<div dir="ltr">Hi, <span style="font-family:arial,sans-serif;font-size:13px">Iosif Peterfi.</span><div><span style="font-family:arial,sans-serif;font-size:13px"><br></span></div><div><font face="arial, sans-serif">Proxmox uses Red Hat-base kernel.</font><br>
</div><div><span style="font-family:arial,sans-serif"><a href="https://pve.proxmox.com/wiki/Proxmox_VE_Kernel">https://pve.proxmox.com/wiki/Proxmox_VE_Kernel</a></span><br></div></div><div class="gmail_extra"><br><br><div class="gmail_quote">
2014-04-25 9:27 GMT+04:00 <span dir="ltr"><<a href="mailto:pve-user-request@pve.proxmox.com" target="_blank">pve-user-request@pve.proxmox.com</a>></span>:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
Send pve-user mailing list submissions to<br>
<a href="mailto:pve-user@pve.proxmox.com">pve-user@pve.proxmox.com</a><br>
<br>
To subscribe or unsubscribe via the World Wide Web, visit<br>
<a href="http://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-user" target="_blank">http://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-user</a><br>
or, via email, send a message with subject or body 'help' to<br>
<a href="mailto:pve-user-request@pve.proxmox.com">pve-user-request@pve.proxmox.com</a><br>
<br>
You can reach the person managing the list at<br>
<a href="mailto:pve-user-owner@pve.proxmox.com">pve-user-owner@pve.proxmox.com</a><br>
<br>
When replying, please edit your Subject line so it is more specific<br>
than "Re: Contents of pve-user digest..."<br>
<br>
<br>
Today's Topics:<br>
<br>
1. Re: pve-user Digest, Vol 73, Issue 18 (Irek Fasikhov)<br>
2. Re: [SECURITY] [DSA 2906-1] linux-2.6 security update<br>
(Iosif Peterfi)<br>
<br>
<br>
----------------------------------------------------------------------<br>
<br>
Message: 1<br>
Date: Fri, 25 Apr 2014 08:20:27 +0400<br>
From: Irek Fasikhov <<a href="mailto:malmyzh@gmail.com">malmyzh@gmail.com</a>><br>
To: "<a href="mailto:pve-user@pve.proxmox.com">pve-user@pve.proxmox.com</a>" <<a href="mailto:pve-user@pve.proxmox.com">pve-user@pve.proxmox.com</a>><br>
Subject: Re: [PVE-User] pve-user Digest, Vol 73, Issue 18<br>
Message-ID:<br>
<CAF-rypxybAu33XSd3_n+98Lixa+0eJT=<a href="mailto:3NO0MFHLToYxTumk1Q@mail.gmail.com">3NO0MFHLToYxTumk1Q@mail.gmail.com</a>><br>
Content-Type: text/plain; charset="utf-8"<br>
<br>
Hi, Alexandre DERUMIER<br>
<br>
Sync the files please git kernel ;).<br>
<br>
<br>
2014-04-24 14:00 GMT+04:00 <<a href="mailto:pve-user-request@pve.proxmox.com">pve-user-request@pve.proxmox.com</a>>:<br>
<br>
> Send pve-user mailing list submissions to<br>
> <a href="mailto:pve-user@pve.proxmox.com">pve-user@pve.proxmox.com</a><br>
><br>
> To subscribe or unsubscribe via the World Wide Web, visit<br>
> <a href="http://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-user" target="_blank">http://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-user</a><br>
> or, via email, send a message with subject or body 'help' to<br>
> <a href="mailto:pve-user-request@pve.proxmox.com">pve-user-request@pve.proxmox.com</a><br>
><br>
> You can reach the person managing the list at<br>
> <a href="mailto:pve-user-owner@pve.proxmox.com">pve-user-owner@pve.proxmox.com</a><br>
><br>
> When replying, please edit your Subject line so it is more specific<br>
> than "Re: Contents of pve-user digest..."<br>
><br>
><br>
> Today's Topics:<br>
><br>
> 1. There are no files in Git Kernel (Irek Fasikhov)<br>
> 2. Re: There are no files in Git Kernel (Dietmar Maurer)<br>
><br>
><br>
> ----------------------------------------------------------------------<br>
><br>
> Message: 1<br>
> Date: Thu, 24 Apr 2014 11:12:40 +0400<br>
> From: Irek Fasikhov <<a href="mailto:malmyzh@gmail.com">malmyzh@gmail.com</a>><br>
> To: "<a href="mailto:pve-user@pve.proxmox.com">pve-user@pve.proxmox.com</a>" <<a href="mailto:pve-user@pve.proxmox.com">pve-user@pve.proxmox.com</a>><br>
> Subject: [PVE-User] There are no files in Git Kernel<br>
> Message-ID:<br>
> <<br>
> <a href="mailto:CAF-rypwddS_vDe4UGW0AATu01xmJXE8qocY4F1zKeURga4hV-w@mail.gmail.com">CAF-rypwddS_vDe4UGW0AATu01xmJXE8qocY4F1zKeURga4hV-w@mail.gmail.com</a>><br>
> Content-Type: text/plain; charset="utf-8"<br>
><br>
> Hi, Dietmar Maurer, Alexandre DERUMIER<br>
><br>
> In git repository is missing the following files(<br>
><br>
> <a href="https://git.proxmox.com/?p=pve-kernel-2.6.32.git;a=tree;h=dcfe603b71a1e227bfa8fe1b1b4b39570e7f74f9;hb=dcfe603b71a1e227bfa8fe1b1b4b39570e7f74f9" target="_blank">https://git.proxmox.com/?p=pve-kernel-2.6.32.git;a=tree;h=dcfe603b71a1e227bfa8fe1b1b4b39570e7f74f9;hb=dcfe603b71a1e227bfa8fe1b1b4b39570e7f74f9</a><br>
> ):<br>
><br>
> config-2.6.32-042stab088.4.x86_64<br>
> vzkernel-2.6.32-042stab088.4.src.rpm<br>
><br>
> --<br>
> ? ?????????, ??????? ???? ???????????<br>
> ???.: +79229045757<br>
> -------------- next part --------------<br>
> An HTML attachment was scrubbed...<br>
> URL: <<br>
> <a href="http://pve.proxmox.com/pipermail/pve-user/attachments/20140424/a0c7f0a6/attachment-0001.html" target="_blank">http://pve.proxmox.com/pipermail/pve-user/attachments/20140424/a0c7f0a6/attachment-0001.html</a><br>
> ><br>
><br>
> ------------------------------<br>
><br>
> Message: 2<br>
> Date: Thu, 24 Apr 2014 08:45:05 +0000<br>
> From: Dietmar Maurer <<a href="mailto:dietmar@proxmox.com">dietmar@proxmox.com</a>><br>
> To: Irek Fasikhov <<a href="mailto:malmyzh@gmail.com">malmyzh@gmail.com</a>>, "<a href="mailto:pve-user@pve.proxmox.com">pve-user@pve.proxmox.com</a>"<br>
> <<a href="mailto:pve-user@pve.proxmox.com">pve-user@pve.proxmox.com</a>><br>
> Subject: Re: [PVE-User] There are no files in Git Kernel<br>
> Message-ID:<br>
> <<a href="mailto:24E144B8C0207547AD09C467A8259F75594E1C5C@lisa.maurer-it.com">24E144B8C0207547AD09C467A8259F75594E1C5C@lisa.maurer-it.com</a>><br>
> Content-Type: text/plain; charset="utf-8"<br>
><br>
> thanks for the bug report ? just added those files.<br>
><br>
> Should appear on the puplic repository in a few minutes.<br>
><br>
> From: pve-user [mailto:<a href="mailto:pve-user-bounces@pve.proxmox.com">pve-user-bounces@pve.proxmox.com</a>] On Behalf Of<br>
> Irek Fasikhov<br>
> Sent: Donnerstag, 24. April 2014 09:13<br>
> To: <a href="mailto:pve-user@pve.proxmox.com">pve-user@pve.proxmox.com</a><br>
> Subject: [PVE-User] There are no files in Git Kernel<br>
><br>
> Hi, Dietmar Maurer, Alexandre DERUMIER<br>
><br>
> In git repository is missing the following files(<br>
> <a href="https://git.proxmox.com/?p=pve-kernel-2.6.32.git;a=tree;h=dcfe603b71a1e227bfa8fe1b1b4b39570e7f74f9;hb=dcfe603b71a1e227bfa8fe1b1b4b39570e7f74f9" target="_blank">https://git.proxmox.com/?p=pve-kernel-2.6.32.git;a=tree;h=dcfe603b71a1e227bfa8fe1b1b4b39570e7f74f9;hb=dcfe603b71a1e227bfa8fe1b1b4b39570e7f74f9</a><br>
> ):<br>
><br>
> config-2.6.32-042stab088.4.x86_64<br>
> vzkernel-2.6.32-042stab088.4.src.rpm<br>
><br>
> --<br>
> ? ?????????, ??????? ???? ???????????<br>
> ???.: +79229045757<br>
> -------------- next part --------------<br>
> An HTML attachment was scrubbed...<br>
> URL: <<br>
> <a href="http://pve.proxmox.com/pipermail/pve-user/attachments/20140424/88997601/attachment-0001.html" target="_blank">http://pve.proxmox.com/pipermail/pve-user/attachments/20140424/88997601/attachment-0001.html</a><br>
> ><br>
><br>
> ------------------------------<br>
><br>
> Subject: Digest Footer<br>
><br>
> _______________________________________________<br>
> pve-user mailing list<br>
> <a href="mailto:pve-user@pve.proxmox.com">pve-user@pve.proxmox.com</a><br>
> <a href="http://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-user" target="_blank">http://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-user</a><br>
><br>
><br>
> ------------------------------<br>
><br>
> End of pve-user Digest, Vol 73, Issue 18<br>
> ****************************************<br>
><br>
<br>
<br>
<br>
--<br>
? ?????????, ??????? ???? ???????????<br>
???.: +79229045757<br>
-------------- next part --------------<br>
An HTML attachment was scrubbed...<br>
URL: <<a href="http://pve.proxmox.com/pipermail/pve-user/attachments/20140425/dc75c528/attachment-0001.html" target="_blank">http://pve.proxmox.com/pipermail/pve-user/attachments/20140425/dc75c528/attachment-0001.html</a>><br>
<br>
------------------------------<br>
<br>
Message: 2<br>
Date: Fri, 25 Apr 2014 07:27:34 +0200<br>
From: Iosif Peterfi <<a href="mailto:iosif.peterfi@gmail.com">iosif.peterfi@gmail.com</a>><br>
To: <a href="mailto:pve-user@pve.proxmox.com">pve-user@pve.proxmox.com</a><br>
Subject: Re: [PVE-User] [SECURITY] [DSA 2906-1] linux-2.6 security<br>
update<br>
Message-ID:<br>
<<a href="mailto:CA%2BM5w7vty7k3o8izkJA07L-8a5NX%2By8aRJZX48inuP9gbc6HLw@mail.gmail.com">CA+M5w7vty7k3o8izkJA07L-8a5NX+y8aRJZX48inuP9gbc6HLw@mail.gmail.com</a>><br>
Content-Type: text/plain; charset="utf-8"<br>
<br>
Guys,<br>
<br>
Has this been fixed in the pve-kernel 2.6 ?! This has just been patched in<br>
debian last night (CET).<br>
<br>
Let me know,<br>
Iosif<br>
<br>
<br>
On Fri, Apr 25, 2014 at 2:12 AM, dann frazier <<a href="mailto:dannf@debian.org">dannf@debian.org</a>> wrote:<br>
<br>
> -----BEGIN PGP SIGNED MESSAGE-----<br>
> Hash: SHA1<br>
><br>
> - ----------------------------------------------------------------------<br>
> Debian Security Advisory DSA-2906-1 <a href="mailto:security@debian.org">security@debian.org</a><br>
> <a href="http://www.debian.org/security/" target="_blank">http://www.debian.org/security/</a> Dann Frazier<br>
> April 24, 2014 <a href="http://www.debian.org/security/faq" target="_blank">http://www.debian.org/security/faq</a><br>
> - ----------------------------------------------------------------------<br>
><br>
> Package : linux-2.6<br>
> Vulnerability : privilege escalation/denial of service/information leak<br>
> Problem type : local/remote<br>
> Debian-specific: no<br>
> CVE Id(s) : CVE-2013-0343 CVE-2013-2147 CVE-2013-2889 CVE-2013-2893<br>
> CVE-2013-4162 CVE-2013-4299 CVE-2013-4345 CVE-2013-4512<br>
> CVE-2013-4587 CVE-2013-6367 CVE-2013-6380 CVE-2013-6381<br>
> CVE-2013-6382 CVE-2013-6383 CVE-2013-7263 CVE-2013-7264<br>
> CVE-2013-7265 CVE-2013-7339 CVE-2014-0101 CVE-2014-1444<br>
> CVE-2014-1445 CVE-2014-1446 CVE-2014-1874 CVE-2014-2039<br>
> CVE-2014-2523 CVE-2103-2929<br>
><br>
> Several vulnerabilities have been discovered in the Linux kernel that may<br>
> lead<br>
> to a denial of service, information leak or privilege escalation. The<br>
> Common<br>
> Vulnerabilities and Exposures project identifies the following problems:<br>
><br>
> CVE-2013-0343<br>
><br>
> George Kargiotakis reported an issue in the temporary address handling<br>
> of the IPv6 privacy extensions. Users on the same LAN can cause a<br>
> denial<br>
> of service or obtain access to sensitive information by sending router<br>
> advertisement messages that cause temporary address generation to be<br>
> disabled.<br>
><br>
> CVE-2013-2147<br>
><br>
> Dan Carpenter reported issues in the cpqarray driver for Compaq<br>
> Smart2 Controllers and the cciss driver for HP Smart Array controllers<br>
> allowing users to gain access to sensitive kernel memory.<br>
><br>
> CVE-2013-2889<br>
><br>
> Kees Cook discovered missing input sanitization in the HID driver for<br>
> Zeroplus game pads that could lead to a local denial of service.<br>
><br>
> CVE-2013-2893<br>
><br>
> Kees Cook discovered that missing input sanitization in the HID driver<br>
> for various Logitech force feedback devices could lead to a local<br>
> denial<br>
> of service.<br>
><br>
> CVE-2013-2929<br>
><br>
> Vasily Kulikov discovered that a flaw in the get_dumpable() function of<br>
> the ptrace subsytsem could lead to information disclosure. Only systems<br>
> with the fs.suid_dumpable sysctl set to a non-default value of '2' are<br>
> vulnerable.<br>
><br>
> CVE-2013-4162<br>
><br>
> Hannes Frederic Sowa discovered that incorrect handling of IPv6 sockets<br>
> using the UDP_CORK option could result in denial of service.<br>
><br>
> CVE-2013-4299<br>
><br>
> Fujitsu reported an issue in the device-mapper subsystem. Local users<br>
> could gain access to sensitive kernel memory.<br>
><br>
> CVE-2013-4345<br>
><br>
> Stephan Mueller found in bug in the ANSI pseudo random number generator<br>
> which could lead to the use of less entropy than expected.<br>
><br>
> CVE-2013-4512<br>
><br>
> Nico Golde and Fabian Yamaguchi reported an issue in the user mode<br>
> linux port. A buffer overflow condition exists in the write method<br>
> for the /proc/exitcode file. Local users with sufficient privileges<br>
> allowing them to write to this file could gain further elevated<br>
> privileges.<br>
><br>
> CVE-2013-4587<br>
><br>
> Andrew Honig of Google reported an issue in the KVM virtualization<br>
> subsystem. A local user could gain elevated privileges by passing<br>
> a large vcpu_id parameter.<br>
><br>
> CVE-2013-6367<br>
><br>
> Andrew Honig of Google reported an issue in the KVM virtualization<br>
> subsystem. A divide-by-zero condition could allow a guest user to<br>
> cause a denial of service on the host (crash).<br>
><br>
> CVE-2013-6380<br>
><br>
> Mahesh Rajashekhara reported an issue in the aacraid driver for storage<br>
> products from various vendors. Local users with CAP_SYS_ADMIN<br>
> privileges<br>
> could gain further elevated privileges.<br>
><br>
> CVE-2013-6381<br>
><br>
> Nico Golde and Fabian Yamaguchi reported an issue in the Gigabit<br>
> Ethernet<br>
> device support for s390 systems. Local users could cause a denial of<br>
> service or gain elevated privileges via the<br>
> SIOC_QETH_ADP_SET_SNMP_CONTROL<br>
> ioctl.<br>
><br>
> CVE-2013-6382<br>
><br>
> Nico Golde and Fabian Yamaguchi reported an issue in the XFS<br>
> filesystem.<br>
> Local users with CAP_SYS_ADMIN privileges could gain further elevated<br>
> privileges.<br>
><br>
> CVE-2013-6383<br>
><br>
> Dan Carpenter reported an issue in the aacraid driver for storage<br>
> devices<br>
> from various vendors. A local user could gain elevated privileges due<br>
> to<br>
> a missing privilege level check in the aac_compat_ioctl function.<br>
><br>
> CVE-2013-7263 CVE-2013-7264 CVE-2013-7265<br>
><br>
> mpb reported an information leak in the recvfrom, recvmmsg and recvmsg<br>
> system calls. A local user could obtain access to sensitive kernel<br>
> memory.<br>
><br>
> CVE-2013-7339<br>
><br>
> Sasha Levin reported an issue in the RDS network protocol over<br>
> Infiniband.<br>
> A local user could cause a denial of service condition.<br>
><br>
> CVE-2014-0101<br>
><br>
> Nokia Siemens Networks reported an issue in the SCTP network protocol<br>
> subsystem. Remote users could cause a denial of service (NULL pointer<br>
> dereference).<br>
><br>
> CVE-2014-1444<br>
><br>
> Salva Peiro reported an issue in the FarSync WAN driver. Local users<br>
> with the CAP_NET_ADMIN capability could gain access to sensitive kernel<br>
> memory.<br>
><br>
> CVE-2014-1445<br>
><br>
> Salva Peiro reported an issue in the wanXL serial card driver. Local<br>
> users could gain access to sensitive kernel memory.<br>
><br>
> CVE-2014-1446<br>
><br>
> Salva Peiro reported an issue in the YAM radio modem driver. Local<br>
> users<br>
> with the CAP_NET_ADMIN capability could gain access to sensitive kernel<br>
> memory.<br>
><br>
> CVE-2014-1874<br>
><br>
> Matthew Thode reported an issue in the SELinux subsystem. A local user<br>
> with CAP_MAC_ADMIN privileges could cause a denial of service by<br>
> setting<br>
> an empty security context on a file.<br>
><br>
> CVE-2014-2039<br>
><br>
> Martin Schwidefsky reported an issue on s390 systems. A local user<br>
> could cause a denial of service (kernel oops) by executing an<br>
> application<br>
> with a linkage stack instruction.<br>
><br>
> CVE-2014-2523<br>
><br>
> Daniel Borkmann provided a fix for an issue in the nf_conntrack_dccp<br>
> module. Remote users could cause a denial of service (system crash)<br>
> or potentially gain elevated privileges.<br>
><br>
> For the oldstable distribution (squeeze), this problem has been fixed in<br>
> version 2.6.32-48squeeze5.<br>
><br>
> The following matrix lists additional source packages that were rebuilt for<br>
> compatibility with or to take advantage of this update:<br>
><br>
> Debian 6.0 (squeeze)<br>
> user-mode-linux 2.6.32-1um-4+48squeeze5<br>
><br>
> We recommend that you upgrade your linux-2.6 and user-mode-linux packages.<br>
><br>
> Note: Debian carefully tracks all known security issues across every<br>
> linux kernel package in all releases under active security support.<br>
> However, given the high frequency at which low-severity security<br>
> issues are discovered in the kernel and the resource requirements of<br>
> doing an update, updates for lower priority issues will normally not<br>
> be released for all kernels at the same time. Rather, they will be<br>
> released in a staggered or "leap-frog" fashion.<br>
><br>
> Further information about Debian Security Advisories, how to apply<br>
> these updates to your system and frequently asked questions can be<br>
> found at: <a href="http://www.debian.org/security/" target="_blank">http://www.debian.org/security/</a><br>
><br>
> Mailing list: <a href="mailto:debian-security-announce@lists.debian.org">debian-security-announce@lists.debian.org</a><br>
> -----BEGIN PGP SIGNATURE-----<br>
> Version: GnuPG v1<br>
><br>
> iQIcBAEBAgAGBQJTWaeAAAoJEBv4PF5U/IZAzFkP/2+YLfDXhZaBIoR1gugvac+F<br>
> q3/PgKXURH35N2vOU3pTkmYgwZh6gOHCzLJ3/ae2qL2GDTw5ZLu2EYv+xiJLOk8a<br>
> 9k5dki6j2k38EI7ktTn7BMVfOgoZTmlfYYVjdGmRU+2YEXu1ATr4zt0wN4azvThU<br>
> 25sgo21rYcaMPvOwng922/RAFQPtDZmAODTXxfpkL6c/zzeMLOILqlAYRe9uMfu5<br>
> 4X8G1/wglfSzx6b4yWZPvltWCgW+yi3OklrAalSsn8PnDf7yS8wWmxXsZ0pOEHHV<br>
> 7bbUCMDYtUkqqTq9/Ak/ohGo3mJkPJnzSeg8ShemSEY40NTlIbSmfUTYepTovhCF<br>
> A7A8TmYUhsAavD+DUxbQvYJjRKufzsymCg3yA0qp9JTKVRr5/IVkqpSeAx2Hpo7C<br>
> Jqkf0Or4t9BYc5juJasgicb4ttyYlleGnlJ8+ojelxXLROkH8EnIv3CDP87WGnOt<br>
> Dora/G+Al0AmRuk6TQuZofMtXK9dcBanN2+jr7HipE6dnH7vMo7xn979NdEaTkHs<br>
> Yskm+FJJXFoTGS49/V2YlIhDU2zuCnXodGYsZl+RSI54XPMkKrrfKZ6zRIJ5r3vJ<br>
> IFiqcMUlNJtEU4viwMjBkXlMvQZoN0e44ufK+/+VfQYPrj3puYoYLq1FOeF0JFaE<br>
> 8D7zI3prwl5DKG9kWEaq<br>
> =T6VL<br>
> -----END PGP SIGNATURE-----<br>
><br>
><br>
> --<br>
> To UNSUBSCRIBE, email to <a href="mailto:debian-security-announce-REQUEST@lists.debian.org">debian-security-announce-REQUEST@lists.debian.org</a><br>
> with a subject of "unsubscribe". Trouble? Contact<br>
> <a href="mailto:listmaster@lists.debian.org">listmaster@lists.debian.org</a><br>
> Archive: <a href="https://lists.debian.org/20140425001210.GA6824@fluid.dannf" target="_blank">https://lists.debian.org/20140425001210.GA6824@fluid.dannf</a><br>
><br>
><br>
-------------- next part --------------<br>
An HTML attachment was scrubbed...<br>
URL: <<a href="http://pve.proxmox.com/pipermail/pve-user/attachments/20140425/40d70e03/attachment.html" target="_blank">http://pve.proxmox.com/pipermail/pve-user/attachments/20140425/40d70e03/attachment.html</a>><br>
<br>
------------------------------<br>
<br>
Subject: Digest Footer<br>
<br>
_______________________________________________<br>
pve-user mailing list<br>
<a href="mailto:pve-user@pve.proxmox.com">pve-user@pve.proxmox.com</a><br>
<a href="http://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-user" target="_blank">http://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-user</a><br>
<br>
<br>
------------------------------<br>
<br>
End of pve-user Digest, Vol 73, Issue 19<br>
****************************************<br>
</blockquote></div><br><br clear="all"><div><br></div>-- <br><div dir="ltr">С уважением, Фасихов Ирек Нургаязович<div>Моб.: +79229045757</div></div>
</div>