[OpenIndiana-discuss] 5421 issue allowing local user to panic the system
Stefan Müller-Wilken
stefan.mueller-wilken at acando.de
Wed Dec 10 17:31:55 UTC 2014
Thanks for the clarification regarding a8 vs. a9. Don't know where I've picked up the rumor so sorry for spreading it. And thank you for patching a9 so quickly!
Cheers
Stefan
-----Ursprüngliche Nachricht-----
Von: Jon Tibble [mailto:meths at btinternet.com]
Gesendet: Mittwoch, 10. Dezember 2014 17:44
An: Discussion list for OpenIndiana
Betreff: Re: [OpenIndiana-discuss] 5421 issue allowing local user to panic the system
Hello all,
This has been patched in /dev now too.
The fixed package is pkg://openindiana.org/system/kernel@0.5.11,5.11-0.151.1.9:20141210T124421Z
We're not aware of any reasons to prefer a8 over a9 for any use.
Regards,
Jon
----- Original Message -----
From: Stefan Müller-Wilken <stefan.mueller-wilken at acando.de>
To: Discussion list for OpenIndiana <openindiana-discuss at openindiana.org>
Cc:
Sent: Tuesday, 9 December 2014, 19:34
Subject: Re: [OpenIndiana-discuss] 5421 issue allowing local user to panic the system
Hmmm... while I find it pretty cool that we get a patch for this, it raises a question: is that the ultimate sign that all serious users will finally have to switch to hipster? Shellshock only for a9, zone panic patch only for hipster - is there any justification left for a8 which was previously called the revision designated for production use?
Cheers
Stefan
________________________________________
Von: Alexander Pyhalov [alp at rsu.ru]
Gesendet: Dienstag, 9. Dezember 2014 11:54
An: Discussion list for OpenIndiana
Betreff: [OpenIndiana-discuss] 5421 issue allowing local user to panic the system
Hello, all.
A critical issue was found in illumos, allowing local global zone user to panic the machine.
All people running OI Hipster are advised to update to
consolidation/osnet/osnet-incorporation at 0.5.11-2014.1.3.14795 or later.
Issue: https://www.illumos.org/issues/5421
Commit with fix:
https://github.com/illumos/illumos-gate/commit/d65686849024838243515b5c40ae2c479460b4b5
CVE Request: http://seclists.org/oss-sec/2014/q4/983
--
Best regards,
Alexander Pyhalov,
system administrator of Southern Federal University IT department
_______________________________________________
openindiana-discuss mailing list
openindiana-discuss at openindiana.org
http://openindiana.org/mailman/listinfo/openindiana-discuss
________________________________
Acando GmbH, Millerntorplatz 1, 20359 Hamburg, Germany | Geschäftsführer: Guido Ahle | Amtsgericht Hamburg, HRB 76048 | Ust.Ident-Nr.:DE208833022
_______________________________________________
openindiana-discuss mailing list
openindiana-discuss at openindiana.org
http://openindiana.org/mailman/listinfo/openindiana-discuss
_______________________________________________
openindiana-discuss mailing list
openindiana-discuss at openindiana.org
http://openindiana.org/mailman/listinfo/openindiana-discuss
________________________________
Acando GmbH, Millerntorplatz 1, 20359 Hamburg, Germany | Geschäftsführer: Guido Ahle | Amtsgericht Hamburg, HRB 76048 | Ust.Ident-Nr.:DE208833022
More information about the openindiana-discuss
mailing list