Re: grsec patch over debian 2.4.20 kernel
On Tue, Apr 22, 2003 at 08:03:45PM +0100, Hobbs, Richard wrote: > Hello, > > Thanks for the reply... So does this mean it will become available in > woody when it is deemed stable enough? > "theoritically", proposed-updates will be put in next release of woody (r2). > Any ideas when this might be? > no, Mon, 16 Dec 2002 - Debian 3.0r1a released so maybe in may or june, we need to ask the stable release manager ;-) > Also I am right in saying this does fix the ptrace bug, right? I think > I'm right on this one. It doesn't seems for kernel-image, according to the changelog..., but it seems to be in kernel-source-2.4.20!!! +kernel-source-2.4.20 (2.4.20-3woody.2) stable; urgency=low + + * Fixed ptrace security hole. -- Emmanuel Lacour Easter-eggs 44-46 rue de l'Ouest - 75014 Paris - France - Métro Gaité Phone: +33 (0) 1 43 35 00 37- Fax: +33 (0) 1 41 35 00 76 mailto:[EMAIL PROTECTED] -http://www.easter-eggs.com
Re: grsec patch over debian 2.4.20 kernel
> Hi folks, > > I got the last 2.4.20 kernel with apt-get install. I want to patch it > with grsec, but I met many times the follow message: > "Reversed (or previously applied) patch detected! Assume -R? [n]" > When I answered "yes" to all questions, the kernel compilation had failed. > I think grsec patch have conficts with already patched debian kernel > source, so is there any debian kernel sources with grsec applied? I don't > want to use plain (vanilla) kernel, because of its ptrace vulnerability. > Thanks in advance. > > --- Ted Bukov --- patch with -N to get rid of thoose questions. If some parts of the patch fails otherwise, look in the .rej file and resolv the failed parts by hand. Regards, /Karl --- Karl HammarAspö Data [EMAIL PROTECTED] Lilla Aspö 2340Networks S-742 94 Östhammar +46 173 140 57 Computers Sweden +46 70 511 97 84 Consulting ---
RE: grsec patch over debian 2.4.20 kernel
Hello, Thanks for the reply... So does this mean it will become available in woody when it is deemed stable enough? Any ideas when this might be? Also I am right in saying this does fix the ptrace bug, right? I think I'm right on this one. Thanks, Richard. > -Original Message- > From: Emmanuel Lacour [mailto:[EMAIL PROTECTED] > Sent: 22 April 2003 18:11 > To: debian-security@lists.debian.org > Subject: Re: grsec patch over debian 2.4.20 kernel > > > On Tue, Apr 22, 2003 at 06:13:06PM +0200, Marcel Weber wrote: > > Hobbs, Richard wrote: > > >Hello, > > > > > >Where is the 2.4.20 kernel in apt?? > > > > > Hi > > > > You do not miss anything (or I would miss the same thing...). The > > 2.4.20 > > kernel is part of sid and not woody. For a 2.4.20 kernel grab sid's > > kernel source or the plain vanilla kernel from kernel.org. > > > you've got a 2.4.20 for woody in the pool, you can get it > via: deb http://http.us.debian.org/debian woody-proposed-updates main > > -- > Emmanuel Lacour Easter-eggs > 44-46 rue de l'Ouest - 75014 Paris - France - Métro Gaité > Phone: +33 (0) 1 43 35 00 37- Fax: +33 (0) 1 41 35 00 76 > mailto:[EMAIL PROTECTED] -http://www.easter-eggs.com > > > -- > To UNSUBSCRIBE, email to [EMAIL PROTECTED] > with a subject of "unsubscribe". Trouble? Contact > [EMAIL PROTECTED] > > -- Richard Hobbs [EMAIL PROTECTED] http://mongeese.co.uk | http://unixforum.co.uk "There's only one way of life, and that's your own" - The Levellers _ Send all your jokes to: [EMAIL PROTECTED] !! To subscribe, email: [EMAIL PROTECTED] smime.p7s Description: S/MIME cryptographic signature
RE: grsec patch over debian 2.4.20 kernel
On Tue, 2003-04-22 at 12:16, Hobbs, Richard wrote: > Hello, > > I was under the impression that an "apt-get dist-upgrade" would upgrade me > to the latest everything... > > I am running "stable" if that makes a difference. Is 2.4.20 in testing or > unstable at the moment, or is it just being blocked from my woody > installation? > > Thanks, > Richard. > Apt will never upgrade a kernel unless you explicitly tell it to install a new one. Kernels are too critical to just be replaced willy-nilly, particularly without a backup around and available *just-in-case* - unlike M$ that believes it isn't an update unless you are forced to risk the system being totally buggered. That is why the kernel version number is part of the package name. > > > -Original Message- > > From: Marcel Weber [mailto:[EMAIL PROTECTED] > > Sent: 22 April 2003 17:13 > > To: Hobbs, Richard > > Cc: [EMAIL PROTECTED]; debian-security@lists.debian.org > > Subject: Re: grsec patch over debian 2.4.20 kernel > > > > > > Hobbs, Richard wrote: > > > Hello, > > > > > > Where is the 2.4.20 kernel in apt?? > > > > > Hi > > > > You do not miss anything (or I would miss the same thing...). > > The 2.4.20 > > kernel is part of sid and not woody. For a 2.4.20 kernel grab sid's > > kernel source or the plain vanilla kernel from kernel.org. > > > > Regards > > > > Marcel > > > > > > -- > Richard Hobbs > [EMAIL PROTECTED] > http://mongeese.co.uk | http://unixforum.co.uk > > "There's only one way of life, and that's your own" - The Levellers > > _ > Send all your jokes to: [EMAIL PROTECTED] !! > To subscribe, email: [EMAIL PROTECTED] -- Mark L. Kahnt, FLMI/M, ALHC, HIA, AIAA, ACS, MHP ML Kahnt New Markets Consulting Tel: (613) 531-8684 / (613) 539-0935 Email: [EMAIL PROTECTED] signature.asc Description: This is a digitally signed message part
Re: grsec patch over debian 2.4.20 kernel
On Tue, Apr 22, 2003 at 09:46:13AM -0400, John Keimel wrote: > On Tue, Apr 22, 2003 at 03:17:56PM +0300, Ted Bukov wrote: > > I got the last 2.4.20 kernel with apt-get install. I want to patch > > it with grsec, but I met many times the follow message: "Reversed > > (or previously applied) patch detected! Assume -R? [n]" When I > > answered "yes" to all questions, the kernel compilation had failed. > > I think grsec patch have conficts with already patched debian kernel > > source, so is there any debian kernel sources with grsec applied? I > > don't want to use plain (vanilla) kernel, because of its ptrace > > vulnerability. > I know that I had some issues when I put together my kernel, but I got > them resolved. Turned out that my kernel, at the time, wasn't proved > to be supported by grsec, yet. > > Looking at the downloads section of grsecurity's website, > www.grsecurity.net and notice their latest version was published only > two days ago, grsecurity-1.9.9g-2.4.20.patch . Bah. That's typical. Just after I upload a 1.9.9f kernel-patch-2.4-grsecurity package they update the patch. I'll try to get a g release uploaded in the next few days. FWIW the kernel-patch-2.4-grsecurity 1.9.9f package is against Debian's kernel-source-2.4.20 package, so doesn't include the ptrace fix as that's in the kernel-source package. If you're seeing issues with this combination (and I can't tell if this is the case or not from the original post), then please do file a bug. The 1.9.9e release didn't have this removed, so if you were using an old version of the package try the latest one. J. (kernel-patch-2.4-grsecurity maintainer) -- /\ | Allow me to introduce my selves. | | http://www.blackcatnetworks.co.uk/ | \/ pgp88B0UGoMhM.pgp Description: PGP signature
Re: grsec patch over debian 2.4.20 kernel
On Tue, Apr 22, 2003 at 06:13:06PM +0200, Marcel Weber wrote: > Hobbs, Richard wrote: > >Hello, > > > >Where is the 2.4.20 kernel in apt?? > > > Hi > > You do not miss anything (or I would miss the same thing...). The 2.4.20 > kernel is part of sid and not woody. For a 2.4.20 kernel grab sid's > kernel source or the plain vanilla kernel from kernel.org. > you've got a 2.4.20 for woody in the pool, you can get it via: deb http://http.us.debian.org/debian woody-proposed-updates main -- Emmanuel Lacour Easter-eggs 44-46 rue de l'Ouest - 75014 Paris - France - Métro Gaité Phone: +33 (0) 1 43 35 00 37- Fax: +33 (0) 1 41 35 00 76 mailto:[EMAIL PROTECTED] -http://www.easter-eggs.com
RE: grsec patch over debian 2.4.20 kernel
Hello, I was under the impression that an "apt-get dist-upgrade" would upgrade me to the latest everything... I am running "stable" if that makes a difference. Is 2.4.20 in testing or unstable at the moment, or is it just being blocked from my woody installation? Thanks, Richard. > -Original Message- > From: Marcel Weber [mailto:[EMAIL PROTECTED] > Sent: 22 April 2003 17:13 > To: Hobbs, Richard > Cc: [EMAIL PROTECTED]; debian-security@lists.debian.org > Subject: Re: grsec patch over debian 2.4.20 kernel > > > Hobbs, Richard wrote: > > Hello, > > > > Where is the 2.4.20 kernel in apt?? > > > Hi > > You do not miss anything (or I would miss the same thing...). > The 2.4.20 > kernel is part of sid and not woody. For a 2.4.20 kernel grab sid's > kernel source or the plain vanilla kernel from kernel.org. > > Regards > > Marcel > > -- Richard Hobbs [EMAIL PROTECTED] http://mongeese.co.uk | http://unixforum.co.uk "There's only one way of life, and that's your own" - The Levellers _ Send all your jokes to: [EMAIL PROTECTED] !! To subscribe, email: [EMAIL PROTECTED] smime.p7s Description: S/MIME cryptographic signature
Re: grsec patch over debian 2.4.20 kernel
Hobbs, Richard wrote: Hello, Where is the 2.4.20 kernel in apt?? Hi You do not miss anything (or I would miss the same thing...). The 2.4.20 kernel is part of sid and not woody. For a 2.4.20 kernel grab sid's kernel source or the plain vanilla kernel from kernel.org. Regards Marcel
Re: grsec patch over debian 2.4.20 kernel
Im using grsecurity and i dont have problems to install :- / white-snake:~# apt-cache search grsec kernel-patch-2.4-grsecurity - grsecurity kernel patch - OpenWall based 2.4.x security patch - Original Message - From: "Raphael SurcouF" <[EMAIL PROTECTED]> To: Sent: Tuesday, April 22, 2003 2:13 PM Subject: Re: grsec patch over debian 2.4.20 kernel > Le Tue, 22 Apr 2003 15:17:56 +0300, Ted Bukov a > ÃfÂfÃ,ÂfÃfÂ,Ã,ÂfÃfÂfÃ,Â,ÃfÂ,Ã,©critÃfÂfÃ,ÂfÃfÂ,Ã,Â,ÃfÂfÃ,Â,ÃfÂ,Ã, : > > > Hi folks, > > > > I got the last 2.4.20 kernel with apt-get install. I want to patch it > > with grsec, but I met many times the follow message: > > "Reversed (or previously applied) patch detected! Assume -R? [n]" > > When I answered "yes" to all questions, the kernel compilation had failed. > > I think grsec patch have conficts with already patched debian kernel > > source, so is there any debian kernel sources with grsec applied? I don't > > want to use plain (vanilla) kernel, because of its ptrace vulnerability. > > I don't know what version of debian you have but in sid: > > [EMAIL PROTECTED] 15:09:27 ~]# apt-cache search grsec > ... > gradm - Administration program for the GrSecurity ACL system > kernel-patch-2.4-grsecurity - grsecurity kernel patch - 2.4.x security patch > > You're better to used this kernel-patch if you want to have debian kernel > source. > > Hope that help... > > -- > Raphaël SurcouF > [EMAIL PROTECTED] > > > > -- > To UNSUBSCRIBE, email to [EMAIL PROTECTED] > with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED] > >
RE: grsec patch over debian 2.4.20 kernel
Hello, Where is the 2.4.20 kernel in apt?? turnip:~# apt-cache search kernel | grep image | grep 2.4 kernel-image-2.4.16-386 - Linux kernel image for version 2.4.16 on 386. kernel-image-2.4.16-586 - Linux kernel image for version 2.4.16 on 586/K5/5x86/6x86/6x86MX. kernel-image-2.4.16-586tsc - Linux kernel image for version 2.4.16 on Pentium-Classic. kernel-image-2.4.16-686 - Linux kernel image for version 2.4.16 on PPro/Celeron/PII/PIII. kernel-image-2.4.16-686-smp - Linux kernel image 2.4.16 on PPro/Celeron/PII/PIII SMP. kernel-image-2.4.16-k6 - Linux kernel image for version 2.4.16 on AMD K6/K6-II/K6-III kernel-image-2.4.16-k7 - Linux kernel image for version 2.4.16 on AMD K7 kernel-image-2.4.18-386 - Linux kernel image for version 2.4.18 on 386. kernel-image-2.4.18-586tsc - Linux kernel image for version 2.4.18 on Pentium-Classic. kernel-image-2.4.18-686 - Linux kernel image 2.4.18 on PPro/Celeron/PII/PIII/PIV. kernel-image-2.4.18-686-smp - Linux kernel image 2.4.18 on PPro/Celeron/PII/PIII/PIV SMP. kernel-image-2.4.18-bf2.4 - Linux kernel image for version 2.4.18 (bf variant) on 386. kernel-image-2.4.18-k6 - Linux kernel image for version 2.4.18 on AMD K6/K6-II/K6-III kernel-image-2.4.18-k7 - Linux kernel image for version 2.4.18 on AMD K7 turnip:~# I can only find 2.4.18, and I have just run an update. Am I missing something here?? Thanks, Richard. > -Original Message- > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] > Sent: 22 April 2003 14:12 > To: debian-security@lists.debian.org > Subject: Re: grsec patch over debian 2.4.20 kernel > > > > Ted Bukov <[EMAIL PROTECTED]> 22.04.2003, 14:17:56: > > > > I got the last 2.4.20 kernel with apt-get install. I want > to patch it > > with grsec, but I met many times the follow message: "Reversed (or > > previously applied) patch detected! Assume -R? [n]" When I > answered > > "yes" to all questions, the kernel compilation had failed. I think > > grsec patch have conficts with already patched debian > kernel source, > > so is there any debian kernel sources with grsec applied? I > don't want > > to use plain (vanilla) kernel, because of its ptrace > vulnerability. > > Thanks in advance. > > I have the same problem as I can not apply the patch on the > 2.4.20-sources. I've tried this some month ago (also on > 2.4.20) for my home workstation, the patch did apply. > > Now I've had a look at Trusted Linux. However, I am not quite > shure, because apt-get will update 127 packages, but just 180 > packages are installed. > > -- > FiFo Ost GbR > Tal 44, D- 80331 M?nchen > Tel.: +49 89 21 03 18 88 > Fax: +49 89 21 03 18 90 > > > -- > To UNSUBSCRIBE, email to [EMAIL PROTECTED] > with a subject of "unsubscribe". Trouble? Contact > [EMAIL PROTECTED] > > -- Richard Hobbs [EMAIL PROTECTED] http://mongeese.co.uk | http://unixforum.co.uk "There's only one way of life, and that's your own" - The Levellers _ Send all your jokes to: [EMAIL PROTECTED] !! To subscribe, email: [EMAIL PROTECTED] smime.p7s Description: S/MIME cryptographic signature
Re: grsec patch over debian 2.4.20 kernel
On Tue, Apr 22, 2003 at 03:17:56PM +0300, Ted Bukov wrote: > Hi folks, > > I got the last 2.4.20 kernel with apt-get install. I want to patch it > with grsec, but I met many times the follow message: > "Reversed (or previously applied) patch detected! Assume -R? [n]" > When I answered "yes" to all questions, the kernel compilation had failed. > I think grsec patch have conficts with already patched debian kernel > source, so is there any debian kernel sources with grsec applied? I don't > want to use plain (vanilla) kernel, because of its ptrace vulnerability. > Thanks in advance. I know that I had some issues when I put together my kernel, but I got them resolved. Turned out that my kernel, at the time, wasn't proved to be supported by grsec, yet. Looking at the downloads section of grsecurity's website, www.grsecurity.net and notice their latest version was published only two days ago, grsecurity-1.9.9g-2.4.20.patch . I'd suggest that you might consider checking on the mailing list over there, as I'm sure that any quirks of the patch would be well known there. Their mailing list info is at http://www.grsecurity.net/mailinglist.php and the archives of the list are at http://wws.grsecurity.net/wws/arc/grsecurity . Personally, I'm happy with my current kernel and it's current patch and having recently experienced a spate of downtime due to a SCSI drive (I tried EVERYTHING before I finally replaced the drive - to my detriment) I'm not looking to make a reboot until I absolutely have to. So I've not touched the kernel lately. However, looking at some of the new admin features of grsecurity, I think I'll add it to my so-called development box. HTH j -- == + It's simply not | John Keimel+ + RFC1149 compliant!| [EMAIL PROTECTED]+ + | http://www.keimel.com + == pgp5EGzqmIPuC.pgp Description: PGP signature
Re: grsec patch over debian 2.4.20 kernel
On Tuesday 22 April 2003 15:12, [EMAIL PROTECTED] wrote: Hi, > Ted Bukov <[EMAIL PROTECTED]> 22.04.2003, 14:17:56: > > I got the last 2.4.20 kernel with apt-get install. I want to patch it > > with grsec, but I met many times the follow message: > > "Reversed (or previously applied) patch detected! Assume -R? [n]" > > When I answered "yes" to all questions, the kernel compilation had > > failed. I think grsec patch have conficts with already patched debian > > kernel source, so is there any debian kernel sources with grsec applied? > > I don't want to use plain (vanilla) kernel, because of its ptrace > > vulnerability. Thanks in advance. > I have the same problem as I can not apply the patch on the > 2.4.20-sources. I've tried this some month ago (also on 2.4.20) for my > home workstation, the patch did apply. > Now I've had a look at Trusted Linux. However, I am not quite shure, > because apt-get will update 127 packages, but just 180 packages are > installed. reading the changelog of _both_ might help :P grsecurity has the ptrace-fix included. debian's 2.4.20 kernel has the ptrace-fix included. so, unpatch that kernel with the ptrace-fix and apply grsec and it'll work. -- ciao, Marc
Re: grsec patch over debian 2.4.20 kernel
Le Tue, 22 Apr 2003 15:17:56 +0300, Ted Bukov a ÃÂÃÂÃÂÃÂÃÂÃÂÃÂécritÃÂÃÂÃÂÃÂÃÂÃÂÃÂà: > Hi folks, > > I got the last 2.4.20 kernel with apt-get install. I want to patch it > with grsec, but I met many times the follow message: > "Reversed (or previously applied) patch detected! Assume -R? [n]" > When I answered "yes" to all questions, the kernel compilation had failed. > I think grsec patch have conficts with already patched debian kernel > source, so is there any debian kernel sources with grsec applied? I don't > want to use plain (vanilla) kernel, because of its ptrace vulnerability. I don't know what version of debian you have but in sid: [EMAIL PROTECTED] 15:09:27 ~]# apt-cache search grsec ... gradm - Administration program for the GrSecurity ACL system kernel-patch-2.4-grsecurity - grsecurity kernel patch - 2.4.x security patch You're better to used this kernel-patch if you want to have debian kernel source. Hope that help... -- Raphaël SurcouF [EMAIL PROTECTED]
Re: grsec patch over debian 2.4.20 kernel
Ted Bukov <[EMAIL PROTECTED]> 22.04.2003, 14:17:56: > I got the last 2.4.20 kernel with apt-get install. I want to patch it > with grsec, but I met many times the follow message: > "Reversed (or previously applied) patch detected! Assume -R? [n]" > When I answered "yes" to all questions, the kernel compilation had failed. > I think grsec patch have conficts with already patched debian kernel > source, so is there any debian kernel sources with grsec applied? I don't > want to use plain (vanilla) kernel, because of its ptrace vulnerability. > Thanks in advance. I have the same problem as I can not apply the patch on the 2.4.20-sources. I've tried this some month ago (also on 2.4.20) for my home workstation, the patch did apply. Now I've had a look at Trusted Linux. However, I am not quite shure, because apt-get will update 127 packages, but just 180 packages are installed. -- FiFo Ost GbR Tal 44, D- 80331 M?nchen Tel.: +49 89 21 03 18 88 Fax: +49 89 21 03 18 90
grsec patch over debian 2.4.20 kernel
Hi folks, I got the last 2.4.20 kernel with apt-get install. I want to patch it with grsec, but I met many times the follow message: "Reversed (or previously applied) patch detected! Assume -R? [n]" When I answered "yes" to all questions, the kernel compilation had failed. I think grsec patch have conficts with already patched debian kernel source, so is there any debian kernel sources with grsec applied? I don't want to use plain (vanilla) kernel, because of its ptrace vulnerability. Thanks in advance. --- Ted Bukov --- May the /src be with you.
