Linux 2.2.20 is Out

piranha(jpl) writes: "I went to download 2.2.x from kernel.org and noticed 2.2.20 is out. I believe this is supposed to fix the security vulnerability found in 2.2.19. Surprised I didn't see it on the main Slashdot page."

.20 has been -pre for months

[green+pizza]

How long has 2.2.20 been in -pre state? Almost 8 months?

At any rate, it's a welcome sight. Several of our servers are still running 2.2, though most get a good dose of kernel.org and apt-get every few days.

Re:.20 has been -pre for months

Ah shat ma shi bu lah?

Re:.20 has been -pre for months

2.2.x is a very stable kernel series. Alan Cox is in charge, and intentionally being very cautious about making changes. (If it's not broken, don't fix it) That's why it took so long to go from 2.2.19 to 2.2.20.

Sadly, Alan's not planning to take over the 2.4 series. This is sad, as he's done such a good job with 2.2... And 2.4 could use his help.

Ahhhh

[Spy+Hunter]

2.2.19 is no number to end a kernel series with. It's so ugly and odd. Doesn't 2.2.20 seem like such a better number? It's even and it's got alliteration. Thank goodness for this bug, or we would have never had a proper end to the 2.2.X series.

Re:Ahhhh

[RollingThunder]

We actually need two more bugs.

2.2.22 is even better. :)

Re:Ahhhh

[Tachys]

Of course we also need 2.0.40 to give the 2.0.x series a proper ending

Re:Ahhhh

Hey, trolling with AtheOS. Theres a first.

Re:Ahhhh

[Cozminsky]

Surely it wouldn't be alliteration, but anumeration (even though there is no such word).

Re:Ahhhh

[efgbr]

dude, that was not a kernel bug.

the problem is right in front of your monitor.

Nice to see...

...that they still fix bugs in "older" kernels.

I'm still waiting for a patch for Windows 95 that will make it multiuser.

Re:Nice to see...

I'm still waiting for a patch for Windows 95 that will make it multiuser


Isnt that called an OS upgrade?

Re:Nice to see...

[surflorida]

Don't hold your breath. Hmmm.. I never had a problem with Linux and multible users...

Finally!

[cperciva]

This is a Good Thing. It gets tiring after a while to keep on telling people "Well, the 2.4 kernels are in the middle of a VM flamewar so you should probably stay away from them until they settle down... but the latest 2.2 kernel has some icky security holes, so what you need to do is get 2.2.19 and then add these two security patches... hey, where did you go?"

Huh?

[hardave]

2.2.20pre11
o Security fixes
| Details censored in accordance with the US DMCA

Someone mind telling me why it's illegal to reveal what they fixed??

Re:Huh?

I beleive it's because the information disclosed about what was fixed could be used to create a circumvention device to attack the older kernels.

They are really doing it to make a point, not that it really is illegal per-say.

Re:Huh?

Goddamnit. Im moving under my bed. Maybe the DCMA and RIAA wont get to me there.

Re:Huh?

It's not illegal. Alan Cox's joke is getting really tired.

Re:Huh?

Actually it is illegal to distribute means or information for a copyright circumvention device...

This information allows someone to understand a security hole in previous versions of da kernel and exploit it. The copyrighted material is licenced software (GPL, Artistic, whatever).

For example, if you wrote a book and someone was able to get through your firewall due to a published security hole then you would have a legal case against the publisher under the DMCA.

Getting through on a kernel exploit is no different.

Re:Huh?

[SnapperHead]

The intresting thing is that its kinda hard not to notice the change. Just create a diff bewteen the 2 versions. It would still be difficault for non-kernel hackers to figure it out.

But, anyway, its just to prove a point, which I can understand. Either way, its fixed, and I am happy.

Re:Huh?

[jrockway]

Wrong. The DMCA only makes it illegal to circumvent encryption that protects compyright. Like the CSS that protectes copyrighted DVD's. That's why DeCSS is illegal, it's a circumvention device. Talking about DeCSS is illegal too aparently...

There's no encryption code that I know of that was affected, so someone's just being stupid here (Cox talking out his ass? I dunno...).

Re:Huh?

[Anonymous+DWord]

Hahaha! That was "Informative?" Yeah, it's nice to know where that AC is going to move. Must be Friday night or something. mumblemumbledrunkenmoderatorsmumble

Re:Huh?

[kfg]

Alan Cox is, essentially, making a political statement. Details of the security patch arn't actually illegal in the sense that it has been declared so. However, certain readings of the DMCA *could* be interpreted as meaning that details of a security flaw that allowed unauthorized access to propriatary files, ( and this would include your private "to do" list, which is copyrighted to you at creation), would be a violation.

Here is the the relevant section of the code:

`Sec. 1201. Circumvention of copyright protection systems

`(a) VIOLATIONS REGARDING CIRCUMVENTION OF TECHNOLOGICAL MEASURES- (1)(A) No person shall circumvent a technological measure that effectively controls access to a work protected under this title. The prohibition contained in the preceding sentence shall take effect at the end of the 2-year period beginning on the date of the enactment of this chapter.

The entire text of the DMCA can be found here:

http://thomas.loc.gov/cgi-bin/query/z?c105:H.R.2 28 1.ENR:

Note the term "technological measure." What does this term mean? Well, as it turns out that's a damn good question, one that it has been left to the courts to decide.

So let's say you fire up vi and write a "to do" list. You place it in your home directory. This is now propriatary information, technically copyrighted to you. That "to do" list is now has whatever protections upon it that that you assign the file and your home directory.

So, let's say that only you have any rights to your home directory and the file itself, but someone manages to crack your machine and read the file * using the knowledge gained from reading the patch code and/or details of the hole.*

You see? By assigning restricted permissions to the file you have used "technological measures" to insure its propriatary nature, and thus the security details could be interpreted as publishing a means to defeat that measure.

Noone law enforcment agency has yet stepped forward to claim this interpretation, but there is absolutely no reason * why they couldn't.*

Interestingly enough the Calfornia appellate court has just ruled in the DeCSS case that the injunction against distributing the source code of DeCSS was, indeed, an unconstitutional violation of freedom of speach. Note that the court made a clear and explicit distinction between machine readable compiled binary code and human readable source code. It acknowledged that compiled binaries would have had protection under the DMCA, but that *source code did not.*

This ruling has ramifications throughout the software industry, particularly with regards to OSS. At the moment there is no legal restriction, per se, of *any kind* on distributing source code.

Please make note though that this applies only to issues of *prior restraint.*

This does not mean that all source code can be legally distributed, it means that until an actual *adjudication* is made that said distribution was illegal it cannot be restrained.

A fine distinction of law that could get you out of, or *into*, trouble if you don't understand it properly.

Ah, what tangled webs we weave, when first we practice to make the contents of people's *minds* illegal.

KFG

Re:Huh?

Interesting. What if the DMCA folks wanted to really stretch things. They could say that a compiler is a method for encrypting the source code, and by publishing the security exploit, you would be telling people how to get past the encryption to make the code do stuff it wasn't meant to do. Of course, the exploit doesn't actually allow "decryption" of the binary, but whatever. It's damn late.

Re:Huh?

[kfg]

"What if the DMCA folks wanted to really stretch things. They could say that a compiler is a method for encrypting the source code. . . "

See my post to the thread parent. This is, essentially, what the California Appellate court just ruled in the DeCSS case.

KFG

Re:Huh?

[technos]

File permissions *do* protect copyright. If I write code, and stick it on a free server in Finland, and chmod it all to hell so everyone else can't see it's existance, I've taken reasonable technical steps to protect non-disclosure of my IP. Now Joe BlowHax0r comes along, axploits the bug, and *my* reasonable technical effort is screwed. Oh, and the DMCA too.

Re:Huh?

[kfg]

Sorry, but you're wrong here. See my post to the thread parent. You'll find a link to the DMCA itself. It makes an interesting read.

Please note also, that by American and international law *everything* you write is copyrighted from the moment of creation. In effect everything not specifically put into the public domain is covered by copyright protections. This is the crux of what makes the GPL work. GPL works are NOT in the public domain.

Note also the ruling of the court that distribution of the DeCSS source code is NOT illegal. . . at the moment.

This has, essentially, just happened and I guess you missed it.

KFG

Re:Huh?

[cicadia]

If you really want to know, just download the diff from kernel.org.

Re:Huh?

[Coredumped]

No I dont believe thats what they said at all.

The ruling said that source code, being human readable was free-speech. Once you compile that code it becomes a tool to circumvent software, which IS illegal under the DMCA.

Re:Huh?

[jrockway]

> Note also the ruling of the court that distribution of the DeCSS source code is NOT illegal. . . at the moment.

Yeah I know... but it's a good example. And the friggin' kernel exploit in not DMCA affected. If it is then chmod is a circumvention device (for root). Should we eliminate root?

Re:Huh?

[jrockway]

Heh, so what happens if you use an interperted language? It's human readable and machine readable :)

Re:Huh?

[efgbr]

that was legal advice from his lawyer. AC is a serious person and has proved that, meanwhile youre nobody and youre acusing him.

Ahem, 2.2.20 < 2.4.13

Version numbers use a Big-Endian representation. Late night 80x86 assembly hacking runs are dangerous to your mental health, stop immediately.

Why?

[Bud+Dwyer]

Okay, I'm kind of a newbie to Linux. I've been using Linux a little over a month, and I just finished compiling the latest stable 2.4 kernel. Now, tell me again why I'd want to take a step backwards? 2.4 is greater than 2.2.20 according to my math, which means it's better and more recent. So why are they still releasing 2.2? Is there some infighting in the Linux development world or something? Is this type of confusion (releasing 2.2.20 when 2.4 is already out) just one of the costs of the Open Source development methodology? I mean, you never hear about Microsoft releasing Windows 3.12 after Windows 95 is out.

Re:Why?

[jjr]

Becuase alot of people still use that kernel version. The nice people they are they like to keep do update even some of the older stuff also since they know some people still like using that kernel version.

Re:Why?

[edwdig]

If you're running a production server, you only change the kernel if there's a good reason. If you're running 2.2, installing this version is a good idea, as it's only minor (but important) tweaks.

Personally, I'm going to try it out because the 2.4 series networking doesn't work well at all on my system. Sockets stall after transferring a few hundred kb, which makes any kind of net access a serious pain. But 2.2.19 had problems with my sound card... Maybe, just maybe, there will be a version that likes all my hardware...

Re:Why?

I mean, you never hear about Microsoft releasing Windows 3.12 after Windows 95 is out
I think you just answered your own question. For some people, Windows 3 is/was all they ever needed. It was just the right weight for their hardware, and/or they didn't want to mess with something so different from what already works. Some of their programs might not even run under Windows95. But Windows 3.11 still can use tweaking. I bet there are plenty of people that wish there would have been a Windows 3.2

Re:Why?

[Electrum]

Okay, I'm kind of a newbie to Linux. I've been using Linux a little over a month, and I just finished compiling the latest stable 2.4 kernel. Now, tell me again why I'd want to take a step backwards? 2.4 is greater than 2.2.20 according to my math, which means it's better and more recent. So why are they still releasing 2.2? Is there some infighting in the Linux development world or something? Is this type of confusion (releasing 2.2.20 when 2.4 is already out) just one of the costs of the Open Source development methodology? I mean, you never hear about Microsoft releasing Windows 3.12 after Windows 95 is out.

Knowing Slashdot moderators, your comment will probably get modded as troll, but I'll answer anyway. Regarding your Windows example, you are incorrect. This is like Microsoft releasing SP6 for NT 4 after Windows 2000 is released. I'm fairly sure SP6 was released afterwards, but if not, they have still released updates to NT 4 after the release of Windows 2000. Just because a product isn't the latest code base doesn't mean it isn't still being used. Many people are still running NT 4, and need updates, like security fixes. There will still be updates to Windows 2000, even though Windows XP is out.

Even though 2.4 is "stable", it isn't "super stable" yet, and might not be for some time. I would guess that most people running Linux on non SMP production servers are using a 2.2 kernel, simply because it has been tested longer, and known to be stable. Then again, that's why many of us use FreeBSD on our production servers :) At this point, I would use a 2.2 kernel on any product boxes that were going to be running Linux. I've personally had problems with 2.4 on the boxes I use as workstations. For example, 2.4.7 would swap for hours when it ran out of memory. While you'd hope that never happens on a production server, many people can't afford to take that risk.

The current even numbered kernel, in this case 2.4, is the "stable" kernel, and the one behind it, in this case 2.2, is the "super stable" kernel.

Re:Why?

[SnapperHead]

There are tons of installing still using the 2.2 series. For example, my laptop, DNS / DHCP server and firewall. Most of the 1 disk firewall distros currently use the 2.2 series kernel. It will be quite a while before the start moving to 2.4.

There are also the types of people who won't move there production servers / workstations over to 2.4 becuase of VM issues, and becuase of how long its been around. I am one of those types when it comes to filesystems. My main server is running ext2, it will be at least another 2 years before I think about moving it to ReiserFS or ext3. My workstation is using ext3, becuase the important things (/home) are mounted via NFS.

Anyway, I could show you my friends work which has over 200 2.2 series machines. Running anything from rh 6.2, to debian 2.2. Just becuase something is newier or has a higher version number, doesn't mean its better.

Re:Why?

>I mean, you never hear about Microsoft releasing Windows 3.12 after Windows 95 is out.

Well, internet explorer is the major component to the windows OS, according to M$. They made IE 6 for Win 98 while ME and 2k were on the shelves...

Basically, 2.2.20 is a maintenance release to fixed problems in the old kernel. Why bother fixing it? Because some people have machines with too little memory for 2.4.x, or have machines that need to run crappy binaries that only work on the 2.2.x series. Bummer, I know.

No infighting, no fun stories. Just people forced to run old software that Linus et al. are nice enough to help. :-/

Hope you enjoy your Linux experience!

Re:Why?

[lurwas]

Ok, thanks.
I will keep that in mind, next time my 2.4.x kernels crashes...
Eh, wait a minute, next time? It hasn't actually crashed on me at all, and I'm running four different machines on it, around the clock.
Define "super stable" please?

Re:Why?

[Buck2]

Just because you haven't had problems doesn't mean someone elsase hasn't. (me)

Re:Why?

[Ada_Rules]

Actually, plenty of vendors upgrade/patch older
versions even though new versions are out. Just a week or two ago MS released a new security patch for Windows 95. By any reasonable versioning standards, this does indeed change the version of the windows OS I sometimes run since a version should uniquely identify the configuration.

So, whether or not the parent of this message was indented to be a troll or a genuine question it still based on incorrect assumptions.

Re:Why?

[mark_lybarger]

i can see how a "one disk" (meaning floppy hopefully) distro would be limited to 2.2 since from what i recall, 2.4 requires more memory/space, but isn't 2.4 better suited for firewalling? i don't think 2.2 support iptables and all it's glory. statefull firewalls are a good thing.

Re:Why?

[dollargonzo]

although 2.4 is considered the even numbered stable kernel, the potato distro of, say, debian, still comes with the 2.2 kernel, and probably will for some time. The 2.4 kernel is in the woody distro, and still considered testing. so, if yuo buy a set of debian CDs, they will contain 2.2 until testing becomes stable.

Re:Why?

[EvlG]

Validation is a big concern for any mission-critical computing environment. Most organizations using Linux have validated 2.2 series long ago, and thus have certified it as acceptable for use in their production machines. Those machines can't afford much downtime, so if it works, don't fix it.

2.4 is still experiencing some evolution. Witness the VM changes lately. A production server running one of the builds with the bad VM would be in real trouble when it thrashed/etc... Thus, 2.4 is probably not validated for a lot of environments.

2.2 is rock solid at this point. Fix a few security bugs here and there, and you have a super stable kernel. Sure, it might not support all the latest features, and not have the absolute best performance when compared to some of the newer things being done, but for some applications, the stability is the most important goal.

Re:Why?

BSD is for people who love to support Microsoft programmers

Thank you for your contributions

Re:Why?

I write BSD-licensed code because I love to write code for my needs that others might find useful. I don't care what happens to it, it's out there for everyone. Linux zealots on an anti-MS compaign, however...

Re:Why?

[lemox]

Knowing Slashdot moderators, your comment will probably get modded as troll...

That's because he is a troll. Try reading his posting history.

So yeah... YHBT. HAND.

Re:Why?

[Fishstick]

>tell me again why I'd want to take a step backwards?

You wouldn't. If you haven't taken the step forwards yet to 2.4 (as many probably haven't - not every distribution ships with a 2.4 kernel yet) you would need this.

There probably are (believe it or not) still many machines running 2.2 for one reason or another, and this version apparently fixes some security issues. Alan wouldn't bother to release a new version of 2.2 if no one still used it, would he?

I personally still use a 2.2 series kernel on my firewall pc. I just never had a compelling reason to upgrade to 2.4 and my 2.2.19 does everything I need. If 2.2.20 adds some security fixes, then I'll find some time in the next week to compile a new kernel.

Someday the task of moving this machine to 2.4 will move high enough on my list to do something about it. There's not a whole lot going on in this box, but I haven't found time to research all that would be involved to go from ipchains to iptables, or to figure out if there's anything I'd have to do different to get my VPN masquerading to work again.

Re:Why?

Now try it on a heavily loaded HIGHMEM box (one with several gigs of RAM). Although I've been having pretty good luck so far with 2.4.13 on the 4x PIII Xeon with 4Gigs RAM.

Re:Why?

Excellent point. I'm putting together 8 systems for work. All they will do is acquire, store, and transmit data. I want rock solid stabililty, so I chose Debian stable - kernel version 2.2.19. But hey, 2.2.20 sounds good to me!

PS. We checked one system the other day: 980 day uptime without a problem. Can't get those kind of numbers recompiling and installing every kernel that comes out.

Can't grab it quite yet, myself

[bconway]

As my sole 2.2 machine is running Mandrake w/ ReiserFS, I can't grab it quite yet for my firewall. Keep an eye on their ftp site for the imminent 2.2 patch, and enjoy.

Re:Can't grab it quite yet, myself

I have the same config, just put the 2.2.19 reiserfs patch over 2.2.20 it works. Only 2 hunks at 1 line offset.

Re:Can't grab it quite yet, myself

This is offtopic? It's directly pertinent to the article. WTF is wrong with moderators!? I can't wait to see you assholes in metamoderation.

Security fixes

[VA+Software]

2.2.20pre11
o Security fixes

- Quota buffer overrun , possibly locally exploitable (Solar Designer)

- Ptrace race - local root exploit

- Symlink local denial of service attack fix (Rafal Wojtczuk, Solar Designer, Linus Torvalds)

- Sparc exec fixups(Solar Designer)

Re:Security fixes

The parent post violates the DMCA. If you're American, look away, read it at your own risk. If you're non-American, don't read it either if you plan on visiting the US in the future.

Re:Security fixes

Fuck your country and the DMCA. I live in the USA, read it, and don't give a damn.

Re:Security fixes

And how fitting that you remain anonymous...

Re:Security fixes

Well, I'm not. My name is Linus Torvalds, but my personal browser doesn't support cookies :-(

Re:Security fixes

[jrockway]

No no no it doesn't! Read my previous post on what's illegal under the DMCA. Hint: this has nothing to do with it!!!!

Re:Security fixes

No no no it doesn't! Read my previous post on what's illegal under the DMCA. Hint: this has nothing to do with it!!!!

Or better still, read a post by someone who's aware that the DMCA is about technological means that effectively control access to a copyrighted work, not encryption in particular (which is one example of a technological means. And yes, Linux based restrictions on access certainly can be technological means and you certainly can use those means to protect your copyrighted works, as many people do.

Re:Security fixes

Don't feed the trolls.

you misunderstand

[oni]

2.4 is greater than 2.2.20 according to my math, which means it's better and more recent

no, no, no...
Linux is a next-generation operating system. The whole thing was planned out by The Creator before even the first line of code was committed to disk. We are in fact on a count down to Linux version 1. That will be the perfect version that will signal the end times . You see, linux started with, IIRC version 5. Each time The Creator completes one stage of the plan, we decrement the version number by one. We are at 2.2 now so as you can see, it wont be long until the end times .

I'm kind of a newbie to Linux

Welcome aboard brother.

Why, I can remember my first experience with linux. I had a version 4.6.2 kernel running on a 386 with only 640K RAM. Ahh... those were the days!

Re:you misunderstand

dispite what linus thinks, the _REAL_ version of linux is 7.2. Didn't the Creator tell you before? the end times is not as near as you think, brother

Re:you misunderstand

dispite what linus thinks, the _REAL_ version of linux is 7.2.

Didn't Alan Cox state yesterday that Red Hat doesn't have much say as to what goes into the Linux kernel?

The Full Changelog

[DaSyonic]

Here's a copy of Alan Cox's post to the mailing list (I would just put a link to the archives, but it was only posted about 11 hours ago, and it's easier to just copy the email):

A proper 2.2.20 summary as opposed to the changelog will follow probably
Monday.

2.2.20 final
o Final fixes for the computone driver (Michael Warfield)

2.2.20pre12
o Update davicom driver to fix oopses (Sten Wang)
o Updated PC300 driver - fix SCA-II DMA bugs
(Daniela P. R. Magri Squassoni)
o Make syn cookies per socket (Andi Kleen)
o Computone driver fixes for fast PC's (Michael Warfield)
| Follow on devfs patches didnt apply so dropped
o DAC960 update (Leonard Zubkoff)

2.2.20pre11
o Security fixes
| Details censored in accordance with the US DMCA
o Sparc updates (Dave Miller)
o Add escaped usb hot plug config item (Ryan Maple)
o Fix eepro10 driver problems (Aris)
o Make request_module return match 2.4 (David Woodhouse)
o Update SiS900 driver (Hui-Fen Hsu)
o Update ver_linux to match 2.4 (Steven Cole)
o Final isdn fixups for 2.2 (Kai Germaschewski)
o scsi tape fixes from 2.4 (Kai Mäkisara)
o Update credits entry (Henrik Storner)
o Fix scc driver hang case (Jeroen)
o Update credits entry (Dave Jones)
o Update FAT documentation (Hirokazu Nomoto)
o Small net tweaks (Dave Miller)
o Fix cs89xx abuse of skb->len (Kapr Johnik)

2.2.20pre10
o Update the gdth driver (Achim Leubner)
o Fix prelink elf loading in 2.2 (Jakub Jelinek)
o 2.2 lockd fixes when talking to HP/UX (Trond Myklebust)
o 3ware driver update (Adam Radford)
o hysdn driver update (Kai Germaschewski)
o Backport via rhine fixes (Dennis Bjorklund)
o NFS client fixes (Trond Myklebust, Ion Badulescu,
Jim Castleberry, Crag I Hagan.
Adrian Drzewiecki)
o Blacklist TEAC PD-1 to single lun (Wojtek Pilorz)
o Fix null request_mode return (David Woodhouse)
o Update credits entry (Fernando Fuganti)
o Fix sparc build with newer binutils (Andreas Jaeger)
o Starfire update (Ion Badulescu)
o Remove dead USB files (Greg Kroah-Hartmann)
o Fix isdn mppp crash case (Kai Germaschewski)
o Fix eicon driver (Kai Germaschewski)
o More pci idents (Andreas Tobler)
o Typo fix (Eli Carter)
o Remove ^M's from some data files (Greg Kroah-Hartmann)
o 64bit cleanups for isdn (Kai Germaschewski)
o Update isdn certificates (Kai Germaschewski)
o Mac update for sysrq (Ben Herrenschmidt)

2.2.20pre9
o Document ip_always_defrag in proc.txt (Brett Eldrige)
o Update S/390 asm for newer gcc (Ulrich Weigand
o Update S/390 documentation Carsten Otte
o Update s390 dump too and co)
o Update s/390 dasd to match 2.4
o Backport s/390 tape driver from 2.4
o FDDI bits for s/390
o Updates for newer pmac laptops (Tom Rini)
o AMD760MP support (Johannes Erdfelt)
o Fix PPC oops on media change (Tom Rini)
o Fix some weird but valid input combinations (Tom Rini)
on PPC
o Add additional checks to irc dcc masquerade (Juanjo Ciarlante,
Michal Zalewski)
o Update 2.2 ISDN maintainer (Kai Germaschewski)
o Fix 3c505 with > 16Mb of RAM (Paul)
o Bring USB into sync with 2.4.7 (Greg Kroah-Hartmann)

2.2.20pre8
o Merge DRM fixes from 2.4.7 tree (me)
o Merge sbpcd fixes from 2.4.7 tree
o Merge moxa buffer length check
o Merge bttv clip length check
o Merge aha2920 shared irq from 2.4.7 tree
o Merge MTWEOF fix from 2.4.6 tree
o Merge serverworks AGP from 2.4.6 tree
o Merge sbc60xxx watchdog fixes from 2.4.6
o Merge lapbether fixes from 2.4.6
o Merge bpqether fixes from 2.4.6
o Merge scc fixes from 2.4.6
o Merge lmc memory leak fixes from 2.4.6
o Merge sm_wss fixes from 2.4.6
o Resync AGP support with 2.4.6
o Merge epca fixes from 2.4.5
o Merge riscom8 fixes from 2.4.5
o Merge softdog fixes from 2.4.5
o Merge specialix fixes from 2.4.5
o Merge wdt/wdt_pci fixes from 2.4.5
o ISDN cisco hdlc fixes (Kai Germaschewski)
o ISDN timer fixes (Kai Germaschewski)
o isdn minor control change backport (Kai Germaschewski)
o Backport ELCR MP 1.1 config/PCI routing stuff (John William)
o Backport isdn ppp fixes from 2.4 (Kai Germaschewski)
o Backport isdn_tty fixes from 2.4 (Kai Germaschewski)
o eicon cleanups (Armin Schindler)
| Armin can you double check the clashes were ok
o Fix an ntfs oops (Anton Altaparmakov)
o Fix arp null neighbour buglet (Dave Miller)
o Update sparc version strings, pci fixups (Dave Miller)
o Define CONFIG_X86 in 2.2 as well as 2.4 (Herbert Xu)
o Configure.help cleanups (Steven Cole)
o Add MODE_SELECT_10 to qlogic fc table (Jeff Andre)
o Remove dead oldproc variable (Dave Miller)
o Update starfire driver for 2.2 (Ion Badulescu)
o 8139too driver update (Jens David)
o Assorted race fixes for binfmt loaders (Al Viro)
o Update Alpha support for older boxes (Jay Estabrook)
o ISDN bsdcomp/ppp compression fixes (Kai Germaschewski)

2.2.20pre7
o Merge rose buffer management fixes (Jean-Paul Roubelat)
o Configure.help updates (Steven Cole)
o Add Steven Cole to credits (Steven Cole)
o Update kbuild list info (Michael Chastain)
o Fix slab.c doc typo (Piotr Kasprzyk)
o Lengthen parport probe timeout (Jean-Luc Coulon)
o Fix vm86 cleanup (Stas Sergeev)
o Fix 8139too build bug (Jürgen Zimmermann)
o Fix slow 8139too performance (Oleg Makarenko)
o Sparc64 exec fixes (Solar Designer)

2.2.20pre6
o Merge all the pending ISDN updates (Kai Germaschewski)
| These are sizable changes and want a good testing
o Fix sg deadlock bug as per 2.4 (Douglas Gilbert)
o Count socket/pipe in quota inode use (Paul Menage)
o Fix some missing configuration help texts (Steven Cole)
o Fix Rik van Riel's credits entry (Rik van Riel)
o Mark xtime as volatile in extern definition (various people)
o Fix open error return checks (Andries Brouwer)

2.2.20pre5
o Fix a patch generation error, replaces 2.2.20pre4 which is
wrong on ad1848

2.2.20pre4
o Fix small corruption bug in 82596 (Andries Brouwer)
o Fix usb printer probing (Pete Zaitcev)
o Fix swapon/procfs race (Paul Menage)
o Handle ide dma bug in the CS5530 (Mark Lord)
o Backport 2.4 ipv6 neighbour discovery changes (Dave Miller)
o FIx sock_wmalloc error handling (Dave Miller)
o Enter quickack mode for out of window TCP data (Andi Kleen)
o Fix Established v SYN-ACK TCP state error (Alexey Kuznetsov)
o Sparc updates, ptrace changes etc (Dave Miller)
o Fix wrong printk in vdolive masq (Keitaro Yosimura)
o Fix core dump handling bugs in 2.2 (Al Viro)
o Update hdlc and synclink drivers (Paul Fulghum)
o Update netlink help texts (Magnus Damm)
o Fix rtl8139 keeping files open (Andrew Morton)
o Further sk98 driver updates. fix wrong license (Mirko Lindner)
text in files
o Jonathan Woithe has moved (Jonathan Woithe)
o Update cpqarray driver (Charles White)
o Update cciss driver (Charles White)
o Don't delete directories on an fs that reports (Ingo Oeser)
then 0 size when doing distclean
o Add support for the 2.4 boot extensions to 2.2 (H Peter Anvin)
o Fix nfs cache locking corruption on SMP (Craig Hagan)
o Add missing check to cdrom readaudio ioctl (Jani Jaakkola)
o Fix refclock build with newer gcc (Jari Ruusu)
o koi8-r fixes (Andy Rysin)
o Spelling fixes for documentation (Andries Brouwer)

2.2.20pre3
o FPU/ptrace corruption fixes (Victor Zandy)
o Resync belkin usb serial with 2.4 (Greg Kroah-Hartmann)
o Resync digiport usb serial with 2.4 (Greg Kroah-Hartmann)
o Rsync empeg usb serial with 2.4 (Greg Kroah-Hartmann)
o Resync ftdi_sio against 2.4 (Greg Kroah-Hartmann)
o Bring keyscan usb back into line with 2.4 (Greg Kroah-Hartmann)
o Resync keyspan_pda usb with 2.4 (Greg Kroah-Hartmann)
o Resync omninet usb with 2.4.5 (Greg Kroah-Hartmann)
o Resync usb-serial driver with 2.4.5 (Greg Kroah-Hartmann)
o Resync visor usb driver with 2.4.5 (Greg Kroah-Hartmann)
o Rsync whiteheat driver with 2.4.5 (Greg Kroah-Hartmann)
o Add edgeport USB serial (Greg Kroah-Hartmann)
o Add mct_u232 USB serial (Greg Kroah-Hartmann)
o Update usb storage device list (Stas Bekman, Kaz Sasayma)
o Bring usb acm driver into line with 2.4.5 (Greg Kroah-Hartmann)
o Bring bluetooth driver into line with 2.4.5 (Greg Kroah-Hartmann)
o Bring dabusb driver into line with 2.4.5 (Greg Kroah-Hartmann)
o Bring usb dc2xx driver into line with 2.4.5 (Greg Kroah-Hartmann)
o Bring mdc800 usb driver into line with 2.4.5 (Greg Kroah-Hartmann)
o Bring rio driver into line with 2.4.5 (Greg Kroah-Hartmann)
o Bring USB scanner drivers into line with 2.4.5 (Greg Kroah-Hartmann)
o Update ov511 driver to match 2.4.5 (Greg Kroah-Hartmann)
o Update PCIIOC ioctls (esp for sparc) (Dave Miller)
o General sparc bugfixes (Dave Miller)
o Fix possible oops in fbmem ioctls (Dave Miller)
o Fix reboot/halt bug on "Alcor" Alpha boxes (Tom Vier)
o Update osst driver (Willem Riede)
o Fix syncppp negotiation bug (Bob Dunlop)
o SMBfs bug fixes from 2.4 series (Urban Widmark)
o 3ware IDE raid driver updates (Adam Radford)
o Fix incorrect use of bitops on non long types (Dave Miller)
o Fix reboot/halt bug on 'Miata' Alpha boxes (Tom Vier)
o Update Tim Waugh's contact info (Tim Waugh)
o Add TIOCGSERIAL to sun serial on PCI sparc32 (Lars Kellogg-Stedman)
o ov511 check user data more carefully (Marc McClelland)
o Fix netif_wake_queue compatibility macro (Andi Kleen)

2.2.20pre2
o Fix ip_decrease_ttl as per 2.4 (Dave Miller)
o Fix tcp retransmit state bug (Alexey Kuznetsov)
o Fix a few obscure sparc tree bugs (Dave Miller)
o Fix fb /proc bug and OF fb name size bug (Segher Boessenkool)
o Fix complie with CONFIG_INTEL_RNG=y (Andrzej Krzysztofowicz)
o Fix rio driver when HZ!=100 (Andrzej Krzysztofowicz)
o Stop 3c509 grabbing other EISA boards (Andrzej Krzysztofowicz)
o Remove surplus defines for root= names (Andrzej Krzysztofowicz)
o Revert pre1 APIC change

2.2.20pre1
o Fix SMP deadlock in NFS (Trond Myklebust)
o Fix missing printk in bluesmoke handler (me)
o Fix sparc64 nfs (Dave Miller)
o Update io_apic code to avoid breaking dual (Johannes Erdfelt)
Athlon 760MP
o Fix includes bugs in toshiba driver (Justin Keene,
Greg Kroah-Hartmann)
o Fix wanpipe cross compile (Phil Blundell)
o AGPGART copy_from_user fix (Dawson Engler)
o Fix alpha resource setup error (Allan Frank)
o Eicon driver updates (Armind Schindler)
o PC300 driver update (Daniela Squassoni)
o Show lock owner on flocks (Jim Mintha)
o Update cciss driver to 1.0.3 (Charles White)
o Backport cciss/cpqarray security fixes (me)
o Update i810 random number generator (Jeff Garzik)
o Update sk98 driver (Mirko Lindner)
o Update sis900 ethernet driver (Hui-Fen Hsu)
o Fix checklist glitch in make menuconfig (Moritz Schulte)
o Update synclink driver (Paul Fulghum)
o Update advansys scsi driver (Bob Frey)
o Ver_linux fixes for 2.2 (Steven Cole)
o Bring 2.2 back into line with the master ISDN (Kai Germaschewski)
o Whiteheat usb driver update (Greg Kroah-Hartmann)
o Fix via_rhine byte counters (Adam Lackorzynski)
o Fix modem control on rio serial (Rogier Wolff)
o Add more Iomega Zip to the usb storage list (Wim Coekaerts)
o Add ZF Micro watchdog (Fernando Fuganti)

Re:The Full Changelog

[Glyndwr]

o Security fixes


| Details censored in accordance with the US DMCA

Huh? What gives here? This sounds juicy.

Re:The Full Changelog

Yeah, that's why it was a whole story a few days back. Did you miss it? Read it again.

Re:The Full Changelog

[damiam]

There was a /. discussion on this a few weeks ago.

Re:The Full Changelog

[dattaway]

We could tell you, but the NSA would have to kill you.

Re:The Full Changelog

[vsavatar]

Non-US citizens can find the full uncensored changelog at http://www.freeworld.net

For those of you who don't want to have to go through a click-thru agreement I have posted them on

http://www.burger-family.org/chglog-2_2_20.txt

and

http://www.geocities.com/vsavatar/chglog-2_2_20. tx t.

I'm doing this to spite the DMCA and if they come after me for it then so be it. I'm sure the EFF and other organizations and individuals will be willing to help me out with my legal fees if the feds come after me for it. Since I'm in the US, I may be putting my neck on the line for this, but there are some things worth risking imprisonment for. I'm young and single... I have a lot to lose, but if we can't even post information like this which we as a community have helped put together and support over time, then we have lost more than I can stand to lose.

Re:The Full Changelog

[Glyndwr]

So I discovered about 15 minutes of posting my original comment. I hate being stuck offline for a week at a time.

Re:Big Deal! Linux 2.2.20 is out...

[sydneyfong]

and i've yet to see anyone not working for MS who knows they've released a new windows kernel.

Windows is not only a kernel, it's rather similar to a Distribution.

For kernels, you may get a new one when u get a new version of windows, or maybe with Windows Update (yuck), but aside from noticing the system is more stable/faster (or unstable/slower) it isn't really a big deal anyway. Compared to windows, the linux kernel has all the publicity it needs.
And don't forget how many people reads /. everyday...

they waited 2 days too long . . .

[kraada]

because how cool would it have been if kernel 2.2.20 came out on 11.1.01?

Re:they waited 2 days too long . . .

What kind of date format is that? 2001-11-01, most significant to least significant and easy to remember. And its still 2001-11-02 in some parts of the world, so its only one day late.

Re:they waited 2 days too long . . .

[TomK32]

no, 10.10.10100 would have been much cooler ;-)

bits will never die!

Re:they waited 2 days too long . . .

What are you talking about? It's November now, not January. duh.

john

Re:they waited 2 days too long . . .

And how would you like it if 2.4.1 came out in 2/4/01? Just be glad that they even get to release this thing.

2.2.2 - 2.2.20 Sizing

[SlickMickTrick]

Compare the size of the bz2 files between 2.2.2 and 2.2.20

linux-2.2.2.tar.bz2 10.1M
linux-2.2.20.tar.bz2 15.0M

50% increase in the stable series...

mod parent down

"super stable"?

Get Real!

Re:mod parent down

[Electrum]

"super stable"?

Get Real!

As opposed to just "stable". I'm not the one who came up with the term...

Drivers

[srichman]

Compare the size of the bz2 files between 2.2.2 and 2.2.20 ... 50% increase in the stable series...

I would guess it's mostly drivers. New/updated drivers get added throughout stable series. As you probably know, drivers are by far the majority of the Linux kernel, and the size of the driver code grows much faster than the rest of the kernel.

Didn't 2.2.19.1 fix this?

[Masem]

I believe a day after that possible local user exploit was discovered, in which the 2.4.x series was patched, they released what best could be called an interim 2.2, labeled 2.2.19.1. At least, from debian's info, here's what 2.2.19.1 had (note the high priority for a kernel image:) kernel-source-2.2.19 (2.2.19.1-1) stable unstable; urgency=high

* Removed non-free Keyspan firmware (closes: #113382).
* Fixed suid ptrace exploit (Solar Designer).
* Fixed local symlink DoS (Solar Designer).
* Added support for nm256xl+ (Mattia Monga, closes: #113343).

-- Herbert Xu Sat, 20 Oct 2001 17:39:35 +1000

Re:Didn't 2.2.19.1 fix this?

[germinatoras]

Yes. At SecurityFocus, there's a list of vendors that have supplied a patch for the kernel used in their distribution. But for me, (as a Slackware 7.1 user, and therefore a 2.2.16 kernel user), this 2.2.20 is a definite good thing. I had toyed around with the idea of getting the kernel from some other distro and apply that distro vendor's patch. It probably would have been a decent enough solution, but being able to simply upgrade to 2.2.20 is going to be a lot cleaner.

Cryptography

[nick255]

Does anyone know what has happened to the international kernel patch?
I haven't been able to get to kerneli.org for ages, and have been unable to find any info about where the patches now are.

Re:Cryptography

Crypto sites (including Cryptome) have been under increasing pressure to remove free crypto software from the net.

It's all about the War on Terrorism...

Re:Cryptography

The international patch has turned into the crypto project on sourceforge.

false

[recursiv]

0 is even too you know

ahem....

shat

Version e

[empesey]

It'd be better to end on 2.7.18

Re:2.2.22

Perhaps in another 50 years we will see the kernel of the beast? 6.6.6

Super stable

[Tony-A]

Running production in the field for 5+ years with nobody having a stability problem.
The problem is such as Microsoft get something new and because it managed to stay up all day they think it's (finally) stable.

WoW! This is Confusing! Help!

[vbprgrmr]

And not only that! But does the work, changes and 'improvements' being done in the 2.2 tree ever get incorporated in future versions of 2.4.XX or 2.5.XX? And if so does that degrade the stability of earlier versions of 2.4 and 2.5?

This DMCA comment is bogus

If the DMCA were applicable as Alan states, how could he publish the source with the fixes? Since one could diff the kernel sources and see the fixes and then know the exploits, he can't be absolved by censoring the changelog but publishing the source fixes.