Danube Technologies has announced a strategic partnership with KernelTrap. From the announcement:

"August 2003--Danube Technologies, Inc (DTI) and world renowned UNIX Kernel forum, http://www.kerneltrap.org (KT) negotiate strategic partnership.

2.4 kernel maintainer Marcelo Tosatti has released 2.4.22-rc1. He says:

"Here goes the first release candidate of 2.4.22. Please test it extensively. Detailed changelog below."

An off-by-one error exists in the C library function realpath(3). This is the same bug that was recently found in the wu-ftpd ftpd server by Janusz Niewiadomski and Janusz Niewiadomski.

The OpenBSD ftp daemon does not use realpath(3) in a way that could be exploited, however a number of other system binaries also use the function. It is not currently known whether or not this bug results in an exploitable security hole on OpenBSD. Since the bug led to an exploitable hole in wu-ftpd, it is entirely possible that some program using realpath(3) under OpenBSD may be vulnerable to attack. For OpenBSD 3.3 and higher, the ProPolice stack protector should provide some protection from this bug, but this cannot be guaranteed.

The realpath(3) function is used to determine the canonical, absolute pathname from a given pathname which may contain extra ``/'' characters, references to ``/./'' or ``/../'', or references to symbolic links. The realpath(3) function is part of the FreeBSD Standard C Library.

An off-by-one error exists in a portion of realpath(3) that computes the length of the resolved pathname. As a result, if the resolved path name is exactly 1024 characters long and contains at least two directory separators, the buffer passed to realpath(3) will be overwritten by a single NUL byte.

David Mosberger reported in a lkml mesage Linus's current bk tree (http://linux.bkbits.net:8080/linux-2.5) builds and works out of the box for ia64! He adds:

"For maximum performance/stability, I'd still recommend to use the ia64-specific patches, but for someone who needs to build bleeding edge kernels for multiple architectures, being able to use Linus' tree should make it a lot easier to include ia64 in their regular testing."

In the library function realpath(3), there was a string manipulation mistake which could lead to 1-byte buffer overrun. realpath(3) is being used by important network daemons such as ftpd(8), therefore the vulnerability could be remotely exploitable.

Note: The same error remained in a derived function in the distribution of the wu-ftpd server (Not part of NetBSD's base system). This information has been available to the general public for a matter of days now. Exploits have been released against wu-ftpd. They are probably being written against other affected services as well. If you offer any of the affected services, you are advised to patch your system immediately.

It is possible to crash an OSI connected system remotely by sending it a carefully prepared OSI networking packet.

The OSI networking kernel (sys/netiso) contains a function that sends error indications to the sender of an OSI packet in certain error conditions. This function prepares its own packet header mbuf, but was never converted to use a "PKTHDR" mbuf as has been required by the BSD networking stack for a long time.

Networking drivers sending a packet prepared in this way will either panic complaining about this condition (if the kernel was compiled with "options DEBUG") or crash in erratic ways (if they try to use the invalid information in a header mbuf not containing the pkthdr fields).

Linus has released a couple of 2.6.0-test kernels now... How many KernelTrap readers are actually using it? How stable has it been for you?

(BTW: The brief README-2.6 file is somewhat humorous...)

Drupal creator Dries Buytaert announced, "Exactly six months after the Drupal 4.1.0 release we are happy to announce the availability of Drupal 4.2.0."

According to the release announcement, highlights of this release include clean URLs, support for extending Drupal with WYSIWYG editors, context sensitive help, support for MSSQL, enhanced searching, and finer grained permissions. For complete details of recent changes, refer to the changelog.

KernelTrap has been upgraded to this latest release.

I'm in the process of upgrading the site from Drupal 4.0 to the recently released Drupal 4.2. You can expect many changes over the next few days, as I continue to tweak configurations and install new modules.