LinuxQuestions.org
Share your knowledge at the LQ Wiki.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Distributions > Slackware
User Name
Password
Slackware This Forum is for the discussion of Slackware Linux.

Notices


Reply
  Search this Thread
Old 02-19-2014, 11:56 PM   #1
hitest
Guru
 
Registered: Mar 2004
Location: Canada
Distribution: Slackware (desktops), Void (thinkpad)
Posts: 7,432

Rep: Reputation: 3849Reputation: 3849Reputation: 3849Reputation: 3849Reputation: 3849Reputation: 3849Reputation: 3849Reputation: 3849Reputation: 3849Reputation: 3849Reputation: 3849
New kernel in -current (32 bit, 64 bit) and in 14.1( 64 bit)


Upgrade time. folks.

Code:
Linux loki 3.10.30-smp #2 SMP Fri Feb 14 20:54:32 CST 2014 i686 Intel(R) Pentium(R) D CPU 2.80GHz GenuineIntel GNU/Linux
Code:
Thu Feb 20 00:30:49 UTC 2014
a/kernel-firmware-20140215git-noarch-1.txz:  Upgraded.
a/kernel-generic-3.10.30-i486-1.txz:  Upgraded.
a/kernel-generic-smp-3.10.30_smp-i686-1.txz:  Upgraded.
a/kernel-huge-3.10.30-i486-1.txz:  Upgraded.
a/kernel-huge-smp-3.10.30_smp-i686-1.txz:  Upgraded.
a/kernel-modules-3.10.30-i486-1.txz:  Upgraded.
a/kernel-modules-smp-3.10.30_smp-i686-1.txz:  Upgraded.
a/shadow-4.1.5.1-i486-3.txz:  Rebuilt.

Last edited by hitest; 02-22-2014 at 10:18 PM.
 
Old 02-20-2014, 01:24 AM   #2
willysr
Senior Member
 
Registered: Jul 2004
Location: Jogja, Indonesia
Distribution: Slackware-Current
Posts: 4,801

Rep: Reputation: 1884Reputation: 1884Reputation: 1884Reputation: 1884Reputation: 1884Reputation: 1884Reputation: 1884Reputation: 1884Reputation: 1884Reputation: 1884Reputation: 1884
This only applies to x86_64 architecture only, not in x86
 
1 members found this post helpful.
Old 02-20-2014, 01:26 AM   #3
Mark Pettit
Member
 
Registered: Dec 2008
Location: Cape Town, South Africa
Distribution: Slackware 15.0
Posts: 642

Rep: Reputation: 304Reputation: 304Reputation: 304Reputation: 304
Does anyone know if there's a really compelling case to install these ? Like a major performance boost, new feature, or security/bug fixes.
 
Old 02-20-2014, 01:41 AM   #4
willysr
Senior Member
 
Registered: Jul 2004
Location: Jogja, Indonesia
Distribution: Slackware-Current
Posts: 4,801

Rep: Reputation: 1884Reputation: 1884Reputation: 1884Reputation: 1884Reputation: 1884Reputation: 1884Reputation: 1884Reputation: 1884Reputation: 1884Reputation: 1884Reputation: 1884
security bug fixes
Quote:
patches/packages/linux-3.10.17-2/*:
These are new kernels that fix CVE-2014-0038, a bug that can allow local
users to gain a root shell.
Be sure to reinstall LILO (run "lilo" as root) after upgrading the kernel
packages, or on UEFI systems, copy the appropriate kernel to
/boot/efi/EFI/Slackware/vmlinuz).
For more information, see:
http://cve.mitre.org/cgi-bin/cvename...=CVE-2014-0038
(* Security fix *)
 
Old 02-20-2014, 01:42 AM   #5
ponce
LQ Guru
 
Registered: Aug 2004
Location: Pisa, Italy
Distribution: Slackware
Posts: 7,349

Rep: Reputation: 4343Reputation: 4343Reputation: 4343Reputation: 4343Reputation: 4343Reputation: 4343Reputation: 4343Reputation: 4343Reputation: 4343Reputation: 4343Reputation: 4343
as it's about CONFIG_X86_X32_ABI, related to x86 emulation (the X32 flavour) on x86_64, native 32 bit archs shouldn't be affected.

Last edited by ponce; 02-20-2014 at 01:58 AM.
 
Old 02-20-2014, 02:53 AM   #6
Mark Pettit
Member
 
Registered: Dec 2008
Location: Cape Town, South Africa
Distribution: Slackware 15.0
Posts: 642

Rep: Reputation: 304Reputation: 304Reputation: 304Reputation: 304
Ok - so CVE-2014-0038 is really not too critical if you're running a laptop and you're really the only user and you also know the root login password :-)

Thing of course is that every time you install a new kernely, you have to re-install virtualbox and nvidia drivers (if you use them). And run lilo. And perhaps build a new initrd if you use that too. Thus a bit of a fag unless there's something motivating.

Thanks for the answers @ponce and @willysr.
 
Old 02-20-2014, 06:15 AM   #7
GazL
LQ Veteran
 
Registered: May 2008
Posts: 7,071

Rep: Reputation: 5220Reputation: 5220Reputation: 5220Reputation: 5220Reputation: 5220Reputation: 5220Reputation: 5220Reputation: 5220Reputation: 5220Reputation: 5220Reputation: 5220
The danger is from a piggyback attack. Arbitrary code exploit in Firefox, flashplayer, java etc, or even things like xpdf, MPlayer, OpenOffice or any other app that references untrusted data, or god forbid a network facing server vulnerability, + CVE-2014-0038 = PWNED!

If you're running 64bit, do the update! It doesn't take much effort to re-run mkinitrd and /sbin/lilo.


Actually, for 14.1 users, I'd be inclined to borrow the .30 kernel from -current instead of the rebuilt .17 in patches/: lots of water under the bridge since .17 was released.

Last edited by GazL; 02-20-2014 at 06:55 AM.
 
1 members found this post helpful.
Old 02-20-2014, 09:35 AM   #8
cwizardone
LQ Veteran
 
Registered: Feb 2007
Distribution: Slackware64-current with KDE4Town.
Posts: 9,506

Rep: Reputation: 7759Reputation: 7759Reputation: 7759Reputation: 7759Reputation: 7759Reputation: 7759Reputation: 7759Reputation: 7759Reputation: 7759Reputation: 7759Reputation: 7759
Quote:
Originally Posted by hitest View Post
Upgrade time. folks.

Code:
Linux loki 3.10.30-smp #2 SMP Fri Feb 14 20:54:32 CST 2014 i686 Intel(R) Pentium(R) D CPU 2.80GHz GenuineIntel GNU/Linux
Code:
Thu Feb 20 00:30:49 UTC 2014
a/kernel-firmware-20140215git-noarch-1.txz:  Upgraded.
a/kernel-generic-3.10.30-i486-1.txz:  Upgraded.
a/kernel-generic-smp-3.10.30_smp-i686-1.txz:  Upgraded.
a/kernel-huge-3.10.30-i486-1.txz:  Upgraded.
a/kernel-huge-smp-3.10.30_smp-i686-1.txz:  Upgraded.
a/kernel-modules-3.10.30-i486-1.txz:  Upgraded.
a/kernel-modules-smp-3.10.30_smp-i686-1.txz:  Upgraded.
a/shadow-4.1.5.1-i486-3.txz:  Rebuilt.
Installed them last night and all is well.... so far, so good.
 
Old 02-20-2014, 11:35 AM   #9
mancha
Member
 
Registered: Aug 2012
Posts: 484

Rep: Reputation: Disabled
Quote:
Originally Posted by GazL View Post
The danger is from a piggyback attack. Arbitrary code exploit in Firefox, flashplayer, java etc, or even things like xpdf, MPlayer, OpenOffice or any other app that references untrusted data, or god forbid a network facing server vulnerability, + CVE-2014-0038 = PWNED!
GazL reminds us that attackers can, and do, combine individual vulnerabilities to expand effective attack surfaces and/or amplify impact.
It's a mistake to believe you don't need to worry about CVE-2014-0038 in the single-user context.

Also, GazL's 3.10.30 recommendation highlights the wisdom in the way Pat structured the kernel deployment: 3.10.30 is available to
interested 14.1 users (via current) but they can always fall back on 3.10.17 (patched for CVE-2014-0038) should they get bitten by
kernel regressions.

--mancha

Last edited by mancha; 02-20-2014 at 03:49 PM. Reason: stylistic
 
2 members found this post helpful.
Old 02-20-2014, 10:12 PM   #10
lyle_s
Member
 
Registered: Jul 2003
Distribution: Slackware
Posts: 392

Rep: Reputation: 55
I find it a little disconcerting that the kernel packages I have installed now (from the original 14.1 ISO) are build -3, but the security-fixed ones are build -2.

It feels like I'm going backwards.
 
Old 02-20-2014, 10:58 PM   #11
willysr
Senior Member
 
Registered: Jul 2004
Location: Jogja, Indonesia
Distribution: Slackware-Current
Posts: 4,801

Rep: Reputation: 1884Reputation: 1884Reputation: 1884Reputation: 1884Reputation: 1884Reputation: 1884Reputation: 1884Reputation: 1884Reputation: 1884Reputation: 1884Reputation: 1884
Yeah, i noticed the same thing, but nevertheless, it contains the fix we need
 
Old 02-20-2014, 11:13 PM   #12
lyle_s
Member
 
Registered: Jul 2003
Distribution: Slackware
Posts: 392

Rep: Reputation: 55
Just got them installed; they are indeed newer as evidenced by the build dates:

Before: Linux bowman 3.10.17 #2 SMP Wed Oct 23 16:34:38 CDT 2013 x86_64 AMD FX(tm)-8350 Eight-Core Processor AuthenticAMD GNU/Linux

After: Linux bowman 3.10.17 #1 SMP Fri Feb 14 16:39:21 CST 2014 x86_64 AMD FX(tm)-8350 Eight-Core Processor AuthenticAMD GNU/Linux

Thank you Slackware Security Team; the upgrade went as smooth as smooth can be.
 
Old 02-21-2014, 09:15 AM   #13
GazL
LQ Veteran
 
Registered: May 2008
Posts: 7,071

Rep: Reputation: 5220Reputation: 5220Reputation: 5220Reputation: 5220Reputation: 5220Reputation: 5220Reputation: 5220Reputation: 5220Reputation: 5220Reputation: 5220Reputation: 5220
Quote:
Greg Kroah-Hartman has announced the release of a new batch of stable kernels: 3.13.4, 3.12.12, 3.10.31, and 3.4.81.
heh! Typical. Always the day after.

Ivybridge owners might be interested in this one as the changelog mentions a fix for a "large performance regression", the rest mostly seems to be ARM related. I'll probably skip this one and wait for .32 (unless I get bored or anything important comes to light).


I'm a little surprised Greg hasn't EOL'd 3.12 yet with 4 releases of 3.13 out the door.
 
Old 02-22-2014, 08:44 PM   #14
hitest
Guru
 
Registered: Mar 2004
Location: Canada
Distribution: Slackware (desktops), Void (thinkpad)
Posts: 7,432

Original Poster
Rep: Reputation: 3849Reputation: 3849Reputation: 3849Reputation: 3849Reputation: 3849Reputation: 3849Reputation: 3849Reputation: 3849Reputation: 3849Reputation: 3849Reputation: 3849
Quote:
Originally Posted by willysr View Post
This only applies to x86_64 architecture only, not in x86
Yeah, I updated and posted too quickly without reading the changelog closely enough. Maybe ease up on the criticism a bit, okay? I think my post had some value.
 
Old 02-22-2014, 08:50 PM   #15
mancha
Member
 
Registered: Aug 2012
Posts: 484

Rep: Reputation: Disabled
@hitest: If it still allows you maybe it makes sense to edit the title so it also attracts the attention of 14.1 users
and not just current users. Maybe something like: "new kernels: 14.1 (64 bit) and current (32 & 64 bit)".

--mancha

PS Your post is fine, Pat upgraded kernels in 32 and 64 bit current.
 
1 members found this post helpful.
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
Current kernel doesn't show up with rpm -q kernel command picatrix Linux - Newbie 4 03-30-2013 04:20 PM
kernel includes at /usr/src/linux/include do not match current kernel. blanny Red Hat 1 03-09-2006 08:53 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - Distributions > Slackware

All times are GMT -5. The time now is 05:55 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration