Hello! How do i update my /usr/src/world from the cvs tree ? -- Anatoly Pugachev -- -- To unsubscribe, e-mail owl-users-unsubscribe <at> lists.openwall.com and reply to the automated confirmation request that will be sent to you.
On Wed, Aug 05, 2009 at 11:41:33AM +0400, Anatoly Pugachev wrote: > How do i update my /usr/src/world from the cvs tree ? Owl/doc/DOWNLOAD, also available via the web at: http://www.openwall.com/Owl/DOWNLOAD.shtml gives some basic information for accessing our FTP mirrors and anoncvs. As it relates to your specific question - namely, updating an existing local copy of the Owl CVS tree - you may do it as follows: su - build CVSROOT=:pserver:anoncvs:anoncvs <at> anoncvs.owl.openwall.com:/cvs make checkout or maybe: su - build export CVS_RSH=ssh CVSROOT=anoncvs <at> anoncvs.owl.openwall.com:/cvs cd native/Owl cvs -z3 up -P anoncvs <at> anoncvs.owl.openwall.com's password: <type anoncvs here> Lots of other variations are possible as well. Our "native" tree is quite small - just 2 MB gzipped - so if you're on a fast link, you may as well re-download native.tar.gz from one of the FTP mirrors. And you do in fact have to access an FTP mirror in order to update the "sources" tree as well (which contains mostly the original tarballs of software that we use in Owl). You may do it like this:(Continue reading)
Henri, Radek - Thank you for your comments. On Thu, Jul 30, 2009 at 10:31:00PM +0300, Henri Salo wrote: > I vote for both since at least I need OpenBSD's version for testing > several services. It could also be installed separately so > Owl-installation would be as small as possible. Can you provide a specific example where OpenBSD's version would be better than Ncat? If so, I'd imagine that the Ncat authors would want to fix Ncat to perform just as well as OpenBSD's netcat does. As to the installation size, there's not much to save by excluding OpenBSD's netcat. The package is just 17 KB installed. For comparison, Ncat is 261 KB installed. That's for our current packages for i386. Both are quite small, so my question was about the duplicate functionality and about our responsibility for bugs in two implementations rather than just in one of them.(Continue reading)On Fri, Jul 31, 2009 at 07:16:17AM +0200, Radek Michalski wrote: > In my opinion, regarding also Henri Salo's mail, maybe "nc" should be > available as an add-on to keep Owl installation small and have no > functionality duplication at the beginning? We could certainly do that, but I doubt that anyone would maintain that add-on; I doubt that anyone would need it, even. I am a bit puzzled by Henri's comment. I am still typing "nc" and not "ncat" myself, but I think that's just a habit.
Hi, A couple of days ago, I've released a new revision of the kernel patch, updated to Linux 2.4.37.5: http://www.openwall.com/linux/ (and I similarly released updates to all other minor revisions of Linux 2.4.37.x before, some of which I neglected to announce in here). The important security-relevant changes made in the 2.4.37.x kernels and in the -ow patches are briefly described in news items on the above web page. Specifically, the 2.4.37.5 kernel adds a fix for a NULL pointer dereference bug (which, as far as I'm aware, was not exploitable into privilege escalation as long as the vm.mmap_min_addr restriction was enabled and working), whereas the -ow patch to it adds a fix for a local information leak affecting 64-bit kernel builds (not yet fixed upstream in 2.4, will likely be fixed in the next upstream revision). 2.4.37.3-ow1 and then 2.4.37.4 introduced a hardening measure against a vm.mmap_min_addr bypass that could have worked via a combination of the "personality" feature and certain improperly designed SUID-root programs (only one example is known to me so far - pulseaudio). As far as I'm aware, on 2.4 kernels this bypass could have worked on x86_64 kernel builds, but not on most/all other architectures (including definitely not on 32-bit x86 builds). Finally, the 2.4.37.3 kernel release added the "-fno-delete-null-pointer-checks" option to gcc invocations, which was important to reduce the impact of a class of kernel bugs (which are yet to be found and fixed individually, but are known to exist in general)(Continue reading)
RSS Feed16 | |
|---|---|
1 | |
3 | |
5 | |
19 | |
2 | |
1 | |
7 | |
8 | |
23 | |
12 | |
2 | |
2 | |
1 | |
22 | |
7 | |
8 | |
23 | |
1 | |
20 | |
8 | |
13 | |
7 | |
7 | |
16 | |
2 | |
8 | |
6 | |
6 | |
2 | |
1 | |
15 | |
5 | |
14 | |
3 | |
10 | |
15 | |
4 | |
5 | |
3 | |
7 | |
2 | |
3 | |
3 | |
1 | |
10 | |
1 | |
5 | |
9 | |
1 | |
1 | |
1 | |
6 | |
3 | |
36 | |
7 | |
26 | |
6 | |
16 | |
7 | |
1 | |
25 | |
7 | |
1 | |
11 | |
27 | |
11 | |
8 | |
11 | |
1 | |
27 | |
10 | |
14 | |
2 | |
17 | |
18 | |
1 | |
13 | |
19 | |
8 | |
8 | |
11 | |
15 | |
11 | |
29 | |
35 | |
11 | |
7 | |
4 | |
20 | |
9 | |
11 | |
14 | |
28 | |
8 | |
11 | |
8 | |
2 | |
9 | |
11 | |
9 | |
3 | |
12 | |
16 | |
11 | |
21 | |
13 | |
23 | |
46 | |
5 | |
7 | |
15 | |
12 | |
6 | |
2 | |
10 | |
3 | |
1 | |
2 | |
33 | |
44 | |
2 | |
6 | |
7 | |
10 |
