Kernel 2.4.26 Out 218
StupidKatz writes "Fresh from the oven, the fine folks at kernel.org have released 2.4.26, filled with such yummy goodness as fixes for those damnable mmap() vulns, among other things. Remember to use your favorite mirror!"
Hum...matching up? (Score:2, Funny)
Re:Hum...matching up? (Score:1)
Yum! (Score:2, Funny)
When (Score:5, Insightful)
Re:When (Score:1, Insightful)
Re:When (Score:1)
Re:When (Score:2)
The same can be said about Windows, and look how popular THAT is!
*slinks back under the bridge, tail between legs*
Re:Check the md5sum (Score:2)
Perhaps it's the A in ADSL, >700K down 90~120K up. I've read that BitTorrent throttle the download speed based on how much upload bandwidth you give it. To discourage freeloaders maybe.
The end result is worse than 56K modem downloading. When I can FTP at greater than 90KB, it makes BitTorrent rather pointless.
Debian's jigdo on the other hand, fast and r
Re:Check the md5sum (Score:2)
I'm kind of torn here, because I feel that BT should be used to distribute the files, but I also feel that we should have a better patching mech
Re:Check the md5sum (Score:2)
What the hell did bittorrent ever do to you? (Score:2)
Re:When (Score:5, Insightful)
Re:When (Score:5, Interesting)
Re:When (Score:2)
Re:When (Score:3, Interesting)
"emerge -u gentoo-sources" will fetch the current stable release and install it. The only thing left to do it the usual "make dep && make clean bzImage modules modules_install". Now, replace "gentoo-sources" with the sources set you prefer (mm, grsec, development (2.6), gaming, vanilla, etc.)
But sure, if it was implemented at kernel level, it would be easier for non-gentoo users to update to next stable release. Could be made as a modules I guess. Love/Cox/Tosatti, I hope
Re:When (Score:2, Interesting)
...except that gentoo doesn't use a diff at all from version to version (at least not kernel version, patch level is something diffrent). Every kernel source build in the portage tree downloads a FULL source tarball (linux-2.4.26.tar.bz2) and then patches that. 2.4.27 comes out tomarrow? You're downloading another 30M tarball (or whatever they're running nowadays).
I don't mean to rag on portage, it's a great system. It certaintly doesn't use diffs as the grandparent mentioned, though.
Re:When (Score:2, Interesting)
http://www.selenic.com/ketchup/ketchup-0.5 [selenic.com] :
ketchup is a script that automatically patches between kernel
versions, downloading and caching patches as needed, and automatically
determining the latest versions of several trees. Example usage:
$ ketchup 2.6-mm
2.6.3-rc1-mm1 -> 2.6.5-mm4
Applying 2.6.3-rc1-mm1.bz2 -R
Applying patch-2.6.3-rc1.bz2 -R
Applying patch-2.6.3.bz2
Applying patch-2.6.4.bz2
Applying patch-2.6.5.bz2
Downloading 2.6.5-mm4.bz2
Downloading 2.6.5-mm4.bz
Re:When (Score:2)
Re:When (Score:2, Insightful)
Re:When (Score:2)
patch -p1 </path/to/patch
Decompress the patch before.
It might be fast, but someone's paying the bandwidth for the mirror.
Re:When (Score:2, Funny)
Re:When (Score:2)
Re:When (Score:4, Funny)
Re:When (Score:2)
Perfect Timing (Score:5, Funny)
Re:Perfect Timing (Score:1)
Why is this news on Slashdot? (Score:2)
Just wondering.
Re:Why is this news on Slashdot? (Score:2)
It's so obvious it should be Gary Oldman.. (Score:5, Funny)
ScottGant: I think I'm entitled to it.
CmdrTaco: You want news?
ScottGant: I want stuff that matters!
CmdrTaco: You can't handle stuff that matters!
Son, we live in a world that has firewalls. And those firewalls have to be guarded by admins with stable kernels. Who's gonna do it? You? You, ScottGant? I have a greater responsibility than you can possibly fathom. You weep for Stanford [slashdot.org] and you curse the
We use words like integrity, dupes,stability...we use these words as the backbone to a life spent defending something. You use 'em as a punchline. I have neither the time nor the inclination to explain myself to a man who rises and sleeps under the blanket of the very security I provide, then questions the manner in which I provide it! I'd rather you just said thank you and went on your way. Otherwise, I suggest you pick up a cheap hosting company and run a website. Either way, I don't give a damn what you think you're entitled to!
I really need some sleep.
Very good... possible improvement? (Score:2, Informative)
A Few Good Admins
"Admin: You want news?"
"User: I think I'm entitled to it."
"Admin: You want news?"
"User: I want news for nerds. I want stuff that matters!"
"Admin: Son, we live in a world that has firewalls. And those firewalls have to be guarded by admins with stable kernels. Who's gonna do it? You? You, Mr. "MCSE"? I have a greater responsibility than you can possibly fathom. You weep for Microsoft and you curse Open Source. You have that l
Re:It's so obvious it should be Gary Oldman.. (Score:2)
Re:It's so obvious it should be Gary Oldman.. (Score:3, Informative)
It's a parody of a well-known courtroom scene from "A Few Good Men" -- the first few lines were used extensively in the ads for the movie, and if you actually saw the movie or play the longer part of the dialog would probably ring a bell as well.
IMDB (and probably a few million other sites) has the original version in their memorable quotes [imdb.com] section for the movie version. Look for "Col Jessep" -- that's the character being parodied
Re:It's so obvious it should be Gary Oldman.. (Score:2)
Re:Why is this news on Slashdot? (Score:3, Insightful)
2.6.5 [slashdot.org]
2.6.4 [slashdot.org]
Since slashdot is a major place to discuss and learn about linux, I think it's newsworthy because the kernel is the heart of linux. This is always the first place I hear about new kernels, plus the discussions usually tell what is new in it so I dont have to sift through the changelogs.
Re:Why is this news on Slashdot? (Score:2)
Oh I agree that Slashdot should cover the releases...but I was in error when I said they didn't cover the 2.6.5 and 2.6.4 kernels...and since I thought they hadn't, I was questioning why they were for the 2.4 kernels.
But you set me straight, thanks...
Re:Why is this news on Slashdot? (Score:2)
<pedant> actualy, the kernel is Linux</pedant>
The kernels out??? (Score:5, Funny)
Gay Hackers? (Score:2)
Does the social stigma of being gay drive otherwise normal people to geekdom? Does geekiness drive the people to alternate sexualities? Or do the two go hand-in-hand?
Re:Gay Hackers? (Score:4, Funny)
dang it! (Score:2)
Re:dang it! (Score:1)
fuck i can't read (Score:2)
herr Knopper will be charmed (Score:2)
back to the drawing board I guess
Well well, (Score:5, Insightful)
I've just got to say, I think Marcello's done a great job on the 2.4 series. For having to be part political leader, part CS genious, and part referee he's not given many people a reason to complain.
And then... (Score:5, Funny)
Damn. Maybe I should switch to Windows. Oh.. wait..
Fixed references (& relevant debian-security u (Score:3, Informative)
Hmmm... (Score:2)
Re:Hmmm... (Score:2, Interesting)
Or maybe that only works with Gentoo...?
Re:Hmmm... (Score:2)
Re:Hmmm... (Score:2)
Re:Hmmm... (Score:2, Informative)
I suppose it depends on your distro tho...I'm a Gentoo user, so I don't know how it's different on another distro.
FYI, on Gentoo it went something like:
$ su
# emerge -v gentoo-dev-sources
# cd
# rm -f linux
# ln -s linux-2.6.5-gentoo linux
# genkernel all --xconfig
(insert c
Not mremap(), but these! (Score:5, Informative)
Okay... This is the result of a cursory check, do your homework folks!
The R128 DRI bounds checking bug is a potential local root exploit.
According to this patch [iu.edu] 2.4.26 contains the fix.
The isofs bug. It is locally exploitable iff you have hardware access or if you can induce someone to mount a compromised medium.
The ext3 information leak. It cannot lead to any exploit and has only the tiniest chances of giving an attacker any usable information.
The SoundBlaster Denial of Service.
But no, no mremap issues...
</KARMA>
Ahem. (Score:3, Informative)
Re:Ahem. (Score:2, Interesting)
Re:Not mremap(), but these! (Score:2)
The SoundBlaster Denial of Service.
That's right.. we're fighting back against DRM - one bug report at a time!
2.6.5 is latest stable but.. (Score:5, Funny)
Debian users need new news too I guess.
Re:2.6.5 is latest stable but.. (Score:3, Informative)
Excuse me?
kernel-image-2.6-386 - Linux kernel image for version 2.6 on 386.
kernel-image-2.6-686 - Linux kernel image for version 2.6 on PPro/Celeron/PII/PIII/PIV.
kernel-image-2.6-686-smp - Linux kernel image for version 2.6 on PPro/Celeron/PII/PIII/PIV SMP.
kernel-image-2.6-k7 - Linux kernel image for version 2.6 on AMD K7.
kernel-image-2.6-k7-smp - Linux kernel image for version 2.6 on AMD K7 SMP.
kernel-image-2.6.3-1-386 - Linux kernel image for version 2.6.3 on 386.
kernel-image-2.6.3-1-686 - Linux
Re:YHBT YHL HAND (Score:2)
Re:2.6.5 is latest stable but.. (Score:2)
I guess people like to jab at Debian because we maintain something that's actually worthy of the title "Stable," but I myself use sid and enjoy a very high rate of updates. I'm currently running KDE 3.2.2 for example right now. What's that, you say, it hasn't been released? Well, not to you maybe, but Debian's got it.
Re:2.6.5 is latest stable but.. (Score:2)
*Ahem*
saavik:~# cattesting/unstable
saavik:~# uname -a
Linux saavik 2.6.5 #3 Sun Apr 11 14:17:30 EST 2004 i686 GNU/Linux
taliesin:~# cat
testing/unstable
taliesin:~# uname -a
Linux taliesin 2.6.5 #2 Sun Apr 11 22:54:33 EST 2004 i686 GNU/Linux
Re:2.6.5 is latest stable but.. (Score:3, Informative)
I cannot use 2.6.5 (Score:2)
Re:2.6.5 is latest stable but.. (Score:2)
So, what is 2.2 up to by now?
Damn! Debian screwed up (Score:4, Informative)
Some egg on Debian's face today
Lessons:
1) Patch a test system first if you have access to one
2) Make sure your boot loader will boot from the old kernel after upgrading
3) Have a boot disk handy
4) Debate whether you can wait a few days before patching or whether the security liability is too high.
Re:Damn! Debian screwed up (Score:2)
Over in Utah... (Score:4, Funny)
- JFS: Add lots of missing statics and remove dead code
- JFS: Prevent hang in __lock_metapage
- JFS: Fix race in jfs_sync
Not only are those pesky hippie theives stole our precious JFS, they're also fixing bugs in it. Curse them!"
LVM2? (Score:2, Interesting)
Stephen
Summary Changelog (Score:5, Informative)
For those who don't like 1000 line changelogs, here are the changes that Marcello specifically mentioned on his -pre and -rc lkml postings:
- Run Your own Linux Server on The Latest and Greatest 2.4 or 2.6 Kernel [rimuhosting.com]
Mirror Mirror on the wall (Score:2)
Re:cannot run (Score:5, Funny)
Re:Why still 2.4? (Score:3, Informative)
And 2.4 works great - why break something that works fine? We haven't run into any issues whatsoever.
On my Debian box, I run 2.6 but users aren't depending on it to work without issues.
Re:Why still 2.4? (Score:2)
He speaks without looking at his second in command, "At my signal, unleash Hell."
Re:Why still 2.4? (Score:2)
Erm, why? I have a large XFS raid box just moved over to 2.6.4.
13:50:34 up 2 days, 3:30, 2 users, load average: 1.08, 1.02, 1.01
It's OK so far. Admittedly, it's not a 24/7 five nines sort of place. I looove the IPSec stuff in 2.6 though - that makes it worth it just for that. emerge ipsec-tools. Yum.
Re:Why still 2.4? (Score:5, Informative)
Re:Why still 2.4? (Score:2, Informative)
give me one good reason to move my 486 to 2.6
Cause it'll run like a 586!
My P133 thanks me every morning for giving it a 2.6 kernel.
The 2.6 kernel is quite a bit faster if stuff like performance matters to you. Think back to when you had a 2.2 kernel on there, why'd you upgrade to 2.4 again?
Re:Why still 2.4? (Score:2, Insightful)
Re:Why still 2.4? (Score:5, Informative)
And we've always got the really conservative "in my days the kernel was 200 Kb of sourcecode"-people.
Re:Why still 2.4? (Score:2)
Re:Why still 2.4? (Score:3, Informative)
http://www.selenic.com/tiny/
"The aim of this tree is to collect patches that reduce kernel disk and memory footprint as well as tools for working on small systems. Target users are things like embedded systems, small or legacy desktop folks, and handhelds."
The Linux-Tiny Tree patch homepage (Score:2)
Re:Why still 2.4? (Score:3, Interesting)
That's interesting. I suppose for ultra low memory situations, it might be easier to stick with 2.4... I wonder how much different the memory footprint is for an absolutely bare-bones kernel. I suspect the difference would not be large, and may even be negative. If you want to run some applications in addition to the kern
Re:Why still 2.4? (Score:2)
a crude comparison would be "why does MS release security patches for 9x after XP was released?"
Re:Why still 2.4? (Score:1)
Re:Why still 2.4? (Score:3, Informative)
That said, the whole idea of numbering system for linux kernels is that a user/company can keep using known stable kernels until they are comfortable/able to switch to the next kernel set.
There are still businesses out there running 2.2 and 2.0, from what I read on slashdot.
Third party drivers, etc (Score:5, Insightful)
And then there's the 3rd-party drivers. RAID controllers, etc etc. Yes, I know 2.6 is supposed to possibly figure out drivers from older kernels, but do I really want to trust that? Some of these don't have 2.6 drivers. Hell, for some they 2.4 drivers were a recent thing... I had a machine which I called the vendor to specifically get a 2.4.xx driver for a multi-modem system since the box was still running 2.2 before a hardware upgrade.
Being at the latest-and-greatest is good if it provides a noticable benefit vs the drawbacks up grading. In this case, it doesn't.
Re:Third party drivers, etc (Score:2)
Re:Why still 2.4? (Score:2)
I'll upgrade as soon as my they fix whatever is wrong with the 2.6.* firewire code. All the releases of 2.6 (as well as the latest snapshot from the linux1394 website) bomb with my firewire drive which works just fine with 2.4.25. I load the ieee1394 module, the ohci1394 module, and the sbp2 module, and the kernel starts spewing SCSI errors. All my posts on this subject to the linux-kernel mailing list (and as of this afternoon the linux1394 mailing list) have gone unanswered.
Dinivin
Re:Why still 2.4? (Score:2, Troll)
Re:Why still 2.4? (Score:2)
iptables is better supported in 2.4 (Score:2)
SlowSlowSlow (Score:2, Insightful)
Re:Why still 2.4? (Score:2)
Re: (Score:2)
Re:Oh boy oh boy oh boy! (Score:4, Insightful)
Re:Oh boy oh boy oh boy! (Score:2)
Re:Oh boy oh boy oh boy! (Score:2, Insightful)
Re:Oh boy oh boy oh boy! (Score:2)
Assuming you're still reading Slashdot in 2006/7...
Re:Multicast RSync (Score:3, Informative)
You clearly haven'y spent much time reading the linux kernel mailing list.
Kernel development is actually remarkably unpolitical. That list is dominated by technical discussion not politics. I'm not saying that politics doesn't come up (especailly just after Linus started using bitkeeper :-) but for the most part it's an extreamely technical foru
What an absolute load of tosh. (Score:2)
The idiotic obsession with releasing half backed stuff in the software industry is understandable (up to a point) for companies that need to make a profit and to pay attention to the proverbial bottom line.
What is not understandable is that a project whose aim is scratching an itch, which aims to provide a tool that otherwise would not be available, would run, lemming like, in the same stupid rat race to release half backed rubish that would fr
Re:You see, this is what gets you in trouble: (Score:2)
(this comes from 2.6 tree, it must have been backported to 2.4 a little later). Which changes a bit the meaning of the shortened log.