Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email email@example.com
From: Zenny (garbytrashgmail.com)
Date: Sat May 04 2013 - 06:16:43 CDT
What is the timeline for Owl 4.0 compatible with RHEL6?
Look forward to. Thanks for the great work!
On 5/4/13, Zenny <garbytrashgmail.com> wrote:
> It is nice to learn about the update, but what makes me wonder is the
> upstream for RHEL4 is alreade EoL (end of life) about a year ago (2012
> Feb as far as I remember).
> It would be nice if Owl get upgraded to be compatible with the
> packages for RHEL6/CentOS6 which has an end of life for 10 years? If
> not at least, RHEL5/CentOS5 which alos has EoL for a decade.
> Actually I encountered a lot of backward incompatibility when I try
> to use some applications.
> On 4/11/13, Solar Designer <solaropenwall.com> wrote:
>> A few days ago, we've released new snapshots of Owl-current and Owl
>> 3.0-stable, as usual including ISO images, OpenVZ container templates,
>> binary packages for i686 and x86_64, and full sources:
>> The Linux kernel has been rebased on the latest from OpenVZ's
>> RHEL5-based branch (RHEL 5.9-based currently), thereby fixing a number
>> of vulnerabilities including the PTRACE_SETREGS vs. process death race
>> condition (CVE-2013-0871), which could allow for a local root compromise
>> and OpenVZ container escape. (However, the risk probability might have
>> been low due to the race being difficult to win.)
>> GnuPG has been updated to 1.4.13, which fixes a memory corruption bug
>> (CVE-2012-6085). The bug allowed an attacker to crash gpg(1) and
>> corrupt the public keyring database file. Arbitrary code execution was
>> not possible because the attacker cannot control the corrupted data.
>> The corrupted data is stored in the keyring file, so the DoS effect is
>> persistent, but the keyring can be manually restored by recovering from
>> the pubring.gpg~ backup file (which is created by gpg(1) itself).
>> In Owl 3.0-stable, both of the above changes have been merged (although
>> the kernel has fewer features enabled than Owl-current's), and
>> additionally the earlier xinetd security update from Owl-current and
>> some glibc bugfixes have been merged. Owl 3.0-stable's kernel is now
>> compressed with Zopfli (pigz -11) instead of gzip -9.
>> More detail is available in the change logs:
>> There's one known regression in Owl-current as compared to 3.0-stable:
>> the strace program fails to work against 32-bit x86 program binaries.
>> Indeed, we're going to correct this.
>> This Owl-current update is a lot more conservative than what we've been
>> planning to have by this date. Frankly, progress has been slow. We did
>> prepare an experimental update of Owl to RHEL6'ish kernels, and it was
>> in fact committed, but in light of severe security issues discovered in
>> the Linux kernel we chose to temporarily revert the major update and to
>> provide the security fixes on top of a more stable system first.