In association with heise online

Stable kernels

As already reported a few days ago, the generation 2.6 kernels contained a security hole that allowed local attackers to execute code at root privilege level; this hole has been fixed in the main development branch and in versions, and, which were released early last week. While the changes weren't integrated into version, which was released at the same time, they did make their way into version released on Friday night. This version also fixes several other flaws introduced indirectly by the patches for the security hole; these bug fixes were also included in versions, and, which were released at the same time. On some systems, at least the latter exhibited a previously non-existent problem which is to be fixed in the next version. The next set of stable kernel releases for,, and are already in review.

After minor variations in the release emails for the previous stable kernels, as reported in the previous Kernel Log, Greg Kroah-Hartman has mentioned that all users need to update to the new kernel in several emails. In the release email for, the developer also wrote that he is tired of people trying to parse his words for hidden messages about whether security changes have been made and repeated his request that users update, pointing out that people who use kernels but who don't update regularly shouldn't be using kernels. ("I'm tired of people trying to parse my words like I'm the Federal Reserve Chairman, just go update already. If you use a kernel, and you aren't updating to the latest -stable updates, well, why are you using a kernel in the first place?")

Main development branch

At the beginning of the week, Linus Torvalds provided the second release candidate of Linux 2.6.36. Having made an exception and sent out the first release candidate, which marked the end of the 2.6.36 merge window, without a companion email early last week, Torvalds highlighted some of changes he considers important in his release email for 2.6.36-rc2: Fanotify, concurrency-managed work queues and various optimisations to the Virtual Memory infrastructure.

Torvalds also mentioned that, in RC2, he merged various large patches for the Intel graphics drivers as well as some of the patches that were mainly developed by Nick Piggin to optimise the Virtual File System (VFS) code and make it run more smoothly, especially on multi-core systems. However, the merged code apparently adds just a small portion of the VFS optimisation patches, and Torvalds said it's not even the most interesting part; the remaining patches are now likely to be integrated into the main development branch with 2.6.37 at the earliest.

Torvalds said that he will not integrate any further big features into 2.6.36, and that various Git-Pull requests have already been rejected ("The main commentary about it is that I'll be back in "fairly strict" mode as of - RC2. IOW, send me regression fixes only. Really. I already dropped some git pull requests that were a bit too obviously new feature stuff after the merge window closed, [...]"). He already pursued a similar approach during the development of 2.6.35, having been considerably more lenient in earlier versions.

Next: In brief

Print Version | Permalink:
  • Twitter
  • Facebook
  • submit to slashdot
  • StumbleUpon
  • submit to reddit

  • July's Community Calendar

The H Open

The H Security

The H Developer

The H Internet Toolkit