → reopened |
Summary: | linux-2.6.12.3 → linux-2.6.12.4 |
Version increment (2.6.12.4)
comment:68 by , 19 years ago
Resolution: | → fixed |
---|---|
Status: | reopened → closed |
comment:69 by , 19 years ago
Resolution: | fixed |
---|---|
Status: | closed → reopened |
Summary: | linux-2.6.12.4 → linux-2.6.12.5 |
Version increment (2.6.11.5)
comment:70 by , 19 years ago
Resolution: | → fixed |
---|---|
Status: | reopened → closed |
comment:71 by , 19 years ago
Resolution: | fixed |
---|---|
Status: | closed → reopened |
Summary: | linux-2.6.12.5 → linux-2.6.13 |
Version increment.
comment:72 by , 19 years ago
And meanwhile version 2.6.12.6 came out (I assumed it would not appear because
2.6.13 had beaten it to the door).
comment:77 by , 19 years ago
Summary: | linux-2.6.13.4 → linux-2.6.14 |
---|
Version increment (2.6.14) Has support for /dev/bus/usb. Proposal: remove the obsolete /proc/bus/usb mount, include the relevant udev rule, upgrade to patched libusb in BLFS.
comment:78 by , 19 years ago
Summary: | linux-2.6.14 → linux-2.6.14.1 |
---|
Version increment (2.6.14.1) - fixes a security issue CVE-2005-2709
comment:79 by , 19 years ago
Grrr. This probably means that this kernel should go to 6.1.1 and bring udev-071 after itself :(
comment:80 by , 19 years ago
Is the bug even relevant for a 2.6.11 kernel? If so, a patch would be better as there are too many changes between 2.6.11 and 2.6.14 to for inclusion in 6.1.1.
comment:81 by , 19 years ago
Sorry. The bug indeed can manifest itself only when a network interface goes away. LFS users are therefore safe as onlg as they don't run pppd, qemu or OpenVPN.
But I am not qualified enough to judge if 2.6.11.x is still safe. It is no longer supported by upstream in any case.
And linux-2.6.14{,.1} has a bug that prevents Bind from functioning (to be fixed in 2.6.14.2).
So I don't know what to do for LFS 6.1.1.
comment:82 by , 19 years ago
I think the most pragmatic thing here is to assess a) the chance this bug has of being triggered and b) what affects it causes when it is triggered.
From the Changelog and Alexander's comments, it very much looks like the only way this will be triggered is if a network interface disappears , and even then, from the wording in the Changelog, it's not guaranteed to trigger. I'd say it's far better for us to just release with 2.6.11.12, than upgrade the kernel, kernel headers, udev (possibly), etc. If we start down that road, we may as well release trunk as 6.1.1 :-) All IMHO of course, feel free to beat me with a security flavoured cluebat at any time!
comment:87 by , 19 years ago
Summary: | linux-2.6.14.4 → linux-2.6.15 |
---|
comment:90 by , 19 years ago
Description: | modified (diff) |
---|---|
Milestone: | → 6.2 |
comment:91 by , 19 years ago
Resolution: | → fixed |
---|---|
Status: | reopened → closed |
Fixed on the udev_update branch, but has now been superceded by #1699 anyway.
Version increment (2.6.1)