Home » Forums » Linux » Linux kernel

Linux: 2.4.30-rc2, Numerous Security Fixes

Submitted by Jeremy
on March 26, 2005 - 10:23am

Marcelo Tosatti [interview] released the 2.4.30-rc2 release candidate kernel saying, "it contains a bunch of security updates (ext2 mkdir leak, af_bluetooth range checking, isofs corrupt media, load_elf_library DoS), an ia64 update, another round of networking fixes, amongst others." The earlier 2.4.30-rc1 also included a security fix for a potential ppp Denial of Service (CAN-2005-0384).

Marcelo went on to add, "if nothing terrible shows up, this will become v2.4.30." The latest 2.4 kernel is available from your nearest kernel.org mirror. Read on for the changelog since 2.4.30-rc1. Find the full changelog since 2.4.29 here.

From: Marcelo Tosatti
To:  linux-kernel
Subject: Linux 2.4.30-rc2
Date: 	Fri, 25 Mar 2005 21:46:31 -0300

Hi,

Here goes the second release candidate for v2.4.30.

It contains a bunch of security updates (ext2 mkdir leak, af_bluetooth range
checking, isofs corrupt media, load_elf_library DoS), an ia64 update, another 
round of networking fixes, amongst others.

If nothing terrible shows up, this will become v2.4.30.

Please help with testing!

Summary of changes from v2.4.30-rc1 to v2.4.30-rc2
============================================

<davem:sunset.davemloft.net>:
  o [TG3]: Add missing CHIPREV_5750_{A,B}X defines
  o [TG3]: Missing counter bump in tigon3_4gb_hwbug_workaround()
  o [TG3]: Update driver version and reldate

<magnus.damm:gmail.com>:
  o eepro100: fix module parameter description typo

<mlafon:arkoon.net>:
  o CAN-2005-0400: ext2 mkdir() directory entry random kernel memory leak

<relf:os2.ru>:
  o fs/hpfs/*: fix HPFS support under 64-bit kernel

<sj-netfilter:cookinglinux.org>:
  o [NETFILTER]: Fix another DECLARE_MUTEX in header file

Bjorn Helgaas:
  o ia64: force all kernel sections into one and the same segment
  o ia64: round iommu allocations to power-of-two sizes
  o ia64: fix perfmon typo in /proc/pal/CPU*/processor_info w.r.t. BERR
  o ia64: add missing syscall-slot
  o ia64: Update defconfigs

Chris Wright:
  o isofs: Some more defensive checks to keep corrupt isofs images from corrupting memory/oopsing

Dave Kleikamp:
  o JFS: remove aops from directory inodes

David Mosberger:
  o Fix pte_modify() bug which allowed mprotect() to change too many bits
  o ia64: Fix _PAGE_CHG_MASK so PROT_NONE works again.  Caught by Linus

Greg Banks:
  o link_path_walk refcount problem allows umount of active filesystem

Herbert Xu:
  o [CRYPTO]: Mark myself as co-maintainer
  o [NETLINK]: Fix multicast bind/autobind race
  o CAN-2005-0794: Potential DOS in load_elf_library

Keith Owens:
  o [IA64] Sanity check unw_unwind_to_user
  o [IA64] Tighten up unw_unwind_to_user check

Linus Torvalds:
  o isofs: Handle corupted rock-ridge info slightly better
  o isofs: more "corrupted iso image" error cases

Marcel Holtmann:
  o CAN-2005-0750: Fix af_bluetooth range checking bug, discovered by Ilja van Sprundel [email blocked]

Marcelo Tosatti:
  o Change VERSION to 2.4.30-rc2

Michael Chan:
  o [TG3]: Add 5705_plus flag
  o [TG3]: Flush status block in tg3_interrupt()
  o [TG3]: Add unstable PLL workaround for 5750
  o [TG3]: Fix jumbo frames phy settings
  o [TG3]: Fix ethtool set functions
  o [TG3]: Add Broadcom copyright

Neil Brown:
  o nlm: fix f_count leak
  o [PATCH md: allow degraded raid1 array to resync after an unclean shutdown

Pablo Neira:
  o [NETFILTER]: Fix DECLARE_MUTEX in header file

Patrick McHardy:
  o [NETFILTER]: fix return values of ipt_recent checkentry
  o [NETFILTER]: Fix ip_ct_selective_cleanup(), and rename ip_ct_iterate_cleanup()
  o [NETFILTER]: Fix cleanup in ipt_recent
  o [NETFILTER]: Fix ip6tables ESP matching with "-p all"
  o [NETFILTER]: Fix refreshing of overlapping expectations
  o [NETFILTER]: Fix IP/TCP option logging
  o [TUN]: Fix check for underflow

Pete Zaitcev:
  o USB: fix oops in serial_write
  o USB: Fix baud selection in mct_u232

Simon Horman:
  o [IPVS]: Fix comment typos
  o Backport v2.6 ATM copy-to-user signedness fix
  o earlyquirk.o is needed for CONFIG_ACPI_BOOT

Stephen Hemminger:
  o [TCP]: BIC not binary searching correctly

Wensong Zhang:
  o [IPVS]: Update mark->cw in the WRR scheduler while service is updated

Yanmin Zhang:
  o [IA64] clean up ptrace corner cases
Related Links:
‹ Help! Need libata (sata_sx4) support swapper: page allocation ›

good to see the news flowing

Anonymous (not verified)
on
March 26, 2005 - 5:00pm

good to see the news flowing again, jeremy.

btw -rc3 is out, too :D

Anonymous (not verified)
on
March 27, 2005 - 7:17am

btw -rc3 is out, too :D

so is 2.6.11.6

Anonymous (not verified)
on
March 27, 2005 - 3:37pm

so is 2.6.11.6

2.6.12-rc1 is out too!

Anonymous (not verified)
on
March 28, 2005 - 12:50am

Since we are on the same page.

BTW, this the -rc2 to -rc3's

Lucio (not verified)
on
March 28, 2005 - 8:43am

BTW, this the -rc2 to -rc3's changelog..;

btw -rc4 is out, too :D

Anonymous (not verified)
on
March 30, 2005 - 6:11pm

btw -rc4 is out, too :D

Comment viewing options

Select your preferred way to display the comments and click "Save settings" to activate your changes.