-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - --------------------------------------------------------------------- Fedora Test Update Notification FEDORA-2004-1484 Bugzilla https://bugzilla.fedora.us/show_bug.cgi?id=1484 2004-07-07 - --------------------------------------------------------------------- Name : kernel Version 7.3 : 2.4.20-35.7.legacy Version 9 : 2.4.20-35.9.legacy Summary : The Linux kernel (the core of the Linux operating system) Description : The kernel package contains the Linux kernel (vmlinuz), the core of your Red Hat Linux operating system. The kernel handles the basic functions of the operating system: memory allocation, process allocation, device input and output, etc. - --------------------------------------------------------------------- Update Information: CAN-2004-0427: The do_fork function in Linux 2.4.x and 2.6.x does not properly decrement the mm_count counter when an error occurs after the mm_struct for a child process has been activated, which triggers a memory leak that allows local users to cause a denial of service (memory exhaustion) via the clone (CLONE_VM) system call. CAN-2004-0535: The e1000 driver for Linux kernel 2.4.26 and earlier does not properly initialize memory before using it, which allows local users to read portions of kernel memory. NOTE: this issue was originally incorrectly reported as a "buffer overflow" by some sources. CAN-2004-0003: Unknown vulnerability in Linux kernel before 2.4.22 allows local users to gain privileges, related to "R128 DRI limits checking." CAN-2004-0109: Buffer overflow in the ISO9660 file system component for Linux kernel 2.4.x, 2.5.x and 2.6.x , allows local users with physical access to overflow kernel memory and execute arbitrary code via a malformed CD containing a long symbolic link entry. CAN-2004-0178: The OSS code for the Sound Blaster driver in Linux 2.4.x does not properly handle certain sample sizes, which allows local users to cause a denial of service (crash). CAN-2004-0181: The JFS file system code in Linux 2.4.x has an information leak in which in-memory data is written to the device for an ext3 file system, which allows local users to obtain sensitive information by reading the raw device. CAN-2004-0394: A "potential" buffer overflow exists in the panic() function in Linux 2.4.x, although it may not be exploitable due to the functionality of panic. A few bugfixes related to Nforce2 chipsets. - --------------------------------------------------------------------- Changelog: 7.3: * Fri Jun 18 2004 Dominic Hargreaves <dom@xxxxxxxx> - - Fix memory leak in kernel/fork.c. (CAN-2004-0427) - - Numerous userspace pointer reference bugs found with the sparse tool by Al Viro. (CAN-2004-0495) - - Fix e1000 driver information leak. (CAN-2004-0535) * Tue Jun 15 2004 Dominic Hargreaves <dom@xxxxxxxx> - - Fix local DoS in "clear_cpu()" macro. (CAN-2004-0554) * Thu May 13 2004 Dominic Hargreaves <dom@xxxxxxxx> - - Fix information leak in cpufreq userspace ioctl. (CAN-2004-0228) - - Fix for C1 Halt Disconnect problem on nForce2 systems. * Wed May 05 2004 Dominic Hargreaves <dom@xxxxxxxx> - - Fix potential local denial of service in sb16 driver (CAN-2004-0178) - - Fix information leak in JFS (CAN-2004-0181) - - Add range checking to i810_dma() in DRM driver. - - Make ioctl(FBIOGETCMAP) use copy_to_user() rather than memcpy() - - Fix possible buffer overflow in panic() (CAN-2004-0394) * Tue Apr 13 2004 Dave Jones <davej@xxxxxxxxxx> - - Yet another additional r128 DRM check. (CAN-2004-0003) - - Bounds checking in ISO9660 filesystem. (CAN-2004-0109) - - Fix Information leak in EXT3 (CAN-2004-0133) - - Fix local DoS in mremap() * Tue Feb 17 2004 Dave Jones <davej@xxxxxxxxxx> - - Additional r128 DRM checks. (CAN-2004-0003) 9: * Fri Jun 18 2004 Dominic Hargreaves <dom@xxxxxxxx> - - Fix memory leak in kernel/fork.c. (CAN-2004-0427) - - Numerous userspace pointer reference bugs found with the sparse tool by Al Viro. (CAN-2004-0495) - - Fix e1000 driver information leak. (CAN-2004-0535) * Tue Jun 15 2004 Dominic Hargreaves <dom@xxxxxxxx> - - Fix local DoS in "clear_cpu()" macro. (CAN-2004-0554) * Thu May 13 2004 Dominic Hargreaves <dom@xxxxxxxx> - - Fix information leak in cpufreq userspace ioctl. (CAN-2004-0228) - - Fix for C1 Halt Disconnect problem on nForce2 systems. * Wed May 05 2004 Dominic Hargreaves <dom@xxxxxxxx> - - Fix potential local denial of service in sb16 driver (CAN-2004-0178) - - Fix information leak in JFS (CAN-2004-0181) - - Add range checking to i810_dma() in DRM driver. - - Make ioctl(FBIOGETCMAP) use copy_to_user() rather than memcpy() - - Fix possible buffer overflow in panic() (CAN-2004-0394) * Tue Apr 13 2004 Dave Jones <davej@xxxxxxxxxx> - - Yet another additional r128 DRM check. (CAN-2004-0003) - - Bounds checking in ISO9660 filesystem. (CAN-2004-0109) - - Fix Information leak in EXT3 (CAN-2004-0133) - - Fix local DoS in mremap() * Tue Feb 17 2004 Dave Jones <davej@xxxxxxxxxx> - - Additional r128 DRM checks. (CAN-2004-0003) - --------------------------------------------------------------------- This update can be downloaded from: http://download.fedoralegacy.org/redhat/ 9344cffa6802c7ebffa6a631d4eaa7306617df59 7.3/updates-testing/SRPMS/kernel-2.4.20-35.7.legacy.src.rpm 8cf4a7c4044c367bd2ef3956870e23196af255bb 7.3/updates-testing/i386/kernel-2.4.20-35.7.legacy.athlon.rpm 75e49a453639b57ca295ed687915df718ca4683d 7.3/updates-testing/i386/kernel-2.4.20-35.7.legacy.i586.rpm deb026a34bc1f79446e76880611d2a494084f6e9 7.3/updates-testing/i386/kernel-2.4.20-35.7.legacy.i686.rpm 0330c909d885e223f86116542d3e06cd6cd954e1 7.3/updates-testing/i386/kernel-bigmem-2.4.20-35.7.legacy.i686.rpm cec2602052a215bb0706427c3eb3d21f8798faea 7.3/updates-testing/i386/kernel-BOOT-2.4.20-35.7.legacy.i386.rpm 263bbfab412699eafdb0156044e09026e3a4e9de 7.3/updates-testing/i386/kernel-doc-2.4.20-35.7.legacy.i386.rpm eccb21775efcdf0cdbc2e9d9877d42b8df1f5c13 7.3/updates-testing/i386/kernel-smp-2.4.20-35.7.legacy.athlon.rpm 5da9d54d2e071ee30036f78402f2c88fd69da6e1 7.3/updates-testing/i386/kernel-smp-2.4.20-35.7.legacy.i586.rpm 83a88ed2172fb2bf5d5c05dd6cf11e7a96e350e3 7.3/updates-testing/i386/kernel-smp-2.4.20-35.7.legacy.i686.rpm 65a7083bea4412afa29da8e91d0ba3a03e0f3ac2 7.3/updates-testing/i386/kernel-source-2.4.20-35.7.legacy.i386.rpm b9d094e0be2665affff9c2dab8211c948c38ccf6 9/updates-testing/SRPMS/kernel-2.4.20-35.9.legacy.src.rpm 6374592090c07112200494e9361db824edb4511a 9/updates-testing/i386/kernel-2.4.20-35.9.legacy.athlon.rpm 811b325582853788f37524c4549fd079e2ffc4a6 9/updates-testing/i386/kernel-2.4.20-35.9.legacy.i586.rpm 2050252b57943da552fc17873331d702585488a4 9/updates-testing/i386/kernel-2.4.20-35.9.legacy.i686.rpm 8fb30ead64197f7be966016609ac9a8e8c14b222 9/updates-testing/i386/kernel-bigmem-2.4.20-35.9.legacy.i686.rpm 86becf2d0d1043913374e314b571fd004b005101 9/updates-testing/i386/kernel-BOOT-2.4.20-35.9.legacy.i386.rpm 4a713fdd4c90d3542cd5c9763b3662c0c2b82865 9/updates-testing/i386/kernel-doc-2.4.20-35.9.legacy.i386.rpm 69326a68b8084e09bcc9ab93909b535c2586da2c 9/updates-testing/i386/kernel-smp-2.4.20-35.9.legacy.athlon.rpm 83b867f5d18bbd70c125dbdff6accc661de0dc47 9/updates-testing/i386/kernel-smp-2.4.20-35.9.legacy.i586.rpm 6e4fa22a1d46b0d42a3837a4ce5e3e65fba9ebfe 9/updates-testing/i386/kernel-smp-2.4.20-35.9.legacy.i686.rpm 83d7da718554b818c4828720ead16ba4001260b2 9/updates-testing/i386/kernel-source-2.4.20-35.9.legacy.i386.rpm Please note that this update is also available via yum and apt through the updates-testing channel. Many people find this an easier way to apply updates. - --------------------------------------------------------------------- - -- Jesse Keating RHCE (http://geek.j2solutions.net) Fedora Legacy Team (http://www.fedoralegacy.org) GPG Public Key (http://geek.j2solutions.net/jkeating.j2solutions.pub) Was I helpful? Let others know: http://svcs.affero.net/rm.php?r=jkeating -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.4 (GNU/Linux) iD8DBQFA7LzU4v2HLvE71NURAmXVAJ0T0iZ1rodP7Wq5PYg+IoUoBtd1hQCfSDPu Jp/8ZC0nRG71Ky5R0LgZORo= =6LLc -----END PGP SIGNATURE----- -- fedora-legacy-list@xxxxxxxxxx http://www.redhat.com/mailman/listinfo/fedora-legacy-list
