Rocky Linux released a repository with security and protection tool packages 

Darkcrizt

4 minutes

rockylinux

Rocky Linux is a distribution whose objective is to create a free compilation of RHEL that can take the place of the classic CentOS

Recently developers of the "Rocky Linux" distribution, announced Through a blog post, they announced the creating a new GIS group (Special Interest Group) Security, with the purpose of maintaining packages related to the provision of advanced protection and the provision of additional security tools.

For those who do not know about Rocky Linux, you should know that this is a "new Linux distribution" (relatively) developed by Rocky Enterprise Software Foundation and whose objective is to create a free version of RHEL capable of replacing the classic CentOS, to be a distribution " downstream”, released completely for binary code support using the Red Hat Enterprise Linux operating system source code.

New GIS repository on Rocky Linux

Regarding the new repository created in Rocky Linux, it is mentioned that it is intended that in the «Security Special Interest Group» also Alternative versions of the packages will be published already existing that are designed to include various mechanisms to improve security or address vulnerabilities which are not yet patched in RHEL and CentOS Stream.

As such, the repository will not be exclusive for the distribution, but all developments will be published in an independent repository, which can also be used in other distributions compatible with Red Hat Enterprise Linux.

In the blog post, Rocky Linux developers mention that the mission of the Security SIG is:

  • Develop and maintain various security related packages not found in EL (Enterprise Linux)upstream.
  • Identify, develop and maintain security hardening changes related to upstream EL packets.
  • Include/port additional security fixes not already in ELupstream packages.
  • Contribute to the respective initial phases when practical.

On the part of repository content, it is mentioned that the following packages are currently offered in the repository, an OpenSSH package including sshd with fewer libraries shared, about this package, it is mentioned that it is only compiled for the RHEL 9 branch, as well as related packages: pam_ssh_agent_auth, libnsl, nscd, nss_db, nss_hesiod.

In addition to this, it also offers the LKRG kernel module (Linux Kernel Runtime Guard) which is designed to detect and block both attacks and violations of the integrity of kernel structures (for example, the module can protect against unauthorized changes to the running kernel and attempts to change the permissions of the user processes, about this package, is compiled for the RHEL 8 and RHEL 9 branches.

Another of the packages included in the repository is «passwdqc» which is used to monitor the complexity of passwords and passphrases, including the pam_passwdqc module, the pwqcheck, pwqfilter, and pwqgen programs, and the libpasswdqc library. The package is built for the RHEL 8 and RHEL 9 branches.

Also in the repository there is, Glibc including security improvements developed by the Owl project and applied to ALT Linux. The package also includes fixes to block two vulnerabilities: a vulnerability in ld.so (CVE-2023-4911), which allows a local user to elevate their privileges on the system by specifying specially formatted data in the GLIBC_TUNABLES environment variable, and a Vulnerability (CVE-2023-4527) in the getaddrinfo function, which may lead to a stack leak or crash. The package is built for the RHEL 9 branch.

Security SIG contributor Solar Designer mentioned the following on X (formerly Twitter):

I recently joined the Rocky Linux project and we launched the security repository, which currently offers some additional and override packages (more soon), including glibc with hardened security for EL9 distributions (soon EL8) with effective mitigation against CVE-2023 -4911

As for those interested in being able to add the repository in Rocky Linux or in its RHEL-compatible distribution, they can do so by opening a terminal and typing the command in it

dnf install rocky-release-security

finally if you are interested in knowing more about it, you can check the details In the following link.


Leave a Comment

Your email address will not be published. Required fields are marked with *

*

*

  1. Responsible for the data: AB Internet Networks 2008 SL
  2. Purpose of the data: Control SPAM, comment management.
  3. Legitimation: Your consent
  4. Communication of the data: The data will not be communicated to third parties except by legal obligation.
  5. Data storage: Database hosted by Occentus Networks (EU)
  6. Rights: At any time you can limit, recover and delete your information.