Slashdot Mirror

← Back to Stories (view on slashdot.org)

Linux Kernel 2.6.3 Has Been Released [updated]

Posted by timothy on from the shhhh dept.

justinarthur writes "At 04:36 UTC, Linux kernel version 2.6.3 has been made available. As is typical, downloaders are advised to utilize a mirror upon file availability. There are many changes from version 2.6.2, including recent ALSA patches, XFS fixes, and updates in many other areas." Update: 02/18 14:15 GMT by T : Peter Willis points out that kernel 2.4.25 (changelog) was also released, and writes "Incidentally, a security advisory dated today states there is an exploit in kernels up to 2.4.24 and 2.6.2, but the two releases today don't seem to reflect any changes, so get ready to patch up as soon as a patch pops up. More details on the vulnerability here."

4 of 72 comments (clear)

  1. Summary Redefined by Changelog by Red+Pointy+Tail · · Score: 5, Insightful

    Summary of changes from v2.6.2 to v2.6.3


    At a tidy 9472 lines, I think the word 'summary' needs a new definition...
  2. Re:SCO's code is available for perusal by warmcat · · Score: 4, Insightful
    Many a true word is spoken in jest... copied from this Yahoo SCOX messageboard post (thanks to jgabriel66 and kevinmcb2004 for finding the site)

    The full URL for the parent package is here:

    http://linuxupdate.sco.com/scolinux/update/RPMS.up dates/glibc-devel-2.2.5-213.i5 86.rpm

    Here is the kernel mentioned in the grandparent post

    http://linuxupdate.sco.com/scolinux/update/RPMS.up dates/kernel-source-2.4.21-138 .i586.rpm

    (as mentioned in the parents they have set up some kind of HTTP auth, but blank credentials work fine)

    What is bizarre is that the files are still being updated while all this crap is going on. For example http://linuxupdate.sco.com/scolinux/update/RPMS.up dates/mc-4.5.55-719.i586.rpm is dated 17th Feb 2004.

    Further the RPMs are cryptographically signed with GPG keys for both

    SuSE Package Signing Key [9C800ACA]
    Caldera Security [C4970D31]

    This is proof that the files are deliberately approved and issued by Caldera/SCOX, signing packages is the most protected step that can happen in a company for its sources and binaries.

    Further when I look at /usr/src/linux-2.4.21-138/COPYING I see... the GPL v2 with a note at the top by Linus as usual.

    Its like the arms and legs of SCOX don't know what the 455h013 is saying. HEY IDIOTS, you're still GIVING AWAY on your websites, under the GPL, the stuff you're trying to shake down companies for!! AND ITS GPG-SIGNED BY YOU THAT IT IS OKAY!!!!

  3. Re:TODO: by Anonymous Coward · · Score: 3, Insightful

    Here you go..
    This is also a useless use of wc:
    $ grep -cxP "" ChangeLog-2.6.3
    1260

  4. Debian and Slackware already patched by mst76 · · Score: 3, Insightful

    According to the changelogs, Debian and Slackware already have the patches for the bounds checking error in place. I didn't check the other distributions. (Or rather, I don't know where to check most of them quickly.)