netfilter nat bug; suse 8.0 kernel affected?
Hi, just found http://www.netfilter.org/security/2002-04-02-icmp-dnat.html Do I need to worry? Running 2.4.18 suse stock kernel on a 8.0 pro. bye, MH -- Die unaufgeforderte Zusendung einer Werbemail an Privatleute verstößt gegen §1 UWG und §823 I BGB (Beschluß des LG Berlin vom 2.8.1998 Az: 16 O 201/98). Jede kommerzielle Nutzung der übermittelten persönlichen Daten sowie deren Weitergabe an Dritte ist ausdrücklich untersagt!
Hi,
just found http://www.netfilter.org/security/2002-04-02-icmp-dnat.html Do I need to worry? Running 2.4.18 suse stock kernel on a 8.0 pro.
Yes. Expect a kernel update shortly: 2.4.19. Roman.
Yes. Expect a kernel update shortly: 2.4.19.
Politely asked: How short is shortly ?
We fix remaining bugs. There are some that we don't want people to experience, such as IDE hangs and other crash possibilities. What you will see in the update announcement will be the best we have. I see that these updates have been pending for some months now. None of the bugs were so critical that one of them would have justified a kernel update on its own. The sum of the bugs does, however. Which is why we go for it.
Regards Dan
Regards, Roman.
Roman Drahtmueller sagte:
We fix remaining bugs. There are some that we don't want people to experience, such as IDE hangs
IDE hangs?!?!? maybe THAT is what kills my SuSE 8.0 all the time? Got a promise controller and a samsung 80Gig disk in my firewall/server. whenever my main box is in linux, suddenly everything stops. And I _DO_ mean everything; both machines freeze in the very same moment. As long as my main box is on windows everything's fine. By now I think I traced it down to that ist started to happen shortly after I applied the glibc patch available in YOU... I'll reverse that one tonite and have another go at it. bye, [MH]
We fix remaining bugs. There are some that we don't want people to experience, such as IDE hangs
IDE hangs?!?!?
maybe THAT is what kills my SuSE 8.0 all the time?
Got a promise controller and a samsung 80Gig disk in my firewall/server. whenever my main box is in linux, suddenly everything stops. And I _DO_ mean everything; both machines freeze in the very same moment. As long as my main box is on windows everything's fine.
By now I think I traced it down to that ist started to happen shortly after I applied the glibc patch available in YOU...
I'll reverse that one tonite and have another go at it.
The glibc update has nothing to do with it, if the whole machine hangs, then it must be a kernel problem. Please try Hubert's kernel RPMs from ftp://ftp.leo.org/pub/people/mantel/next/RPM/ and see if it vanishes. Do not forget mk_initrd and lilo. It looks like we will publish a preliminary kernel set for testing tomorrow or on Monday.
bye, [MH]
Thanks, Roman. -- - - | Roman Drahtmüller <draht@suse.de> // "You don't need eyes to see, | SuSE Linux AG - Security Phone: // you need vision!" | Nürnberg, Germany +49-911-740530 // Maxi Jazz, Faithless | - -
Roman Drahtmueller sagte:
We fix remaining bugs. There are some that we don't want people to experience, such as IDE hangs
IDE hangs?!?!?
maybe THAT is what kills my SuSE 8.0 all the time?
Got a promise controller and a samsung 80Gig disk in my firewall/server. whenever my main box is in linux, suddenly everything stops. And I _DO_ mean everything; both machines freeze in the very same moment. As long as my main box is on windows everything's fine.
By now I think I traced it down to that ist started to happen shortly after I applied the glibc patch available in YOU...
I'll reverse that one tonite and have another go at it.
The glibc update has nothing to do with it, if the whole machine hangs, then it must be a kernel problem.
strange facts though: 1. the box has been running the same kernel version on that hardware for several months by now, without any problems. 2. it started shortly after I applied the glibc patch. 3. it started to happen more frequent when I applied the same patch on my main workstation as well. 4. there's nothing in all the logfiles that shows any hardware related error message, or kernel message. 5. as long as the box is 'alone' nfs-wise I can throw load at it as I want... stable as rock. As soon as I login on my other box where the account is a NIS account with a home directory served by NFS from the box in question, it gets risky. If my main box is on windoze, the server is good for another week of uptime, no matter which load. 6. doesn't matter wether I run the kernel nfs server or the userspace nfs server.
Please try Hubert's kernel RPMs from ftp://ftp.leo.org/pub/people/mantel/next/RPM/ and see if it vanishes. Do not forget mk_initrd and lilo.
sure will do; anything to get rid of those hangs bye, [MH]
Please try Hubert's kernel RPMs from ftp://ftp.leo.org/pub/people/mantel/next/RPM/ and see if it vanishes. Do not forget mk_initrd and lilo.
sure will do; anything to get rid of those hangs
kernel upgrade did not change anything at all... and I disabled the nvidia tweaks I ave on the client, just to be sure... As soon as I start xchat on the client, both nfsclient and nfsserver go to nirvana. next test: does it happen under KDE, or under any WM... bye, MH
On Mit, 30 Okt 2002, Roman Drahtmueller wrote:
It looks like we will publish a preliminary kernel set for testing tomorrow or on Monday.
One more question to me: How fast (or however) will the SuSE-Patches gets into the vanilla-kernel from Linus Torwalds ? Greetings, -- Jörg Henner Fon: +49 (7 11) 48 90 83 - 0 ETES - EDV-Systemhaus GbR Fax: +49 (7 11) 48 90 83 - 50 Libanonstrasse 58 A * D-70184 Stuttgart Web: http://www.etes.de ______________________________________ Inflex - eMail Scanning and Protection Queries to: postmaster@etes.de
It looks like we will publish a preliminary kernel set for testing tomorrow or on Monday.
One more question to me:
How fast (or however) will the SuSE-Patches gets into the vanilla-kernel from Linus Torwalds ?
2.4 is maintained by Marcelo Tosatti, not Linus. We can't tell how long this takes in a general fashion, because some features that the SuSE kernel has will never show up in the upstream (licensing comes into play...). Also, I can think of changes that are not wanted in the mainstream kernel because they change the behaviour too much. Example: The discussion about the vm subsystem in 2.4.14 (or a similar timeframe) when the entire VM was exchanged, basically from SuSE sources. We have had that for some weeks, and after it has proven to be stable not only for SuSE products, but also for the rest of the world, it was accepted. Roman.
On Wednesday 30 October 2002 09:30, Roman Drahtmueller wrote:
The glibc update has nothing to do with it, if the whole machine hangs, then it must be a kernel problem.
Please try Hubert's kernel RPMs from ftp://ftp.leo.org/pub/people/mantel/next/RPM/ and see if it vanishes. Do not forget mk_initrd and lilo.
It looks like we will publish a preliminary kernel set for testing tomorrow or on Monday.
Are you guys going to be releasng this updated kernel for SLES, too? Donavan Pantke
The glibc update has nothing to do with it, if the whole machine hangs, then it must be a kernel problem.
Please try Hubert's kernel RPMs from ftp://ftp.leo.org/pub/people/mantel/next/RPM/ and see if it vanishes. Do not forget mk_initrd and lilo.
It looks like we will publish a preliminary kernel set for testing tomorrow or on Monday.
Are you guys going to be releasng this updated kernel for SLES, too?
Of course! Last status says that it will be a kernel with specifically fixed problems, based on 2.4.18.
Donavan Pantke
Thanks, Roman. -- - - | Roman Drahtmüller <draht@suse.de> // "You don't need eyes to see, | SuSE Linux AG - Security Phone: // you need vision!" | Nürnberg, Germany +49-911-740530 // Maxi Jazz, Faithless | - -
One from http://slashdot.org/articles/02/10/30/1225251.shtml?tid=143: [snip] "SuSE Linux is developing a desktop Linux distribution that will allow Windows users to continue using (some of) their Windows applications, including Microsoft Office. The SuSE Linux Office Desktop will be available for $129 in January, and will include Acronis OS Selector for disk partitioning during installation and Codeweavers CrossOver Office for Windows API emulation." [snip] and two from http://www.wired.com/news/linux/0,1411,55989,00.html [snip] An attack on the software license behind the Linux operating system has stirred up a free software controversy in Washington. [snip] What's next? SuSEXP? Sorry, for this posting but I'm getting scared... -- .-. e-SecureNet /v\ We Run SuSE Project Manager // \\ *The LINUX Experts* c/o Miguel Albuquerque /( )\ Av. Miremont 46 ^^-^^ 1202 - GE, SWITZERLAND
Why is it such a surprise that the US govt is against open source licensing? After all, MS "funds" (ermm.. sorry.. donates to) a lot of their election campaigns. If they truly were donating because of political preference they wouldn't be spreading the wealth it to both sides of the fence now would they? On Wednesday 30 October 2002 14:03, Miguel Albuquerque wrote:
One from http://slashdot.org/articles/02/10/30/1225251.shtml?tid=143: [snip] "SuSE Linux is developing a desktop Linux distribution that will allow Windows users to continue using (some of) their Windows applications, including Microsoft Office. The SuSE Linux Office Desktop will be available for $129 in January, and will include Acronis OS Selector for disk partitioning during installation and Codeweavers CrossOver Office for Windows API emulation." [snip] and two from http://www.wired.com/news/linux/0,1411,55989,00.html [snip] An attack on the software license behind the Linux operating system has stirred up a free software controversy in Washington. [snip]
What's next? SuSEXP? Sorry, for this posting but I'm getting scared...
-- "They that give up essential liberty to obtain a little temporary safety... deserve neither safety nor liberty." - Benjamin Franklin(1759)
On Wed, Oct 30, 2002 at 08:29:50AM +0000, Marcel Erkens wrote:
Why is it such a surprise that the US govt is against open source licensing?
It's not the US Govt that's against Open Source. In a way, the US govt hasn't made up its mind yet about open source. But selling to the federal government of the United States is a huge market, and the prospect of Linux making inroads into that market has certain people very worried. That is the point of the whole "controversy". Back to our regularly scheduled security holes... Olaf -- Olaf Kirch | Anyone who has had to work with X.509 has probably okir@suse.de | experienced what can best be described as ---------------+ ISO water torture. -- Peter Gutmann
On Wednesday 30 October 2002 09:29, Marcel Erkens wrote:
Why is it such a surprise that the US govt is against open source licensing?
http://www.usatoday.com/life/cyber/tech/2002/05/30/linux-government.htm: A study completed for the Pentagon by the Mitre Corp. last week identified 249 U.S. government uses of open-source computer systems and tools, with Linux running on several Air Force computers, along with systems run by the Marine Corps, the Naval Research Laboratory and others. The report recommended further use of open-source computing systems, on the grounds that they were less vulnerable to cyberattacks and far cheaper.
After all, MS "funds" (ermm.. sorry.. donates to) a lot of their election campaigns. If they truly were donating because of political preference they wouldn't be spreading the wealth it to both sides of the fence now would they?
Might be it's hard to win a war with Windows? Oh, I'm getting cynical? Don't mind. Vinzent. -- A lot of people I know believe in positive thinking, and so do I. I believe everything positively stinks. -- Lew Col
One from http://slashdot.org/articles/02/10/30/1225251.shtml?tid=143: [snip] "SuSE Linux is developing a desktop Linux distribution that will allow Windows users to continue using (some of) their Windows applications, including Microsoft Office. The SuSE Linux Office Desktop will be available for $129 in January, and will include Acronis OS Selector for disk partitioning during installation and Codeweavers CrossOver Office for Windows API emulation." [snip] and two from http://www.wired.com/news/linux/0,1411,55989,00.html [snip] An attack on the software license behind the Linux operating system has stirred up a free software controversy in Washington. [snip]
What's next? SuSEXP? Sorry, for this posting but I'm getting scared...
There is no way around being interoperable these days. SuSE will remain what it is, it's just that products need to be adjusted to the world's needs. These needs do not remain the same over time. Companies rely on their data being readable, while the O/S selection is a question of second rank. You have posted two different links that arise two different questions. I guess that Switzerland or Germany react somewhat differently than the US to questions of whether free software harms economy. Put yourself into the SuSE position: Why wouldn't you expect that massive efforts are underway to keep you from becoming successful?
-- .-. e-SecureNet /v\ We Run SuSE Project Manager // \\ *The LINUX Experts* c/o Miguel Albuquerque /( )\ Av. Miremont 46 ^^-^^ 1202 - GE, SWITZERLAND
Congratulations! Roman. -- - - | Roman Drahtmüller <draht@suse.de> // "You don't need eyes to see, | SuSE Linux AG - Security Phone: // you need vision!" | Nürnberg, Germany +49-911-740530 // Maxi Jazz, Faithless | - -
Roman Drahtmueller wrote:
There is no way around being interoperable these days. SuSE will remain what it is, it's just that products need to be adjusted to the world's needs. These needs do not remain the same over time. Companies rely on their data being readable, while the O/S selection is a question of second rank.
Right, but then, why not an Open Source SuSE Office instead of "Win$ inside" SuSE? What are the security implications of Win API emulation? StarOffice isn't enaugh? Does it or not MSOffice compatibility? That's why I got scared. When a company starts looking for interoperation prior to devellop his own possibilities. Anyway, thanks for "SuSE will remain what it is..." Peace. -- .-. e-SecureNet /v\ We Run SuSE Project Manager // \\ *The LINUX Experts* c/o Miguel Albuquerque /( )\ Av. Miremont 46 ^^-^^ 1202 - GE, SWITZERLAND Tel: +41 (22) 782 5344 Fax: +41 (22) 782 5348 mailto:mfoacs@e-securenet.ch http://www.e-securenet.ch
On Wednesday 30 October 2002 15:03, Miguel Albuquerque wrote:
What's next? SuSEXP?
SuSE 2000 Home and Server Edition, I'd guess. SuSE does not *own* Linux, do they? Vinzent. -- Electrical Engineers do it with less resistance.
participants (9)
-
Dan Am -
Donavan Pantke -
Joerg Henner -
Marcel Erkens -
Mathias Homann -
Miguel Albuquerque -
Olaf Kirch -
Roman Drahtmueller -
Vinzent Hoefler