dcsimg
Linux Today: Linux News On Internet Time.




More on LinuxToday


modutils 2.3.20 is available

Nov 16, 2000, 21:06 (0 Talkback[s])
(Other stories by Keith Owens)

WEBINAR:
On-Demand

Re-Imagining Linux Platforms to Meet the Needs of Cloud Service Providers


Date: Thu, 16 Nov 2000 16:56:06 +1100
From: Keith Owens kaos@ocs.com.au
To: linux-kernel@vger.kernel.org
Subject: Announce: modutils 2.3.20 is available

Due to the recent modutils 2.3 local root exploits, anybody using
modutils 2.3 should upgrade to 2.3.20.  That means everybody using 2.4
kernels.

The security patch to modutils 2.3.19 only closed part of the exploit,
this version should close all known exploits.  modutils still supports
meta expansion, including back quoted commands, but only for data read
from the configuration file.  This assumes that when modutils is run as
root out of the kernel, normal users cannot specify their own
configuration files.

ftp://ftp.<country>.kernel.org/pub/linux/utils/kernel/modutils/v2.3

patch-modutils-2.3.20.bz2       Patch from modutils 2.3.19 to 2.3.20
modutils-2.3.20.tar.bz2         Source tarball, includes RPM spec file
modutils-2.3.20-1.src.rpm       As above, in SRPM format
modutils-2.3.20-1.i386.rpm      Compiled with egcs-2.91.66, glibc 2.1.2
modutils-2.3.20-1.sparc.rpm     My first sparc rpm, handle with care.

Changelog extract

        * Rewrite table generation code to make it easier to add new tables.
        * usbmap uses zero vendor as wildcard, test more fields to find end of
          table.  Adam J. Richter.
        * Off by one error in relocations.  Jean-Francois Moine.
        * Use tgt_long to handle different sizes in combined 32/64 bit
          systems.  Original patch by Dave Miller.
        * Include module type in headers of generated files.  Randy Dunlap.
        * Add insmod -S (force kallsyms), clean up insmod parameters, man page.
        * Clean up messages.
        * Verify MODULE_PARM strings.
        * Check for multiple well known symbols to get prefix.
        * Security cleanup.  Triggered by Bugtraq exploits by Michal Zalewski,
          Sebastian Krahmer, Chris Evans.  It is still the kernel's fault for
          passing user data unchanged to a program running as root.
        * Add missing s/390 arch_finalize_section_address.  Roger Luethi.
        * depmod -F supports strange sparc __export_priv_.  Dave Miller.
        * Sparc64 relocation patch.  Redhat (not that they bothered to tell me).
        * Sparc64 compile and link fixes.  Me, with thanks to Dave Miller for
          making a machine available.