LinuxQuestions.org
Review your favorite Linux distribution.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Distributions > Slackware
User Name
Password
Slackware This Forum is for the discussion of Slackware Linux.

Notices


Reply
  Search this Thread
Old 01-08-2020, 07:52 PM   #1
hitest
Guru
 
Registered: Mar 2004
Location: Prince Rupert, B.C., Canada
Distribution: Slackware
Posts: 6,051

Rep: Reputation: 2251Reputation: 2251Reputation: 2251Reputation: 2251Reputation: 2251Reputation: 2251Reputation: 2251Reputation: 2251Reputation: 2251Reputation: 2251Reputation: 2251
New kernel Slackware 14.2 (security issues)


Code:
Wed Jan  8 22:14:06 UTC 2020
patches/packages/linux-4.4.208/*:  Upgraded.
   IPV6_MULTIPLE_TABLES n -> y
  +IPV6_SUBTREES y
  These updates fix various bugs and security issues.
  Be sure to upgrade your initrd after upgrading the kernel packages.
  If you use lilo to boot your machine, be sure lilo.conf points to the correct
  kernel and initrd and run lilo as root to update the bootloader.
  If you use elilo to boot your machine, you should run eliloconfig to copy the
  kernel and initrd to the EFI System Partition.
  For more information, see:
    Fixed in 4.4.203:
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19524
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15917
    Fixed in 4.4.204:
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18660
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15291
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18683
    Fixed in 4.4.206:
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12614
    Fixed in 4.4.207:
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19227
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19062
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19338
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19332
    Fixed in 4.4.208:
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19057
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19063
  (* Security fix *)
+--------------------------+
http://slackware.osuosl.org/slackwar.../ChangeLog.txt
 
Old 01-09-2020, 02:13 PM   #2
magicm
Member
 
Registered: May 2003
Distribution: Slackware
Posts: 205

Rep: Reputation: 135Reputation: 135
Thank you, PV !!

Replying mostly to remove from zero reply.
But so grateful that 14.2 still gets some love.


Code:
root@igloo: Thu Jan 09 13:06:17 : /home/magic/Downloads
# spectre-meltdown-checker.sh --batch
CVE-2017-5753: OK (Mitigation: usercopy/swapgs barriers and __user pointer sanitization)
CVE-2017-5715: OK (Full retpoline + IBPB are mitigating the vulnerability)
CVE-2017-5754: OK (Mitigation: PTI)
CVE-2018-3640: OK (your CPU microcode mitigates the vulnerability)
CVE-2018-3639: OK (Mitigation: Speculative Store Bypass disabled via prctl and seccomp)
CVE-2018-3615: OK (your CPU vendor reported your CPU model as not vulnerable)
CVE-2018-3620: OK (Mitigation: PTE Inversion)
CVE-2018-3646: OK (this system is not running a hypervisor)
CVE-2018-12126: OK (Your microcode and kernel are both up to date for this mitigation, and mitigation is enabled)
CVE-2018-12130: OK (Your microcode and kernel are both up to date for this mitigation, and mitigation is enabled)
CVE-2018-12127: OK (Your microcode and kernel are both up to date for this mitigation, and mitigation is enabled)
CVE-2019-11091: OK (Your microcode and kernel are both up to date for this mitigation, and mitigation is enabled)
CVE-2019-11135: OK (your CPU vendor reported your CPU model as not vulnerable)
CVE-2018-12207: OK (this system is not running a hypervisor)
Code:
root@igloo: Thu Jan 09 13:06:35 : /home/magic/Downloads
# inxi
CPU: Dual Core Intel Core i5-2540M (-MT MCP-) speed/min/max: 800/800/3300 MHz Kernel: 4.4.208 x86_64 Up: 16m 
Mem: 929.5/7856.7 MiB (11.8%) Storage: 931.51 GiB (19.1% used) Procs: 197 Shell: bash 4.3.48 inxi: 3.0.37
 
1 members found this post helpful.
Old 01-09-2020, 05:02 PM   #3
vtel57
Member
 
Registered: Jul 2006
Location: VPN Tunnel, USA
Distribution: Slackware64
Posts: 986

Rep: Reputation: 147Reputation: 147
Sadly, upgrading from 4.4.14 to 4.4.208 made my system go BOOM!

Fortunately, I rsync'd to my mirror drive before starting the upgrade. All's well now that I've restored that backup.

I'll attempt the upgrade another time. And no, not sure at all what went wrong. New kernel Panic! Initrd, LILO, etc. all configured correctly.

Meh... poop happens.
 
3 members found this post helpful.
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
[SOLVED] Kernel upgrade for Slackware 14.2 (bug fixes and security issues) hitest Slackware 1 11-18-2019 01:22 PM
LXer: Security Reseacher explains security issues related to Windows 10 Linux subsystem at Blackhat LXer Syndicated Linux News 0 08-07-2016 10:54 AM
passwd.new, shadow.new, group.new and gshadow.new after upgrade to slackware 12.1 rhermsen Slackware 6 11-08-2008 05:59 PM
A new kernel is out! A new kernel is out! A new kernel is out! Aussie Linux - General 9 11-29-2002 09:31 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - Distributions > Slackware

All times are GMT -5. The time now is 02:29 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration