[owl-users] Owl-current & 3.0-stable 2011/03/12 snapshots

From: Solar Designer <solar_at_private>
Date: Sun, 13 Mar 2011 04:23:23 +0300
Hi,

A new snapshot of Owl-current is available on the mirrors.  As usual,
this includes ISOs, OpenVZ container templates, RPMs, and sources.  The
ISOs may be downloaded via direct links from the Owl homepage:

http://www.openwall.com/Owl/

With the OpenSSL update to 1.0.0d included in this snapshot, Owl-current
has finally deviated from Owl 3.0 and RHEL4 binary compatibility (moving
towards RHEL6 binary compatibility).  Besides OpenSSL, we've updated
vsftpd to 2.3.4 (remote DoS vulnerability fix, CVE-2011-0762),
patchutils to 0.3.2, and the Linux kernel to OpenVZ's latest "RHEL5
testing" one (-238.5.1.el5.028stab085.2) with our usual changes.

The Owl-current specific bug in checksum calculation of fragmented ICMP
echo request datagrams reported by Piotr Meyer in here has been fixed
(thank you, Piotr and Vasiliy!), and the eepro100 NIC driver has been
disabled in favor of e100.

As usual, these changes are documented in a bit more detail here:

http://www.openwall.com/Owl/CHANGES-current.shtml

At the same time, we've released the first pre-compiled snapshot of Owl
3.0-stable.  Compared to the 3.0 release, Owl 3.0-stable 2011/03/12
corrects a VIM packaging error, a vulnerability in the patch(1) program
(CVE-2010-4651), two vulnerabilities in OpenSSL (CVE-2010-4180,
CVE-2009-0590), which were at worst of moderate severity, and it updates
vsftpd to 2.3.4 (CVE-2011-0762 fix) and patchutils to 0.3.2.

The 3.0-stable snapshot is similarly complete (ISOs, vztemplates, RPMs,
sources), with its ISOs linked directly from the Owl homepage.

The Owl 3.0-stable change log is now available here:

http://www.openwall.com/Owl/CHANGES-3.0-stable.shtml

Any feedback is welcome.

Alexander
Received on Sat Mar 12 2011 - 17:23:23 PST

This archive was generated by hypermail 2.2.0 : Sat Mar 12 2011 - 17:23:53 PST