Slashdot Mirror

← Back to Stories (view on slashdot.org)

Linux Kernel 2.6.11.9 Released (Security Update)

Posted by timothy on from the small-change dept.

GnuTer writes "Greg KH has just announced the availability of the newest Linux kernel release, 2.6.11.9. This version fixes various local vulnerabilities and exploits. You can get it from the usual mirrors at kernel.org/mirrors."

26 comments

  1. 2.6.11.10 by jtshaw · · Score: 4, Informative

    2.6.11.10 is out as of May 16th....

    1. Re:2.6.11.10 by 2*2*53*4127 · · Score: 0, Offtopic

      ha...regarding your .sig:

      Usually the fast solution is actually a half-fast solution

      its a shame that 60 seconds separated you from a +3 informative (soon to be +5) and a -1, Redundant.

      perhaps you should adopt the "Release early, release often" mantra?

  2. 2.6.11.10 by Merlin42 · · Score: 1, Informative

    actually its 2.6.11.10 that was just released

    --
    Thoughts on tech, Software Engineering, and stuff
  3. #oldnews by irc.goatse.cx+troll · · Score: 3, Informative

    We just got done upgrading our kernel, except we upgraded to 2.6.11.10
    Changelog: http://www.kernel.org/pub/linux/kernel/v2.6/Change Log-2.6.11.10

    --
    Pain lasts, kid. Its how you know you're alive. Sometimes I think this growing up thing is just pain management-TheMaxx
    1. Re:#oldnews by dotgain · · Score: 1

      Thanks for that link. I've always wondered how to find the changelogs...

  4. Lies! by rudy_wayne · · Score: 1, Funny
    "This version fixes various local vulnerabilities and exploits."
    Everyone knows that only Windows has vulnerabilities and exploits.

    1. Re:Lies! by linguae · · Score: 1

      Come on. Even OpenBSD has vulnerabilities every now and then. No current operating system is 100% secure.

    2. Re:Lies! by Anonymous Coward · · Score: 0

      YHBT. YHL. HAND.

    3. Re:Lies! by niteice · · Score: 1
      Even OpenBSD has vulnerabilities every now and then.

      But they've already been fixed for a few months.
      --
      ROMANES EUNT DOMUS
  5. i think you mean... by martinjd · · Score: 2, Interesting

    yeah, i think you mean Linux 2.6.11.10
    from the changelog:
    author Greg KH Mon, 16 May 2005 10:48:16 -0700
    committer Greg KH Mon, 16 May 2005 10:48:16 -0700

    Linux 2.6.11.10

    1. Re:i think you mean... by anpe · · Score: 1

      There has been to security releases in a row actually: 2.6.11.9 and 2.6.11.10

  6. Not too clear on the requirements by Mad+Merlin · · Score: 2, Insightful

    The advisory wasn't entirely clear on who this affected, it's clear that it's an issue with reading or writing a DVD drive (from the /dev/hdc found in the code and the name of the function), but what privledges does the attacker need to use this exploit? Raw read/write to a DVD drive? Raw read only to a DVD drive? Plain read only? Anybody know for sure?

    --
    Game! - Where the stick is mightier than the sword!
    1. Re:Not too clear on the requirements by dpilot · · Score: 1

      I don't know how it interacts with this particular bug, but the same drive can be used to get packet write on a CDRW drive. In other words, turn a CDRW into a 670MB UDF floppy. Don't know if this is regular user or root-only access. But I have my system set so regular users can mount CDRWs in big-floppy mode.

      --
      The living have better things to do than to continue hating the dead.
  7. Re:gregkh the gentoo ricer? by Anonymous Coward · · Score: 0

    I think -froot-loops is actually more of a cereal killer compiler flag, not a ricer one.

  8. Only a typo. by Saiyine · · Score: 4, Insightful

    It's obviusly only a typo, as the urls link to the correct kernel version.

    Real problem are the (paid!) editors that don't even check the submissions... So forget about TFA!

    --
    Hosting 20G hd, 1Tb bw! ssh $7.95
  9. Pathetic linux development .... by bitsformoney · · Score: 3, Funny

    is basically crawling to a halt, given they're now down to increasing the fourth number in the version number .... sheesh ...

    --
    This comment is printed on 100% recycled electrons.
    1. Re:Pathetic linux development .... by Reorax · · Score: 2, Funny

      Yeah, they should increase the third number, so that they get much more work done.

      --
      This sig is only here so people stop skipping the last lines of my posts.
  10. For those on the bleeding edge by jd · · Score: 2, Interesting

    The current bleeding-edge kernel is 2.6.12-rc4-mm2, which now seems to have at least some parts of the kitchen sink included. (I've not used vanilla kernels for a long time - the patchsets are usually much more feature-rich, often just as stable, and have a certain geekiness factor.)

    --
    It's a small world and it smells funny; I'd buy another if it wasn't for the money; Take back what I paid (SoM)
    1. Re:For those on the bleeding edge by Sancho · · Score: 1

      What patches do you recommend, anyway? I've used the Gentoo patchset before, but my machine requires a patch which conflicts with those, so I'm relegated to the vanilla kernel for now.

    2. Re:For those on the bleeding edge by jd · · Score: 1
      Patches tend to be obnoxious in that way. One of these days, I'm going to find the time to start building oversized patchsets again, as it is getting hard to find one patch that includes everything you need.


      For the "latest build" stuff, I definitely suggest using the Andrew Morton patches. If you're more interested in network-intensive stuff, then I'd recommend the QoS patchset for the kernel, as that comes with some more schedulers and a whole load of netfilter stuff.


      For stability with some extra stuff, then the Alan Cox series is a must-have. He's more into stability, these days, than extras, from what I understand, so it's less featureful than the Andrew Morton series, but not everyone wants to go to the limits.


      Patchsets outside of the mainstream are extremely variable and often very specialized. I wouldn't suggest the average user use the GRSecurity patches, for example, although a sysadmin might well want to. If you're running an all-Linux cluster or all-Linux fileserver/client setup, then I'd strongly recommend using Lustre as first-choice, GFS as second-choice.

      --
      It's a small world and it smells funny; I'd buy another if it wasn't for the money; Take back what I paid (SoM)
    3. Re:For those on the bleeding edge by randomblast · · Score: 1

      For a desktop machine, definitely use CKO.

      --
      ...these aren't my real teeth.
  11. paranoia by bzipitidoo · · Score: 2, Insightful
    I downloaded 2.6.11.10 yesterday. When I saw this story, my first instant thought was that I'd been tricked, perhaps by a corrupt DNS cache that pointed me to a bogus www.kernel.org. Maybe I should actually check those digital signatures. Good thing I haven't untarred and compiled 2.6.11.10 yet.

    But now, reading all these posts that point out the story is mistaken, and should say 2.6.11.10, not 2.6.11.9, I feel much better. So, uh, how do you check those signatures?

    --
    Intellectual Property is a monopolistic, selfish, and defective concept. It is "tyranny over the mind of man"
    1. Re:paranoia by thinkliberty · · Score: 2, Informative

      You check it with:

      gpg --verify kernel.sig kernel.tar

      It's all on kernel.org's website:
      http://www.kernel.org/signature.html

  12. The real answer... by jd · · Score: 2
    ...is to add a fifth number, to reflect the number of times that version of the kernel has been downloaded. And maybe a sixth, to reflect the number of patchsets are being actively maintained in parallel with that version.


    Does anyone remember the days that pre-releases had a letter of the alphabet attached, and cycles greater than 26 before the next "real" release were not uncommon? We're only on the tenth post-release and fourth pre-release - these are nothing, compared to past cycles, and really do reflect the impressive maturity of the kernel, for all that it is still growing at incredible speed.

    --
    It's a small world and it smells funny; I'd buy another if it wasn't for the money; Take back what I paid (SoM)