474
l33t
Joined: 19 Apr 2002
Posts: 714
|
 Posted: Mon Jan 06, 2003 4:25 pm Post subject: Security warning for vanilla-sources (2.4.20) and ext3 users |
 |
|
Hello - are you using kernel 2.4.20 (the sys-kernel/vanilla-sources) and an ext3 filesystem? If so, then be aware that there is a bug which can result in filesystem corruption or data loss as a result of the lack of committing pending data writes from the last 30 seconds or so of use when using the ext3 data="journal" mode. See:
http://news.com.com/2100-1001-976427.html
http://www.uwsg.indiana.edu/hypermail/linux/kernel/0212.0/0010.html
for more information. Andrew Morton has written a patch for the 2.4.20 sources, and the patch has been merged into the 2.4.21-pre2 sources. Andrew has also written several other minor patches for 2.4.20 and 2.4.21-pre2 (essential IMHO) which address several niggles, mostly with ext3.
It may well be that not many people use the journal mode, and I daresay there are very few Gentoo users that would be affected by the above but I thought this was worthy of mention as it seems there is not going to be any GLSA issued - and the bug is a valid flaw which applies to a presently available ebuild in Portage.
Andrew Morton's collection is available here: http://www.zipworld.com.au/~akpm/linux/patches/2.4/ |
|
Networking & Security
