Web access to the GIT repository - GIT access to the repository
security : Security patches for Linux Kernel 2.4
Those patches specifically target security purposes. Some of them might be incompatible with many other patches, and might even break userland.
|Description:||Security patches for Linux Kernel 2.4|
|Abstract:||Those patches specifically target security purposes. Some of them might be incompatible with many other patches, and might even break userland.
- config_ip_stealth : Do not send RST in response to a connect() to closed port - Willy Tarreau - 2006/01/09
Ported MadCamel's CONFIG_IP_STEALTH patch from 2.2.18. It permits to drop connection
attempts to closed ports without sending an RST back, which proves useful as a first
protection barrier. The ICMP code has been removed from the patch since kernel 2.4
provides everything to block outgoing ICMP.
- hotfixes : security and critical fixes for recent Linux-2.4 kernels - Willy Tarreau
The 2.4-hf kernel tree only contains hotfixes for 2.4 mainline kernels. These
are intended for people who cannot upgrade for various reasons, and who still
need to apply a security or stability fix. All patches are extracted from the
next mainline release or pre-release. The oldest yet supported kernel is 2.4.29.
- pax : a strong protection against buffer overflows - The PaX Team - 2006/01/22
PaX implements address randomization and non-executable stack and heap, which
results in a strong protection against buffer overflows.
(C) Willy Tarreau - 2008-06-01