Hi, A new snapshot of Owl-current is available on the mirrors. As usual, this includes ISOs, OpenVZ container templates, RPMs, and sources. The ISOs may be downloaded via direct links from the Owl homepage: http://www.openwall.com/Owl/ With the OpenSSL update to 1.0.0d included in this snapshot, Owl-current has finally deviated from Owl 3.0 and RHEL4 binary compatibility (moving towards RHEL6 binary compatibility). Besides OpenSSL, we've updated vsftpd to 2.3.4 (remote DoS vulnerability fix, CVE-2011-0762), patchutils to 0.3.2, and the Linux kernel to OpenVZ's latest "RHEL5 testing" one (-238.5.1.el5.028stab085.2) with our usual changes. The Owl-current specific bug in checksum calculation of fragmented ICMP echo request datagrams reported by Piotr Meyer in here has been fixed (thank you, Piotr and Vasiliy!), and the eepro100 NIC driver has been disabled in favor of e100. As usual, these changes are documented in a bit more detail here: http://www.openwall.com/Owl/CHANGES-current.shtml At the same time, we've released the first pre-compiled snapshot of Owl 3.0-stable. Compared to the 3.0 release, Owl 3.0-stable 2011/03/12 corrects a VIM packaging error, a vulnerability in the patch(1) program (CVE-2010-4651), two vulnerabilities in OpenSSL (CVE-2010-4180, CVE-2009-0590), which were at worst of moderate severity, and it updates vsftpd to 2.3.4 (CVE-2011-0762 fix) and patchutils to 0.3.2. The 3.0-stable snapshot is similarly complete (ISOs, vztemplates, RPMs, sources), with its ISOs linked directly from the Owl homepage. The Owl 3.0-stable change log is now available here: http://www.openwall.com/Owl/CHANGES-3.0-stable.shtml Any feedback is welcome. AlexanderReceived on Sat Mar 12 2011 - 17:23:23 PST
This archive was generated by hypermail 2.2.0 : Sat Mar 12 2011 - 17:23:53 PST