[Users] [Announce] [security] Kernel RHEL6 042stab090.3
Kir Kolyshkin
kir at openvz.org
Sat Jun 7 02:12:50 PDT 2014
On 06/06/2014 09:48 PM, Stefan Priebe - Profihost AG wrote:
> Oh sorry. My fault. Yes it's the same with 090.2
I tried to reproduce it locally on an CentOS x86_64 box with the
following set of commands,
(checking that every one of those succeeds):
yum -y update
yum -u install yum-utils
rpm --import http://download.openvz.org/RPM-GPG-Key-OpenVZ
wget
http://download.openvz.org/kernel/branches/rhel6-2.6.32-testing/042stab090.2/vzkernel-2.6.32-042stab090.2.src.rpm
yum-builddep -y vzkernel-2.6.32-042stab090.2.src.rpm
rpmbuild --rebuild vzkernel-2.6.32-042stab090.2.src.rpm
The end result is built kernel packages.
So, then I tried building from source+patch:
wget
http://download.openvz.org/kernel/branches/rhel6-2.6.32-testing/042stab090.2/patches/patch-042stab090.2-combined.gz
wget https://www.kernel.org/pub/linux/kernel/v2.6/linux-2.6.32.tar.xz
tar xf linux-2.6.32.tar.xz
cd linux-2.6.32
gzip -dc ../patch-042stab090.2-combined.gz | patch -p1
wget
http://download.openvz.org/kernel/branches/rhel6-2.6.32-testing/042stab090.2/configs/config-2.6.32-042stab090.2.x86_64
mv config-2.6.32-042stab090.2.x86_64 .config
make oldconfig
make -j16
Same result -- it was built w/o errors.
So, I was not able to reproduce your issue in either way.
*Two questions:*
1. Can you please describe how you build the kernel (including the build
environment description), in a way so I will be able to reproduce it locally
(for example, something similar to the above)?
2. (Just curious) What is the reason you are building your own kernels
instead of relying on packaged binaries that we release? Sorry if I already
asked.
Kir.
>
> Stefan
>
> Excuse my typo sent from my mobile phone.
>
> Am 07.06.2014 um 06:23 schrieb Kir Kolyshkin <kir at openvz.org
> <mailto:kir at openvz.org>>:
>
>> Kostya, can you please take a quick look?
>>
>> Stefan,
>>
>> Did you have the same problem with 090.2? This release (090.3) only
>> patches futex code
>> and has nothing to do with iptables.
>>
>> Also, please refrain from using private emails (or announce@) --
>> instead use either users@
>> mailing list or bugzilla. Thanks!
>>
>> Kir.
>>
>> -------- Original Message --------
>> Subject: Re: [Announce] [security] Kernel RHEL6 042stab090.3
>> Date: Sat, 7 Jun 2014 00:27:37 +0200
>> From: Stefan Priebe <s.priebe at profihost.ag>
>> To: Kir Kolyshkin <kir at openvz.org>, "announce at openvz.org"
>> <announce at openvz.org>
>>
>>
>>
>> while compiling i always get:
>> ERROR: "module_payload_allowed" [net/netfilter/x_tables.ko] undefined!
>>
>> Stefan
>> Am 06.06.2014 21:05, schrieb Kir Kolyshkin:
>> > OpenVZ project released an updated RHEL6 based kernel. Read below for
>> > more information. Everyone is advised to update.
>> >
>> >
>> > Changes and Download
>> > ====================
>> > * Security fix for CVE-2014-3153
>> >
>> >https://openvz.org/Download/kernel/rhel6/042stab090.3
>> >
>> >
>> > Bug reporting
>> > =============
>> > Usehttp://bugzilla.openvz.org/ to report any bugs found.
>> >
>> >
>> > Other sources of info on updates
>> > ================================
>> > Seehttp://wiki.openvz.org/News to view all the news (including updates)
>> > online. There you can also find RSS/Atom feed links.
>> >
>> >
>> > Regards,
>> > OpenVZ team
>> >
>> > _______________________________________________
>> > Announce mailing list
>> >Announce at openvz.org
>> >https://lists.openvz.org/mailman/listinfo/announce
>>
>>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openvz.org/pipermail/users/attachments/20140607/64447a8e/attachment.html>
More information about the Users
mailing list