s
severity indicates that this is a sever violation of Debian policy
(violates a "must" or "required" directive), or in the package
maintainer's opinion, makes the package unsuitable for release.
Can you specify what part of debian policy this issue makes this bug
severity "Serious"?
Thanks!
--
micah
Erinn Clark writes:
> I'm just wondering if there are any updates to this bug and in particular I'm
> curious what could happen now that the grsecurity stable patches are only
> available to sponsors. I still think getting grsec into Debian is a very
> important and worthwhile goal, but we should
ld like it if I were prompted for passphrase for this disk, if it
is there, otherwise don't spend 1min30seconds blocking boot for it. I
understand some people might want the long timeout, but it is pretty
frustrating when you do not want it. Perhaps this could be an option
in crypttab?
Jonathan Nieder writes:
> severity 699311 important
> quit
>
> Hi Micah,
>
> micah anderson wrote:
>
>> I had plugged in a USB headset and I used it for various things. At some
>> point
>> I decided to remove it from the computer, so I pulled it out. Imme
Hi Jonathan,
Jonathan Nieder writes:
> severity 699311 important
> quit
>
> Hi Micah,
>
> micah anderson wrote:
>
>> I had plugged in a USB headset and I used it for various things. At some
>> point
>> I decided to remove it from the computer, so I p
please point us more
>precisely to the commits of the new interface that have been
>upstreamed already, and to the ones that have not been, so that we can
>get a rough idea of where things are at.
>
>Kees, others, what do you think?
micah
--
--
To UNSUBSCRIBE, email to d
Package: linux-2.6
Version: 3.2.15-1~bpo60+1
Severity: normal
*** Please type your report below this line ***
We are experiencing periodic lock-ups since upgrading to the latest backport
kernel. Its happened two nights in a row now, and previously happened two days
before. The machine is a relati
coming more obvious that this is not
going to be the case.
micah
--
To UNSUBSCRIBE, email to debian-kernel-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: http://lists.debian.org/87pqdz3la6@algae.riseup.net
want/need.
> Anyway, I'll keep updating the current setup for interested people, but
> without any interest from either party, that definitely looks like a
> dead end.
What is stopping you from creating another package, that provides the
kernel with grsecurity patches applied? Don't bother the kernel team
with it, and just maintain it yourself in the archive? Its free software
afterall.
micah
pgpTuJUbNvqex.pgp
Description: PGP signature
0 in mind.
> btw. regarding CVE-2012-0056 - feel free to upload after the fix hits
> unstable.
I believe that 2.6.39 left unstable some time ago, to be replaced by
3.x, so I'm not sure how that will work exacty?
micah
pgpfOn8kCog8Y.pgp
Description: PGP signature
Package: linux-image-2.6.32-5-686-bigmem
Version: 2.6.32-35
Severity: important
Tags: squeeze
I have two machines that I upgraded to squeeze and migrated their ext3
filesystems to ext4 due to very high i/o and deep directory hierarchy. These two
machines have been crashing regularly since the ext4
do for you?
> (Emulating NX for bad hardware doesn't count these days).
For some SELinux is the right choice, for others grsecurity. Its obvious
which you prefer, but not everyone is the same as you. Yves-Alexis is
interested in doing the work on something that you do not want to do the
work on, that seems like a good thing.
micah
pgpc8N0q6MwIa.pgp
Description: PGP signature
It looks like the solution to this problem was to turn on ACPI in the
BIOS, things boot fine again.
Closing the bug, full details on xen-devel list.
micah
--
pgpvC6yiQl1QI.pgp
Description: PGP signature
tion on the
> list.
Sounds good, thanks for checking in!
micah
pgplfVD9XASIh.pgp
Description: PGP signature
Package: linux-patch-debian-2.6.32
Version: 2.6.32-26
Severity: normal
r...@cassowary:/usr/src/linux-source-2.6.32#
/usr/src/kernel-patches/all/2.6.32/unpatch/debian all
--> 19 fully unapplied.
--> Try to unapply 18.
(+) OK bugfix/all/3c59x-Fix-call-to-mdio_sync-with-the-wron
.26-24lenny1 kernel? We'll see at the next upgrade.
I noticed this too, last DSA went perfectly. Before I would get at least
one guest on each machine that would exhibit this problem, this time I
got none.
However, I *did* get one on my amd64 box. All the others were i386
micah
the following way:
/usr/lib/util-vserver/vserver-wrapper start >/dev/tty8 /dev/tty8 &
Looking at /dev/tty8, i see a segfault in
/usr/lib/util-vserver/vserver.functions line 907. This is using the
lenny version of the user-space utilities (0.30.216~r2772-6), and line
907 is the opening curly
On Sat, 10 Apr 2010 11:13:11 -0400, micah anderson wrote:
> On Sat, 10 Apr 2010 12:17:51 +0100, Ben Hutchings
> wrote:
> > On Fri, 2010-04-09 at 23:38 -0400, micah anderson wrote:
> > > On Sat, 10 Apr 2010 01:48:24 +0100, Ben Hutchings
> > > wrote:
> > &
On Sat, 10 Apr 2010 12:17:51 +0100, Ben Hutchings wrote:
> On Fri, 2010-04-09 at 23:38 -0400, micah anderson wrote:
> > On Sat, 10 Apr 2010 01:48:24 +0100, Ben Hutchings
> > wrote:
> > > On Thu, 2010-04-08 at 12:41 -0400, micah anderson wrote:
> > > >
On Sat, 10 Apr 2010 01:48:24 +0100, Ben Hutchings wrote:
> On Thu, 2010-04-08 at 12:41 -0400, micah anderson wrote:
> > On 2010-04-08, micah anderson wrote:
> > > On Wed, 2010-04-07 at 11:52 -0400, Micah Anderson wrote:
> > > > Package: linux-image-2.6.32-2-amd64
>
On 2010-04-08, micah anderson wrote:
> On Wed, 2010-04-07 at 11:52 -0400, Micah Anderson wrote:
> > Package: linux-image-2.6.32-2-amd64
> > Version: 2.6.32-8~bpo50+1
> > Severity: important
> >
> > I'm running a tor exit node on a kvm instance, it runs for a
Package: linux-image-2.6.32-2-amd64
Version: 2.6.32-8~bpo50+1
Severity: important
I'm running a tor exit node on a kvm instance, it runs for a little
while (between an hour and 3 days), doing 30-40mbit/sec and then
suddenly 'swapper: page allocation failure' happens, and the entire
networking stac
1
murrelet 2 0 0 -b- 472237.8 2
test 3 0 0 r-- 342182.3 3
And voila, no more crashes... :P
micah
--
To UNSUBSCRIBE, email to debian-kernel-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: http://lists.debian.org/87bpe152h3@algae.riseup.net
[136556.763720] iret exception: [#1] SMP
[136556.763803] Modules linked in: xt_tcpudp xt_physdev iptable_filter
ip_tables x_tables tun netloop bridge ipv6 loop serio_raw psmouse container
pcspkr button i2c_i801 intel_rng i2c_core rng_core shpchp e7xxx_edac
pci_hotplug edac_core joydev evdev e
Excerpts from micah anderson's message of Tue Nov 24 20:20:51 -0500 2009:
> Excerpts from Ben Hutchings's message of Tue Nov 24 18:51:45 -0500 2009:
> > On Tue, 2009-11-24 at 18:17 -0500, micah anderson wrote:
> > > I keep getting them, so I'll keep sending them:
Excerpts from Ben Hutchings's message of Tue Nov 24 18:51:45 -0500 2009:
> On Tue, 2009-11-24 at 18:17 -0500, micah anderson wrote:
> > I keep getting them, so I'll keep sending them:
>
> Which kernel version are you using? Version 2.6.26-20 in
> stable-proposed-
I keep getting them, so I'll keep sending them:
[366904.120247] iret exception: [#1] SMP
[366904.120332] Modules linked in: xt_tcpudp xt_physdev iptable_filter
ip_tables x_tables tun netloop bridge ipv6 loop serio_raw i2c_i801 psmouse
intel_rng rng_core i2c_core pcspkr container button sh
Hi,
Yesterday we completely swapped the entire machine, where this was
happening, with another identical machine. We just took the disks out of
the one that had been crashing and put them into this other machine.
Today, on the new hardware, it crashed again:
[64631.057499] iret exception:
: 'noreboot' set - not rebooting.
micah
--
To UNSUBSCRIBE, email to debian-kernel-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Can I provide more information, or is there anything else I can do to
help fix this?
(XEN) domain_crash_sync called from entry.S (ff188600)
(XEN) Domain 0 (vcpu#0) crashed on cpu#0:
(XEN) [ Xen-3.2-1 x86_32p debug=n Not tainted ]
(XEN) CPU:0
(XEN) EIP:0061:[]
(XEN) EFLAGS:
And another crash today, slightly different:
(XEN) domain_crash_sync called from entry.S (ff188600)
(XEN) Domain 0 (vcpu#1) crashed on cpu#1:
(XEN) [ Xen-3.2-1 x86_32p debug=n Not tainted ]
(XEN) CPU:1
(XEN) EIP:0061:[]
(XEN) EFLAGS: 0246 CONTEXT: guest
(XEN) eax: 000
/include/linux/list.h:45
c0104267
/root/kernel/linux-2.6-2.6.26/debian/build/build_i386_xen_686/arch/x86/kernel/entry_32-xen.S:1259
c01011a7
/root/kernel/linux-2.6-2.6.26/debian/build/build_i386_xen_686/arch/x86/kernel/head_32-xen.S:72
micah
signature.asc
Description: Digital signature
) - `linux-sendpage.c' saved [9380/9380]
mi...@tern:~$ gcc linux-sendpage.c -o exploit
mi...@tern:~$ ./exploit
sh-3.2$ id
uid=1001(micah) gid=1007(micah)
groups=4(adm),20(dialout),33(www-data),100(users),1007(micah)
micah
signature.asc
Description: Digital signature
Micah Anderson writes:
> I wanted to start a discussion about the plans for the stable kernel
> in the next point release, specifically where it relates to the
> Linux-Vserver patch-set.
*taps microphone*
So... one month went by since I sent this message, the new stable
release of L
resolve these problems? With a diff against
mainline, this could be sorted out, but I don't know if such work would
be used?
Thanks,
micah
--
To UNSUBSCRIBE, email to debian-kernel-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
I experienced this problem on a machine with 12gigs of memory when I
added a failed disk back into a mdadm array, output included below. The
machine basically was totally frozen for 10 minutes or so until the raid
array finished its sync, and then everything returned to normal. Pretty
ugly, would
ing a
release exception to sync these up:
* Micah Anderson <[EMAIL PROTECTED]> [2008-08-21 15:31-0400]:
> * dann frazier <[EMAIL PROTECTED]> [2008-08-21 10:51-0400]:
> > On Thu, Aug 21, 2008 at 01:43:44PM -0400, Micah Anderson wrote:
> > > * dann frazier <[EM
* dann frazier <[EMAIL PROTECTED]> [2008-08-21 10:51-0400]:
> On Thu, Aug 21, 2008 at 01:43:44PM -0400, Micah Anderson wrote:
> > * dann frazier <[EMAIL PROTECTED]> [2008-08-20 17:59-0400]:
> > This is a user-space issue, not a kernel issue. Using an older version
>
tall, so its not an ia64-specific issue.
>
This is a user-space issue, not a kernel issue. Using an older version
of the user-space utilities work, and the kernel tests pass. I am
working with upstream to determine the fix for this.
Micah
signature.asc
Description: Digital signature
and did not see
it here on the list).
Can you please provide a reference for those? I'd like to test.
Thanks for your hard work, its appreciated,
micah
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
* Micah Anderson <[EMAIL PROTECTED]> [2008-08-13 16:26-0400]:
>
> There is a working patch available as of yesterday for 2.6.25 and
> 2.6.25.2 which fixes both ext4 and xfs. It has had the 'dontuse' flag
> removed and is considered pre5.
Err, my mistake, I meant
There is a working patch available as of yesterday for 2.6.25 and
2.6.25.2 which fixes both ext4 and xfs. It has had the 'dontuse' flag
removed and is considered pre5.
micah
signature.asc
Description: Digital signature
rday for 2.6.25 and
2.6.25.2 which fixes both ext4 and xfs. It has had the 'dontuse' flag
removed and is considered pre5.
micah
pgp6CQAgs5EhJ.pgp
Description: PGP signature
http://www.uwsg.indiana.edu/hypermail/linux/kernel/0704.2/0549.html
Follows a trivial patch to check for RLIMIT_CPU to 0 in the right place.
diff -urN linux-2.6.20.3.orig/kernel/sys.c linux-2.6.20.3/kernel/sys.c
--- linux-2.6.20.3.orig/kernel/sys.c 2007-03-13 20:27:08.0 +0200
+++ linux-2.6
Package: kernel
This is in 2.6.20-3 and (Ubuntu) 2.6.20-15.
Full details may be found on the zsh-workers thread, here:
http://www.zsh.org/mla/workers/2007/msg00200.html
A bug for Ubuntu on launchpad is at
https://bugs.launchpad.net/ubuntu/+source/linux-source-2.6.20/+bug/107209
The following be
the attached patch does.
Note: this issue appears in the upstream kernel as well, and I believe
it should be fixed there as well. I hope that coming from the debian
kernel people it will be received.
Micah
-- System Information:
Debian Release: testing/unstable
APT prefers unstable
APT policy
o their sources.list to be able to find these
patched kernels. However, I'm wary of uploading patched kernels to the
main archive for all the different flavors as this would quickly
result in a looong list of available kernels, which can cause
confusion.
Micah
signature.asc
Description: Digital signature
separate repository for
these patched kernel images, so you would have to make a conscious
decision to use this repository and thus would know what you are getting
into.
Micah
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.2 (GNU/Linux)
iD8DBQFDlIz29n4qXRzy1ioRApuxAJ0U0KqpCwV/OIbJl13
in the
last 60 seconds, but (seemingly) randomly I will get DROPped on the
first connection.
Micah
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.2 (GNU/Linux)
iD8DBQFDigIG9n4qXRzy1ioRAgDaAJ9g3uzHBKkSewx2CL0YkRs0ksFFoACgqR5D
rRv5+cm8MbV9KH95NsY6Y2I=
=3jfv
-END PGP SIGNATURE-
--
To UNS
le.
I had this same problem and solved it by changing my symlink for
/usr/bin/gcc to point to gcc-3.3 instead of 4.0 for the duration of the
2.4 compile. Clearly this isn't the best solution, but its a work-around.
micah
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.1 (GNU/Linux)
iD8DBQFD
ng trouble locating CAN numbers for these, does anyone know if
there are any?
Micah
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.1 (GNU/Linux)
iD8DBQFDTq6S9n4qXRzy1ioRAoAlAJwP1BtssoeBJpetz8I8G8Cp9YK0bACgjtUC
rGY7v8XpF8nlCGgQX3p8zr4=
=K3Iq
-END PGP SIGNATURE-
--
To UNSUBSCRIBE, email
o you wanna use a file
> there to coordinate?
I've got a file in people/micah/pending_CVE_requests where I've put all
these and will be crafting the descriptions and the URIs, feel free to
add to it.
>>>>arch-ia64-ptrace-getregs-putregs.dpatch
>>
>>Need descri
Hey,
Horms wrote:
> On Fri, Oct 07, 2005 at 12:21:38AM -0600, dann frazier wrote:
>
>>In order to hopefully help kickstart the security update process, I've
>>drafted some DSA text for our sarge/2.6.8 kernels (attached). Thanks to
>>Micah, we have CAN IDs assigned f
.
Micah
Moritz Muehlenhoff wrote:
> Hi, as usual; to minimize the overhead I'm sending these again by
> email and not through the BTS.
>
> CAN-2005-3110: DoS on SMP, potentially 2.4 and 2.6
> http://sourceforge.net/mailarchive/forum.php?thread_id=6800453&forum_id=8572
&g
Horms schrieb am Friday, den 09. September 2005:
> On Thu, Sep 08, 2005 at 09:17:25PM -0500, Micah Anderson wrote:
> > Hi,
> >
> > I think it would be a good idea to get a DTSA (Debian Testing Security
> > Advisory) issued for 2.4.27 and 2.6.8.
>
> That seem
Moritz Muehlenhoff schrieb am Friday, den 09. September 2005:
> Micah Anderson wrote:
> > Neither of these advisories is a typical DTSA, as we normally we only do
> > advisories for things that are blocked from reaching testing by some other
> > issue, but I think that i
2.6.8 DTSA can be released. The DTSA would just list the normal
testing repositories for the upgrade (rather than the secure-testing
repositories).
Micah
1. CAN-2005-2458, CAN-2005-2459, CAN-2005-1767, CAN-2005-2456,
CAN-2005-1768, CAN-2005-0756 CAN-2005-0757, CAN-2005-1762, CAN-2005-1768
2. 184
;h=9fb1759a3102c26cd8f64254a7c3e532782c2bb8
Micah
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.1 (GNU/Linux)
iD8DBQFDD61v9n4qXRzy1ioRAvumAJ9k/0+/k9an4RrMyet7PtSovjM85gCdH/jq
R3nomBvjsb+HK4zCeZKHbu4=
=zlkD
-END PGP SIGNATURE-
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a
; Man, thats too many branches to be adding stuff to.
> Need to do something about that.
No kidding!
Is it me just paying more attention to kernel security things, or are
there just a significant number of kernel security holes now days?
mi
git;a=commit;h=6fc0b4a7a73a81e74d0004732df358f4f9975be2
3.http://www.kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commitdiff;h=6fc0b4a7a73a81e74d0004732df358f4f9975
4.http://linux.bkbits.net:8080/linux-2.6/[EMAIL PROTECTED]
Micah
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.1 (GNU/
in the pending Changelog for 2.4.27 and did not see this CAN
number listed. Please be sure to reference this CAN number in the
changelog when fixed, as you always do.
Additional reference:
http://marc.theaimsgroup.com/?l=bugtraq&m=112110120216116&w=2
Micah
-- System Information:
Debian
to be very simple.
The following is the simple patch to ext2 to fix this:
http://lkml.org/lkml/diff/2005/1/27/68/1
The following is the simple patch to ext3 to fix this:
http://lkml.org/lkml/diff/2005/1/26/174/2
Micah
-- System Information:
Debian Release: 3.1
APT prefers unstable
APT po
an kernel configurations do not have this combination of
configs set for the kernel-images, so this is not incredibly critical,
but someone building their own kernel could set this configuration and
run into this problem.
micah
-- System Information:
Debian Release: 3.1
APT prefers unstable
APT pol
structure to be
allocated twice.
Further details:
Please reference Ubuntu Security Notice USN-95-1 located here:
http://marc.theaimsgroup.com/?l=bugtraq&m=111091402626556&w=2
Thanks,
Micah
-- System Information:
Debian Release: 3.1
APT prefers unstable
APT policy: (300, &
ut
the first is also needed.
Micah
-- System Information:
Debian Release: 3.1
APT prefers unstable
APT policy: (300, 'unstable')
Architecture: i386 (i686)
Kernel: Linux 2.6.10-1-k7
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Versions of packages kernel-so
uot; -- according to Suse, this is
misleading and incorrect (and is not included in the patches above).
Micah
-- System Information:
Debian Release: 3.1
APT prefers unstable
APT policy: (300, 'unstable')
Architecture: i386 (i686)
Kernel: Linux 2.6.10-1-k7
Locale: LANG=en_US.UTF-8, LC_CT
s the thread for reference:
http://groups-beta.google.com/group/linux.kernel/browse_thread/thread/1fd2bd7a57fac50c/197ace52b8cf3b8b
Thanks,
micah
On Thu, 24 Feb 2005, Horms wrote:
> On Thu, Feb 24, 2005 at 12:43:14AM -0600, Micah Anderson wrote:
> > I looked over the 2.6.10 changelogs and d
susceptible, but instead hope you can determine this.
Micah
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
is
patch would not apply cleanly to that tree, but looks relatively
trivial to modify appropriately.
Please include this CAN number in changelog entries about this problem.
Thanks,
Micah
-- System Information:
Debian Release: 3.1
APT prefers testing
APT policy: (990, 'testing
69 matches
Mail list logo
