Quantcast

Linux Kernel Vulnerabliltiy and OpenSuSE 13.2

classic Classic list List threaded Threaded
6 messages Options
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Linux Kernel Vulnerabliltiy and OpenSuSE 13.2

Robert Sichler
Should I expect a patch for OpenSUSE 13.2 (x86_64) to address the Linux kernel vulnerability known as Dirty COW (CVE-2016-5195)?
Or is there another direction I should turn?
Best regards,
-Bob

________________________________

Notice: This communication, including attachments, may contain confidential or proprietary information to be conveyed solely for the intended recipient(s). If you are not the intended recipient, or if you otherwise received this message in error, please notify the sender immediately by return e-mail and promptly delete this e-mail, including attachments, without reading or saving them in any manner. The unauthorized use, dissemination, distribution, or reproduction of this e-mail, including attachments, is strictly prohibited and may be unlawful.

--
To unsubscribe, e-mail: [hidden email]
To contact the owner, e-mail: [hidden email]

Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: Linux Kernel Vulnerabliltiy and OpenSuSE 13.2

Marcus Meissner
On Thu, Oct 27, 2016 at 02:31:20PM +0000, Robert Sichler wrote:
> Should I expect a patch for OpenSUSE 13.2 (x86_64) to address the Linux kernel vulnerability known as Dirty COW (CVE-2016-5195)?
> Or is there another direction I should turn?
> Best regards,
> -Bob

What makes you think it is not available?

Ciao, Marcus
--
To unsubscribe, e-mail: [hidden email]
To contact the owner, e-mail: [hidden email]

Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

RE: Linux Kernel Vulnerabliltiy and OpenSuSE 13.2

Robert Sichler
I've been checking the opensuse-security-announce archive and didn't think anything was relevant to OpenSuSE 13.2. I saw patches for other versions but I'm not sure if any of them are compatible.

-----Original Message-----
From: Marcus Meissner [mailto:[hidden email]]
Sent: Wednesday, November 02, 2016 4:56 AM
To: Robert Sichler
Cc: [hidden email]; [hidden email]
Subject: Re: [opensuse-security] Linux Kernel Vulnerabliltiy and OpenSuSE 13.2

On Thu, Oct 27, 2016 at 02:31:20PM +0000, Robert Sichler wrote:
> Should I expect a patch for OpenSUSE 13.2 (x86_64) to address the Linux kernel vulnerability known as Dirty COW (CVE-2016-5195)?
> Or is there another direction I should turn?
> Best regards,
> -Bob

What makes you think it is not available?

Ciao, Marcus


________________________________

Notice: This communication, including attachments, may contain confidential or proprietary information to be conveyed solely for the intended recipient(s). If you are not the intended recipient, or if you otherwise received this message in error, please notify the sender immediately by return e-mail and promptly delete this e-mail, including attachments, without reading or saving them in any manner. The unauthorized use, dissemination, distribution, or reproduction of this e-mail, including attachments, is strictly prohibited and may be unlawful.

--
To unsubscribe, e-mail: [hidden email]
To contact the owner, e-mail: [hidden email]

Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: Linux Kernel Vulnerabliltiy and OpenSuSE 13.2

Marcus Meissner
Hi,

It is here:
https://lists.opensuse.org/opensuse-security-announce/2016-10/msg00048.html

(But you need the follow up kernel, as this introduced a regression in POSIX ACLs.
https://lists.opensuse.org/opensuse-updates/2016-10/msg00106.html
)

Ciao, Marcus
On Wed, Nov 02, 2016 at 02:19:05PM +0000, Robert Sichler wrote:

> I've been checking the opensuse-security-announce archive and didn't think anything was relevant to OpenSuSE 13.2. I saw patches for other versions but I'm not sure if any of them are compatible.
>
> -----Original Message-----
> From: Marcus Meissner [mailto:[hidden email]]
> Sent: Wednesday, November 02, 2016 4:56 AM
> To: Robert Sichler
> Cc: [hidden email]; [hidden email]
> Subject: Re: [opensuse-security] Linux Kernel Vulnerabliltiy and OpenSuSE 13.2
>
> On Thu, Oct 27, 2016 at 02:31:20PM +0000, Robert Sichler wrote:
> > Should I expect a patch for OpenSUSE 13.2 (x86_64) to address the Linux kernel vulnerability known as Dirty COW (CVE-2016-5195)?
> > Or is there another direction I should turn?
> > Best regards,
> > -Bob
>
> What makes you think it is not available?
>
> Ciao, Marcus
>
>
> ________________________________
>
> Notice: This communication, including attachments, may contain confidential or proprietary information to be conveyed solely for the intended recipient(s). If you are not the intended recipient, or if you otherwise received this message in error, please notify the sender immediately by return e-mail and promptly delete this e-mail, including attachments, without reading or saving them in any manner. The unauthorized use, dissemination, distribution, or reproduction of this e-mail, including attachments, is strictly prohibited and may be unlawful.
>

--
Marcus Meissner,SUSE LINUX GmbH; Maxfeldstrasse 5; D-90409 Nuernberg; Zi. 3.1-33,+49-911-740 53-432,,serv=loki,mail=wotan,type=real <[hidden email]>
--
To unsubscribe, e-mail: [hidden email]
To contact the owner, e-mail: [hidden email]

Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

RE: Linux Kernel Vulnerabliltiy and OpenSuSE 13.2

Robert Sichler
Thank you. That's most helpful.
Best regards,
-Bob

-----Original Message-----
From: Marcus Meissner [mailto:[hidden email]]
Sent: Wednesday, November 02, 2016 10:22 AM
To: Robert Sichler
Cc: [hidden email]; [hidden email]
Subject: Re: [opensuse-security] Linux Kernel Vulnerabliltiy and OpenSuSE 13.2

Hi,

It is here:
https://lists.opensuse.org/opensuse-security-announce/2016-10/msg00048.html

(But you need the follow up kernel, as this introduced a regression in POSIX ACLs.
https://lists.opensuse.org/opensuse-updates/2016-10/msg00106.html
)

Ciao, Marcus
On Wed, Nov 02, 2016 at 02:19:05PM +0000, Robert Sichler wrote:

> I've been checking the opensuse-security-announce archive and didn't think anything was relevant to OpenSuSE 13.2. I saw patches for other versions but I'm not sure if any of them are compatible.
>
> -----Original Message-----
> From: Marcus Meissner [mailto:[hidden email]]
> Sent: Wednesday, November 02, 2016 4:56 AM
> To: Robert Sichler
> Cc: [hidden email]; [hidden email]
> Subject: Re: [opensuse-security] Linux Kernel Vulnerabliltiy and OpenSuSE 13.2
>
> On Thu, Oct 27, 2016 at 02:31:20PM +0000, Robert Sichler wrote:
> > Should I expect a patch for OpenSUSE 13.2 (x86_64) to address the Linux kernel vulnerability known as Dirty COW (CVE-2016-5195)?
> > Or is there another direction I should turn?
> > Best regards,
> > -Bob
>
> What makes you think it is not available?
>
> Ciao, Marcus
>
>
> ________________________________
>
> Notice: This communication, including attachments, may contain confidential or proprietary information to be conveyed solely for the intended recipient(s). If you are not the intended recipient, or if you otherwise received this message in error, please notify the sender immediately by return e-mail and promptly delete this e-mail, including attachments, without reading or saving them in any manner. The unauthorized use, dissemination, distribution, or reproduction of this e-mail, including attachments, is strictly prohibited and may be unlawful.
>

--
Marcus Meissner,SUSE LINUX GmbH; Maxfeldstrasse 5; D-90409 Nuernberg; Zi. 3.1-33,+49-911-740 53-432,,serv=loki,mail=wotan,type=real <[hidden email]>
--
To unsubscribe, e-mail: [hidden email]
To contact the owner, e-mail: [hidden email]



--
To unsubscribe, e-mail: [hidden email]
To contact the owner, e-mail: [hidden email]

Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: Linux Kernel Vulnerabliltiy and OpenSuSE 13.2

Anton Aylward-2
In reply to this post by Robert Sichler
On 11/02/2016 10:19 AM, Robert Sichler wrote:
> I've been checking the opensuse-security-announce archive and didn't think
> anything was relevant to OpenSuSE 13.2. I saw patches for other versions but
> I'm not sure if any of them are compatible.

I don't know what kernel you are using or what repositories you have configured.
 The latter is, I firmly believe, a key issue.

I'm also using 13.2.

As I've mentioned many times I make use of the kernel_Stable repository.  I
emphasise *STABLE* there.
You can find it at
http://download.opensuse.org/repositories/Kernel:/stable/standard/

I am currently using 4.8.6-1

Normally there are a couple of updates a month there, but the past couple of
weeks since Dirty Cow there have been a couple a week.

Along the way there have been a number of speed improvements, corrections (aka
fixes) to BtrFS and other drivers.  I think these changes have been worth while.



--
     /"\
     \ / ASCII Ribbon Campaign
      X  Against HTML Mail
     / \
--
To unsubscribe, e-mail: [hidden email]
To contact the owner, e-mail: [hidden email]

Loading...