[rsbac] Bugfixing the kernel uselib vulnerability

Andrea Pasquinucci cesare at ucci.it
Fri Jan 14 09:50:11 CET 2005 

Very nice, thank you. I surely apply as a tester, I am not sure how much
I could contribute as a contributor (time constraints), let say that if
I can do something more than test I will. I can test on the basic arch
(x86 non-smp) and for 2.6 series, in particular I am interested in
2.6.10-rsbac-pax, which will include also 2.6.10-rsbac.

Andrea

On Thu, Jan 13, 2005 at 12:27:09PM +0100, Amon Ott wrote:
* On Mittwoch 12 Januar 2005 15:08, Amon Ott wrote:
* > On Mittwoch 12 Januar 2005 11:29, Andrea Pasquinucci wrote:
* > One thing we could do is to have another subversion tree, which 
* > includes all RSBAC and third party security bugfixes, and which gets 
* > rolled into a complete kernel after every change.
* 
* I have started this new tree at 
* svn://rsbac.mprivacy-update.de/rsbacfixed
* 
* It currently only contains 2.4.28-rsbac-v1.2.3 with bugfixes 1-11 
* (where appropiate) and the uselib bugfix I posted to this list. More 
* will certainly come. Automatic packaging into a pre-patched source 
* archive will be added soon.
* 
* Each source tree contains a file BUGFIXES with a list of all bugfixes 
* applied and a subdir BUGFIXES-third-party, which contains all outside 
* bugfixes.
* 
* > We would really need people maintaining this tree and testing it, 
* > though.
* 
* We need contributors and testers. Jörg Weber, the Adamantix kernel 
* maintainer, has already signalled that he would like to help.
* 
* So, folks, please tell what bugfixed source trees you need:
* - 2.4.28-rsbac-pax?
* - 2.6.10-rsbac?
* - 2.6.10-rsbac-pax?
* 
* Specially continously bugfixing 2.6.x will be more work than I can 
* handle without help - so I need volunteers for this. Please post 
* security bugs that you desire to be fixed to this list, so none of 
* them gets dropped.
* 
* There is a discussion about a central Linux kernel authority for 
* security bug reports and fixes going on at the Linux kernel mailing 
* list. I expect a central repository with broken out patches soon, 
* which will make our life much easier.
* 
* BTW, 2.4.29 will be out soon. Known bugs should be fixed there. This 
* does not remove the need to fix existing 2.4.28 installations, 
* though.
* 
* Amon.
* -- 
* http://www.rsbac.org - GnuPG: 2048g/5DEAAA30 2002-10-22



* _______________________________________________
* rsbac mailing list
* rsbac at rsbac.org
* http://www.rsbac.org/mailman/listinfo/rsbac

More information about the rsbac mailing list