Indeed. Hence my initial suggestion to the gentleman. Perhaps he could
unsubscribe and see if that fixes it.
On 25 Aug 2009, at 14:15, Doug Harvey wrote:
> I'm only getting a single email from each of the posters...
>
>
>
> -----Original Message-----
> From: microv [mailto:microv (at mark) microvisionfl.com]
> Sent: Tuesday, August 25, 2009 6:04 AM
> To: coba-e (at mark) bluequartz.org
> Subject: [coba-e:15929] Re: {Spam?} Re: {Spam?} Re: Major Update
> Kernel
> Included - Update
>
> No caps lock problem here. I was shouting...... It's annoying. It's
> not on
> my end. It's coming to the same email 3 different times. Who is the
> moderator?
>
> -----Original Message-----
> From: Steve Howes [mailto:steve (at mark) geekinter.net]
> Sent: Tuesday, August 25, 2009 3:35 AM
> To: coba-e (at mark) bluequartz.org
> Subject: {Spam?} [coba-e:15927] Re: {Spam?} Re: Major Update Kernel
> Included
> - Update
>
> I'm only getting them once. Maybe its a problem your end? You appear
> to have
> a caps lock fault, maybe it is related.
>
> Steve
>
> On 25 Aug 2009, at 03:33, microv wrote:
>
>> WHY AM I GETTING 2 OF EVERYONE'S MESSAGES FROM THIS LISTSERV? CAN IT
>> BE FIXED?
>>
>>
>> -----Original Message-----
>> From: Tom W [mailto:midintertech (at mark) hotmail.com]
>> Sent: Monday, August 24, 2009 10:14 PM
>> To: coba-e (at mark) bluequartz.org
>> Subject: {Spam?} [coba-e:15925] Re: Major Update Kernel Included -
>> Update
>>
>>
>> ----------------------------------------
>>> Date: Sun, 23 Aug 2009 04:53:01 +0200
>>> From: bq (at mark) solarspeed.net
>>> Subject: [coba-e:15916] Re: Major Update Kernel Included
>>> To: coba-e (at mark) bluequartz.org
>>>
>>> Hi Tom,
>>>
>>>> About the linux kernel vuln, wonder how long its gonna take them to
>>>> get out an update for it??
>>>
>>> I'm puzzled about that as well. My money was on last Monday for an
>>> updated
>>> RHEL5 kernel and 11 days later for a CentOS5 kernel. But it looks RH
>>> is
>> taking
>>> a different route this time. It appears they'll provide a fix during
>>> the
>> next
>>> "routine" kernel update and paying clients can request a "hotfixed"
>> kernel.
>>>
>>>> Even though they say its local user, we have been reading reports,
>>>> far
>> too
>>>> many for our comfort level, that say hacktards are using xss and
>>>> other methods remotely to get hacks for this kernel problem onto
>>>> systems as a local user and hacking quite a few boxes already!?
>>>
>>> Exactly so. It is always bad if lax security or an ill designed
>> application
>>> (PHP script, etc.) allows someone local and unprivileged access to
>>> the OS.
>>> That shouldn't happen in an ideal world, but in the hosting business
>>> we
>> see
>>> this far too often for various reasons. In BlueOnyx we raised the
>>> bar
>>> for
>> this
>>> by adding some extra layers of protection beyond what BlueQuartz
>>> offers,
>> but
>>> still: It ain't Fort Knox and the admins might even choose to
>>> disable
>>> the extra security. All that it then takes is another hole such as
>>> this kernel vulnerability and the attacker can escalate his
>>> unprivileged local access
>> to
>>> gain root access.
>>>
>>>> Has anybody tried the "workaround" they have listed on that redhat
>>>> bug report by disabling some modules or know if that would actually
>>>> help on
>> our
>>>> CentosBQ boxes?
>>>
>>> For BlueOnyx and CentOS5 we rolled up a patched kernel. It's just
>>> one
>>> line
>> of
>>> code that's changed and the new kernel appears to be both stable and
>>> safe.
>> For
>>> CentOS4 it should be equally trivial to roll up a fixed kernel. I'd
>>> trust
>> that
>>> more than the other suggested work arounds, which I haven't tested.
>>>
>>>> I ran lsmod and didn't think I saw any of the modules loaded??
>>>
>>> Yeah, but they will be loaded if the kernel needs them. Unless you
>>> stop
>> the
>>> loading of kernel modules with a third party tool such as LCAP. But
>>> the
>> way
>>> this exploits works I'm not sure LCAP alone would prevent it.
>>> Haven't
>> tested
>>> that, though.
>>>
>>>> We also read that disabling selinux was a good idea but I don't
>>>> thing its
>> on
>>>> by default in CentosBQ??
>>>
>>> SELinux is disabled by default on BlueQuartz and BlueOnyx. On a
>>> "normal"
>>> CentOS it's typically set to enforcing mode, but that didn't stop
>>> the
>> exploit
>>> either in the default SELinux configuration used on RHEL and CentOS.
>>>
>>> All in all I'm not a happy camper with this situation at hands. That
>> CentOS is
>>> late with handing down patches and that they never fix something
>>> that
>> RedHat
>>> doesn't fix upstream ... both of that ain't new. But that RedHat
>>> sits
>>> this
>> one
>>> out has me somewhat puzzled. Like said: The issue is trivial to
>>> patch
>>> and
>> that
>>> extra bit of Q&A should be easy to shake loose for a giant like
>>> RedHat.
>> But
>>> they leave the field to Debian, Fedora Core and other distributions,
>>> who already jumped on it and pushed out fixed kernels as fast as one
>>> ought to expect .
>>>
>>> --
>>> With best regards,
>>>
>>> Michael Stauber
>>>
>>
>> Hey they must have heard us griping! :P In case someone missed it,
>> CentOS released new kernel's fixing the SOCKOPS_WRAP/sendpage bug and
>> also another bug I hadn't even read about. We were pleasantly
>> surprised because we were just about to try and roll our own kernel
>> with the patch in ourselves which could have had interesting results.
>> CentOS really got the kernel out fast considering Redhat just posted
>> it today..
>>
>> They said it might take little awhile for it to hit all the
>> mirrors...
>>
>> kernel-2.6.9-89.0.9.EL
>> http://lists.centos.org/pipermail/centos-announce/2009-August/
>> 016108.h
>> tml
>>
>>
>>
>> Tom
>>
>> _________________________________________________________________
>> Get back to school stuff for them and cashback for you.
>>
> http://www.bing.com/cashback?form=MSHYCB&publ=WLHMTAG&crea=TEXT_MSHYCB_BackT
>> oSchool_Cashback_BTSCashback_1x1
>>
>>
>> --
>> This message has been scanned for viruses and dangerous content by
>> Our
>> MailScanner, and is believed to be clean.
>>
>
>
>
> --
> This message has been scanned for viruses and dangerous content by Our
> MailScanner, and is believed to be clean.
>
>