[Users] [Announce] [security] Kernel RHEL6 042stab090.3
Stefan Priebe - Profihost AG
s.priebe at profihost.ag
Sun Jun 8 08:32:32 PDT 2014
> Am 07.06.2014 um 11:12 schrieb Kir Kolyshkin <kir at openvz.org>:
>> On 06/06/2014 09:48 PM, Stefan Priebe - Profihost AG wrote:
>> Oh sorry. My fault. Yes it's the same with 090.2
> I tried to reproduce it locally on an CentOS x86_64 box with the following set of commands,
> (checking that every one of those succeeds):
> yum -y update
> yum -u install yum-utils
> rpm --import http://download.openvz.org/RPM-GPG-Key-OpenVZ
> wget http://download.openvz.org/kernel/branches/rhel6-2.6.32-testing/042stab090.2/vzkernel-2.6.32-042stab090.2.src.rpm
> yum-builddep -y vzkernel-2.6.32-042stab090.2.src.rpm
> rpmbuild --rebuild vzkernel-2.6.32-042stab090.2.src.rpm
> The end result is built kernel packages.
> So, then I tried building from source+patch:
> wget http://download.openvz.org/kernel/branches/rhel6-2.6.32-testing/042stab090.2/patches/patch-042stab090.2-combined.gz
> wget https://www.kernel.org/pub/linux/kernel/v2.6/linux-2.6.32.tar.xz
> tar xf linux-2.6.32.tar.xz
> cd linux-2.6.32
> gzip -dc ../patch-042stab090.2-combined.gz | patch -p1
> wget http://download.openvz.org/kernel/branches/rhel6-2.6.32-testing/042stab090.2/configs/config-2.6.32-042stab090.2.x86_64
> mv config-2.6.32-042stab090.2.x86_64 .config
> make oldconfig
> make -j16
> Same result -- it was built w/o errors.
> So, I was not able to reproduce your issue in either way.
> *Two questions:*
> 1. Can you please describe how you build the kernel (including the build
> environment description), in a way so I will be able to reproduce it locally
> (for example, something similar to the above)?
Mhm debian 7.5 using a custom config. But while looking through the source code i was not able to der a
reason why it shouldn't work.
> 2. (Just curious) What is the reason you are building your own kernels
> instead of relying on packaged binaries that we release? Sorry if I already
Needed some tweaks newer intel 10gbe drivers, ISO vfs support inside guest, netconsole build inside kernel instead of module...
>> Excuse my typo sent from my mobile phone.
>> Am 07.06.2014 um 06:23 schrieb Kir Kolyshkin <kir at openvz.org>:
>>> Kostya, can you please take a quick look?
>>> Did you have the same problem with 090.2? This release (090.3) only patches futex code
>>> and has nothing to do with iptables.
>>> Also, please refrain from using private emails (or announce@) -- instead use either users@
>>> mailing list or bugzilla. Thanks!
>>> -------- Original Message --------
>>> Subject: Re: [Announce] [security] Kernel RHEL6 042stab090.3
>>> Date: Sat, 7 Jun 2014 00:27:37 +0200
>>> From: Stefan Priebe <s.priebe at profihost.ag>
>>> To: Kir Kolyshkin <kir at openvz.org>, "announce at openvz.org" <announce at openvz.org>
>>> while compiling i always get:
>>> ERROR: "module_payload_allowed" [net/netfilter/x_tables.ko] undefined!
>>> Am 06.06.2014 21:05, schrieb Kir Kolyshkin:
>>> > OpenVZ project released an updated RHEL6 based kernel. Read below for
>>> > more information. Everyone is advised to update.
>>> > Changes and Download
>>> > ====================
>>> > * Security fix for CVE-2014-3153
>>> > https://openvz.org/Download/kernel/rhel6/042stab090.3
>>> > Bug reporting
>>> > =============
>>> > Use http://bugzilla.openvz.org/ to report any bugs found.
>>> > Other sources of info on updates
>>> > ================================
>>> > See http://wiki.openvz.org/News to view all the news (including updates)
>>> > online. There you can also find RSS/Atom feed links.
>>> > Regards,
>>> > OpenVZ team
>>> > _______________________________________________
>>> > Announce mailing list
>>> > Announce at openvz.org
>>> > https://lists.openvz.org/mailman/listinfo/announce
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Users