| 2:51p |
Security updates for Friday
Security updates have been issued by CentOS (java-1.7.0-openjdk and ppp), Debian (libimobiledevice, libusbmuxd, and pure-ftpd), Fedora (caddy, firejail, golang-github-gorilla-websocket, golang-vitess, hugo, mingw-libpng, php, and proftpd), openSUSE (chromium, enigmail, ipmitool, libsolv, libzypp, zypper, weechat, and yast2-rmt), Oracle (java-1.7.0-openjdk and ppp), Red Hat (java-1.7.0-openjdk and ppp), Scientific Linux (java-1.7.0-openjdk and ppp), and SUSE (java-1_8_0-ibm, kernel, mariadb, mariadb-100, openssl, php5, python, rsyslog, and texlive-filesystem). |
| 5:58p |
[$] Unexporting kallsyms_lookup_name()
One of the basic rules of kernel-module development is that modules can
only access symbols (functions and data structures) that have been
explicitly exported. Even then, many symbols are restricted so that only
modules with a GPL-compatible license can access them. It turns out,
though, that there is a readily available workaround that makes it easy for
a module to access any symbol it wants. That workaround seems likely to be
removed soon despite some possible inconvenience for some out-of-tree
users; the reason why that is happening turns out to be relatively
interesting. |