Kernel 2.4.26 Out
StupidKatz writes "Fresh from the oven, the fine folks at kernel.org have released 2.4.26, filled with such yummy goodness as fixes for those damnable mmap() vulns, among other things. Remember to use your favorite mirror!"
← Back to Stories (view on slashdot.org)
Linux trying to match up Microsoft's security releases? +P
-------
FM Clan
mmmhmmm, i cant wait to get my lil hanies on this one... too bad im on a lousy 56k while my ISP restructures... arrgh
Safe Journeys Space Fan, Where Ever You Are
When are they going to start using bittorrent to start distributing these things?
Two days after I upgrade to 2.6.5. Wonderful.
Never in a million years would I have guessed it was gay.
i've almost finished downloading all the new mandrake cd's and they're already out of date
Jesus saves souls and redeems them for valuable cash prizes
Dude, you downloaded the Mac version. You need to be sure to get linux-2.4.6.exe.
Servers at work for example all run 2.4.x. It will be hell to unleash 2.6.x just like that.
And 2.4 works great - why break something that works fine? We haven't run into any issues whatsoever.
On my Debian box, I run 2.6 but users aren't depending on it to work without issues.
Stability. Not every linux installation is on some geeks desk, some applications and installations require absolute stability, or as close as you can get, that means nothing but bug fixes. 2.6 might be called the stable branch, but its relatively untested compared to 2.4. Other then that, give me one good reason to move my 486 to 2.6.
"I use a Mac because I'm just better than you are."
I hear he is just about ready to get the iso out...
;)
back to the drawing board I guess
MP3 Search Engine
i wish we could delete these things
Jesus saves souls and redeems them for valuable cash prizes
I've just got to say, I think Marcello's done a great job on the 2.4 series. For having to be part political leader, part CS genious, and part referee he's not given many people a reason to complain.
2.6 is alot bigger than 2.4, so if you are running on a slow computer, or perhaps a low-memory computer built into something (fridge or car?) you might want to use 2.4 or maybe 2.2
And we've always got the really conservative "in my days the kernel was 200 Kb of sourcecode"-people.
GAAH! MY PRINTER IS ON FIRE!!! PUT IT OUT! PUT IT OUT!
because why upgrade important systems unnecessarily? often there's nothing to gain, probably just break something. the updates are just bug fixes etc to keep it usable.
a crude comparison would be "why does MS release security patches for 9x after XP was released?"
Good point. 2.4 is more tested.
ZX2C4
Damn. Maybe I should switch to Windows. Oh.. wait..
Domain name registration for $8.79 per year
879domains.co
There are a few things that aren't quite up to speed in 2.6, such as my nforce2 drivers.
That said, the whole idea of numbering system for linux kernels is that a user/company can keep using known stable kernels until they are comfortable/able to switch to the next kernel set.
There are still businesses out there running 2.2 and 2.0, from what I read on slashdot.
Cogito ergo sum in Slashdot.
Philippe Troin is one of many who crossed-checked the CAN list. Here are the relevant fixes in 2.4.26.
They didn't cover the release of 2.6.5...or 2.6.4 for that matter. Why cover a 2.4 variant?
Just wondering.
"Music is everybody's possession. It's only publishers who think that people own it." - John Lennon.
Well... in the case of my servers - I would need up go to dump the debian/stable modutils in favour of the (I believe still debian/unstable) module loader for a 2.6 kernel (can't remember which it is, but I've done it a few times upgrading desktops). This of course requires upgrading a bunch of other dependant crap.
And then there's the 3rd-party drivers. RAID controllers, etc etc. Yes, I know 2.6 is supposed to possibly figure out drivers from older kernels, but do I really want to trust that? Some of these don't have 2.6 drivers. Hell, for some they 2.4 drivers were a recent thing... I had a machine which I called the vendor to specifically get a 2.4.xx driver for a multi-modem system since the box was still running 2.2 before a hardware upgrade.
Being at the latest-and-greatest is good if it provides a noticable benefit vs the drawbacks up grading. In this case, it doesn't.
I've been putting off the seemingly arduous task of moving to 2.6.x...maybe I should just scratch my itch by upgrading to a newer 2.4.x kernel..
Okay... This is the result of a cursory check, do your homework folks!
The R128 DRI bounds checking bug is a potential local root exploit.
According to this patch 2.4.26 contains the fix.
The isofs bug. It is locally exploitable iff you have hardware access or if you can induce someone to mount a compromised medium.
The ext3 information leak. It cannot lead to any exploit and has only the tiniest chances of giving an attacker any usable information.
The SoundBlaster Denial of Service.
But no, no mremap issues...
</KARMA>
What's the problem? It's only 700kb now..oh...that's the patch..
Debian users need new news too I guess.
I can *not* get my Digium Zaptel drivers to compile under 2.6.
So there goes my Asterisk install.
To answer the question Why still 2.4?
I'm guessing many others have the same trials and tribulations with third party drivers and software.
All that lost karma!!! It should be mine!!!
If you can afford to upgrade from a 386 to a 486, I think you can handle 2 points in a minor kernel version. :)
I'll upgrade as soon as my they fix whatever is wrong with the 2.6.* firewire code. All the releases of 2.6 (as well as the latest snapshot from the linux1394 website) bomb with my firewire drive which works just fine with 2.4.25. I load the ieee1394 module, the ohci1394 module, and the sbp2 module, and the kernel starts spewing SCSI errors. All my posts on this subject to the linux-kernel mailing list (and as of this afternoon the linux1394 mailing list) have gone unanswered.
Dinivin
You can't alter the site just because some windows-scumbags start liking it. Instead, you make it render really bad in IE and lock up windows so that they need to start using a proper OS.
GAAH! MY PRINTER IS ON FIRE!!! PUT IT OUT! PUT IT OUT!
give me one good reason to move my 486 to 2.6
Cause it'll run like a 586!
My P133 thanks me every morning for giving it a 2.6 kernel.
The 2.6 kernel is quite a bit faster if stuff like performance matters to you. Think back to when you had a 2.2 kernel on there, why'd you upgrade to 2.4 again?
I'm still running 2.2.20 on my debian server. If it aint broke, don't fix it. But I'm using 2.6.5 on my gentoo desktop though.
I no longer have the time to sit and tweak kernel configs, follow endless loops of dependency problems, hunt on the web in search of answers until I find myself trying to understand something in Russian, recompile to fix an error, fail to fix it, and add another error...I've given up on 2.6 until some major distributions other than Mandrake are actually set up to use it. Go ahead and blame me for being stupid, but I've compiled hundreds of kernels, worked out config problems, and never run into a dead end before.
...
next ChangeLog entry: drop "drop copyright notice" comment from ChangeLog.
That's a very astute observation. These open source folks are feeling a bit emboldened after getting away with misappropriating code belonging to SCO.
There's plenty of hardware out there that still has issues with 2.6 (using IDE HD:s over firewire, to take one example). And for some software, moving to 2.6 is painful - more pain that it is worth in some cases. If you have a machine that does whatever it does perfectly well under 2.4.x, it makes sense to simply upgrade the 2.4 kernel as needed rather than spending the extra time and effort needed to reliably move to 2.6.
Trust the Computer. The Computer is your friend.
The System Admin steps into the room. Gazing over the computing resources massed before him.
He speaks without looking at his second in command, "At my signal, unleash Hell."
Democrats or Republicans. They are both taking us to the same place and they are not afraid of us anymore.
CmdrTaco: You want news? /. editors. You have that luxury. You have the luxury of not knowing what I know: that this 2.4 kernel release, while tragically dull, probably saved lives. And my existence, while grotesque and incomprehensible to you, saves lives...You don't want the stuff that matters.
ScottGant: I think I'm entitled to it.
CmdrTaco: You want news?
ScottGant: I want stuff that matters!
CmdrTaco: You can't handle stuff that matters!
Son, we live in a world that has firewalls. And those firewalls have to be guarded by admins with stable kernels. Who's gonna do it? You? You, ScottGant? I have a greater responsibility than you can possibly fathom. You weep for Stanford and you curse the
We use words like integrity, dupes,stability...we use these words as the backbone to a life spent defending something. You use 'em as a punchline. I have neither the time nor the inclination to explain myself to a man who rises and sleeps under the blanket of the very security I provide, then questions the manner in which I provide it! I'd rather you just said thank you and went on your way. Otherwise, I suggest you pick up a cheap hosting company and run a website. Either way, I don't give a damn what you think you're entitled to!
I really need some sleep.
Have you looked at 2.6-tiny?
http://www.selenic.com/tiny/
"The aim of this tree is to collect patches that reduce kernel disk and memory footprint as well as tools for working on small systems. Target users are things like embedded systems, small or legacy desktop folks, and handhelds."
while it does work in 2.6, if you need some of the esoteric features provided by patch-o-matic, your still stuck on 2.4 (if there is a patch-o-matic for 2.6, someone tell me).
Lawyers, MBA's, RIAA? A jedi fears not these things!
I never realized there /were/ Windows zealots. It's basically just a bunch of people to lazy to migrate to Linux.
GAAH! MY PRINTER IS ON FIRE!!! PUT IT OUT! PUT IT OUT!
I changed it up a bit ... the essence is the same though.
A Few Good Admins
"Admin: You want news?"
"User: I think I'm entitled to it."
"Admin: You want news?"
"User: I want news for nerds. I want stuff that matters!"
"Admin: Son, we live in a world that has firewalls. And those firewalls have to be guarded by admins with stable kernels. Who's gonna do it? You? You, Mr. "MCSE"? I have a greater responsibility than you can possibly fathom. You weep for Microsoft and you curse Open Source. You have that luxury. You have the luxury of not knowing what I know: that this 2.6 kernel release, while tragically dull to you, probably saved lives. And my existence, while grotesque and incomprehensible to you, saves lives...You don't want the stuff that matters.
We use words like redundancy, fault tolerance, high availability, secure shells...we use these words as the backbone to a life spent defending something. You use 'em as a punchline. I have neither the time nor the inclination to explain myself to a man who logons to my Network and surfs the Internet under the blanket of the very security I provide, then questions the manner in which I provide it! I'd rather you just said thank you and went on your way. Otherwise, I suggest you pick up a stack of O'Reilly Books and build your own Network. Either way, I don't give a damn what you think you're entitled to!"
'NFS: Make sure that fsync() flushes all pending file data to disk. The current call to nfs_wb_file() will fail to flush out mmapped() dirty pages.'
I mean what the hell is this bittorrent sucks meme anyway? Have you ever used it?
THIS THING CAN TURN ON A DIME, MACROSSZERO STYLE ALSO FUCK BETA, ~NYORON
What a day! The kernel upgrade released with DSA 479-1 was broken. Ext3 filesystems unmounable as it would appear the kernel module was missing from the initrd file (my guess, but seems logical). Quarter of an hour after I figured out that kernel-image-2.4.18-1-686_2.4.18-13_i386.deb was 1.1MB and obviously wrong I got another email from Martin Schulze announcing DSA 479-2. A quick check indicates it's a more reasonable size at 8.3MB.
:( Their updates go so smoothly normally that it's easy to become complacent and not do things with enough process.
Some egg on Debian's face today
Lessons:
1) Patch a test system first if you have access to one
2) Make sure your boot loader will boot from the old kernel after upgrading
3) Have a boot disk handy
4) Debate whether you can wait a few days before patching or whether the security liability is too high.
>2.6 is alot bigger than 2.4, so if you are running on a slow computer, or perhaps a low-memory computer built into something (fridge or car?) you might want to use 2.4 or maybe 2.2
That's interesting. I suppose for ultra low memory situations, it might be easier to stick with 2.4... I wonder how much different the memory footprint is for an absolutely bare-bones kernel. I suspect the difference would not be large, and may even be negative. If you want to run some applications in addition to the kernel, you probably want to go with 2.6 for its enhanced memory management.
If you're talking raw speed, 2.6 clearly wins, even on slower processors.
Remember, Linux is not like Windows. It usually gets FASTER with each release.
See this bug. I have the same PDC20265 hardware and had constant crashes until I read this bug and downgraded to 2.4.
- JFS: Add lots of missing statics and remove dead code
- JFS: Prevent hang in __lock_metapage
- JFS: Fix race in jfs_sync
Not only are those pesky hippie theives stole our precious JFS, they're also fixing bugs in it. Curse them!"
Consultancy: If you're not part of the solution, there's money to be made in prolonging the problem
Anyone know whether LVM2 got into this kernel?
Stephen
I was playing around with installing different BT clients on two computers, both of which are firewalled by a Linux box running IPCOP (http://ipcop.org). I had set up port forwarding to one of my machines behind the firewall, and tried installing BT on a different machine. When I fired up the new installation, IT ACCEPTED INCOMING CONNECTIONS! Sure, the firewall logs on the original BT machine showed a bunch of rejected packets, but the new machine heard all of them just fine and was accepting incoming connections, even though they were addressed to another IP address on that subnet.
Things that make you go "Hmmm." Sorta like Colossus and Guardian, they really wanted to be connected, didn't they.
Be who you are and say what you feel, because the people who mind don't matter, and the people who matter don't mind.
Bit Torrent is quite reliable, especially right after something new and popular appears. Just make sure that you go to kernel.org and get the MD5 checksum to compare with what your md5sum computation yields.
Be who you are and say what you feel, because the people who mind don't matter, and the people who matter don't mind.
I wouldn't say that 50% are "windows based". I'd say a good portion of the number just believe in using the best tool for the job. I personally have about 5 debian machines, but my desktop and laptop are Windows (w/ vmwared linux machines for when I really need it). So, the computer I post to slashdot on is "windows based", but I have more linux machines. It's simply because I use the best tool for the job, and linux kicks ass for what I use it for, but isn't quite up to snuff on the desktop yet. I'd bet a good portion of the people that post to slashdot and use windows on thier desktop feel the same way.
As to point #2 if you install your kernel correctly in your /boot there is no need to overwrite previous kernels. Simply rename bzImage to something like kernel-2.x.yz and you're set.
/boot. All of them work [if I really wanted to I could boot 2.4.22 and use it just fine].
/lib/modules for all five kernels [it's 35M total btw] but I have some peace of mind that if the latest and greatest kernel is bunk I can revert trivially by rebooting ;-)
in fact I have 2.4.22 upto 2.4.26 in my
Sure I "waste" a bit of space in
Tom
Someday, I'll have a real sig.
The reason for not upgrading is that the newer the kernel, the slower the PC. If it wasn't that 2.4 provides journaling fs, I'd probably still use 2.0.38 these days. Btw, now that 2.6 is out I'm really reconsidering FreeBSD.
View the page source sometime. It'll make you think you travelled back to 1998.
Do you even lift?
These aren't the 'roids you're looking for.
For those who don't like 1000 line changelogs, here are the changes that Marcello specifically mentioned on his -pre and -rc lkml postings:
- Run Your own Linux Server on The Latest and Greatest 2.4 or 2.6 Kernel
Should invading one's peaceful neighbours be opposed, or rewarded with trade deals?
Don't worry. The next Windows kernel version will get press on Slashdot.
:)
Assuming you're still reading Slashdot in 2006/7...
Endless arguments over trivial contradictions in books written by ignorant savages to explain thunder in the dark.
Actually, I was thinking about this today. I work as an admin at a high school, and there's always a few students hovering about the tech crew. I get the vibe that a disproportionately high number of the geeks here are homosexual. Is this something I should know by now or just a fluke?
Does the social stigma of being gay drive otherwise normal people to geekdom? Does geekiness drive the people to alternate sexualities? Or do the two go hand-in-hand?
"Sometimes, I think Trent just needs a cup of hot chocolate and a blankie." -Tori Amos on Nine Inch Nails
If it's got a low amount of ram, having the new io scheduler would be quite nice. If you use a 486 as a mail server as I do, this can result in some benefit.
He who laughs last is stuck in a time dilation bubble.
For me, my mouse wheel doesnt work with 2.6 on my KVM switch. Until I can fix this I'm staying with 2.4
You clearly haven'y spent much time reading the linux kernel mailing list.
Kernel development is actually remarkably unpolitical. That list is dominated by technical discussion not politics. I'm not saying that politics doesn't come up (especailly just after Linus started using bitkeeper :-) but for the most part it's an extreamely technical forum - as it should be.
Linux may not be on the top of the heap, but it's climbing it, not falling back. I'd suggest that that is an indication that the speed of development is just fine.
Welp atleast 2.6 supports a working implementation of root on nfs.
Patched all the Windows machines yesterday, fix Linux machines today. /. all week.
At least my boss can't say I've been reading
What, I thought this was a Linux kernel? Oh wait a second, that wasn't mentioned on the original post at all....
(this comes from 2.6 tree, it must have been backported to 2.4 a little later). Which changes a bit the meaning of the shortened log.
blah
Because the afs support in 2.6 is a joke.
The isofs patch applies properly on 2.6.4. On 2.4.25, it mostly worked, but I had to add the "#include <asm/page.h>" line manually.
.ko) file into the proper place under /lib/modules, then did "rmmod isofs" and "modprobe isofs".
I had isofs compiled as a module, so I just did a "make modules" in the kernel source directory, copied the new isofs.o (or
This took about a minute on each system and didn't result in any downtime. So if you have a kernel source tree lying around with isofs as a module, it's an easy fix. And there's no need for major regression testing since only one module's affected. The R128 patch looks equally trivial, but I don't use that module. I can't find any info (or patch) for the SoundBlaster DoS, but it sounds less serious.
Honestly, I don't grasp who moderates the above as insightful.
The idiotic obsession with releasing half backed stuff in the software industry is understandable (up to a point) for companies that need to make a profit and to pay attention to the proverbial bottom line.
What is not understandable is that a project whose aim is scratching an itch, which aims to provide a tool that otherwise would not be available, would run, lemming like, in the same stupid rat race to release half backed rubish that would frustrate people involved as users and testers.
Fast development leads to more bugs, oh yes, they can be troubleshooted, but that firefighting mentality of people involved in producing software is what gives the profession and the industry a bad reputation and bad name.
I salute the Linux guys that IMNSHO are striking the right balance, in spite of the mounting commercial pressures (heck, if somebody feels Linux is not being developped fast enough they know what they can do. Hint: read the GPL).
Finally, more childish rubish: "And in this game, staying still is the same as going back". Give me a break, what about if moving forward is fallin into a 100m free fall Mr Lemming?
IANAL but write like a drunk one.
Yes you're right. It was more a reminder to be familiar with your lilo.conf (or grub.????) file and be 100% sure that you have a target for the old kernel in there. Some people fiddle with those files. Ours were good and that's what saved us, although on one of the machines the modules wouldn't load... we were lucky that was the simple machine with straight IDE and ext3 (which is of course backward compatible with ext2).
I run a home system and, until now, have always upgraded my kernel from RedHat's up2date. I have heard that Red Hat applied additional patches to the standard kernel. Could upgrading to a standard release cause problems?
That's so "OldSkool" you should be shot for that.
Bot Assisted Blogging
Well, you're using open source aren't you? Fix it yourself. (Sorry, I've had a bad day at the orifice...)
Erm, why? I have a large XFS raid box just moved over to 2.6.4.
13:50:34 up 2 days, 3:30, 2 users, load average: 1.08, 1.02, 1.01
It's OK so far. Admittedly, it's not a 24/7 five nines sort of place. I looove the IPSec stuff in 2.6 though - that makes it worth it just for that. emerge ipsec-tools. Yum.
Get your own free personal location tracker
What's the closest place for me to get my install?
You're trying to upgrade Red Hat, aren't you?
I don't know what kind of crack I was on, but I suspect it was decaf.