Fedora Legacy will be releasing a kernel update soon. There have been so
many changes to the new version, I would like a few people to make sure
we've got everything covered in the release write-up.
Here's the proposed release announcement. Please compare it to bug #1484
to make sure I didn't leave anything out, or to check my awful grammar.
:)
Thanks,
Marc.
-----------------------------------------------------------------------
Fedora Legacy Update Advisory
Synopsis: Updated kernel resolves security vulnerabilities
Advisory ID: FLSA:XXXX
Issue date: 2004-07-XX
Product: Red Hat Linux
Keywords: Security
Cross references: https://bugzilla.fedora.us/show_bug.cgi?id=1484
CVE Names: CAN-2004-0394, CAN-2004-0133, CAN-2004-0181,
CAN-2004-0178, CAN-2004-0228, CAN-2004-0554,
CAN-2004-0535, CAN-2004-0495, CAN-2004-0427
-----------------------------------------------------------------------
---------------------------------------------------------------------
1. Topic:
Updated kernel packages that fix security vulnerabilities are now
available. These packages also resolve other minor issues.
2. Relevent releases/architectures:
Red Hat Linux 7.3 - i386, i586, i686, athlon
Red Hat Linux 9 - i386, i586, i686, athlon
3. Problem description:
The Linux kernel handles the basic functions of the operating system.
Shaun Colley found a potential buffer overrun in the panic() function.
As this function does not ever return, it is unlikely that this is
exploitable, but has been fixed nonetheless. The Common Vulnerabilities
and Exposures project (cve.mitre.org) assigned the name CAN-2004-0394
to this issue.
Arjan van de Ven discovered the framebuffer code was doing direct
userspace accesses instead of using correct interfaces to write
to userspace.
An automated checked from http://www.coverity.com highlighted a
range checking bug in the i810 DRM driver. This was fixed by
Andrea Arcangeli and Chris Wright.
The information leak fixed in the previous errata was also found
to affect XFS and JFS. The Common Vulnerabilities and Exposures project
(cve.mitre.org) assigned the names CAN-2004-0133 and CAN-2004-0181
respectively.
A vulnerability in the OSS code for SoundBlaster 16 devices
was discovered by Andreas Kies. It is possible for local users with
access to the sound system to crash the machine (CAN-2004-0178).
nForce2 users were experiencing a C1 Halt Disconnect problem. A hang
would occur when the CPU generated a very fast CONNECT/HALT cycle
sequence. A fix has been added to resolve this issue.
Brad Spengler found a signedness issue in the cpufreq proc handler
which could lead to users being able to read arbitary regions of
kernel memory. This was fixed by Dominik Brodowski. The Common
Vulnerabilities and Exposures project (cve.mitre.org) assigned the
name CAN-2004-0228 to this issue.
A problem was found where userspace code could execute certain floating
point instructions from signal handlers which would cause the kernel
to lock up. The Common Vulnerabilities and Exposures project
(cve.mitre.org)
assigned the name CAN-2004-0554 to this issue.
A memory leak in the E1000 network card driver has been fixed.
The Common Vulnerabilities and Exposures project (cve.mitre.org)
assigned
the name CAN-2004-0535 to this issue.
Numerous problems referencing userspace memory were identified in
several
device drivers by Al Viro using the sparse tool. The Common
Vulnerabilities
and Exposures project (cve.mitre.org) assigned the name CAN-2004-0495 to
this
issue.
A flaw was discovered in an error path supporting the clone() system
call
that allowed local users to cause a denial of service (memory leak) by
passing invalid arguments to clone() running in an infinite loop of a
user's
program. The Common Vulnerabilities and Exposures project
(cve.mitre.org) has
assigned the name CAN-2004-0427 to this issue.
All users are advised to upgrade to these errata packages, which contain
backported security patches that correct these issues.
4. Solution:
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
To update all RPMs for your particular architecture, run:
rpm -Fvh [filenames]
where [filenames] is a list of the RPMs you wish to upgrade. Only those
RPMs which are currently installed will be updated. Those RPMs which
are not installed but included in the list will not be updated. Note
that you can also use wildcards (*.rpm) if your current directory
*only* contains the desired RPMs.
Please note that this update is also available via yum and apt. Many
people find this an easier way to apply updates. To use yum issue:
yum update
or to use apt:
apt-get update; apt-get upgrade
This will start an interactive process that will result in the
appropriate RPMs being upgraded on your system. This assumes that you
have yum or apt-get configured for obtaining Fedora Legacy content.
Please visit http://www.fedoralegacy.org/download for directions on how
to configure yum and apt-get.
5. Bug IDs fixed:
http://bugzilla.fedora.us - 1484 - Various security-related fixes for
the kernel
6. RPMs required:
Red Hat Linux 7.3:
SRPM:
http://download.fedoralegacy.org/redhat/7.3/updates/SRPMS/XXX
i386:
http://download.fedoralegacy.org/redhat/7.3/updates/i386/XXX
http://download.fedoralegacy.org/redhat/7.3/updates/i386/XXX
http://download.fedoralegacy.org/redhat/7.3/updates/i386/XXX
http://download.fedoralegacy.org/redhat/7.3/updates/i386/XXX
i568:
http://download.fedoralegacy.org/redhat/7.3/updates/i386/XXX
http://download.fedoralegacy.org/redhat/7.3/updates/i386/XXX
i686:
http://download.fedoralegacy.org/redhat/7.3/updates/i386/XXX
http://download.fedoralegacy.org/redhat/7.3/updates/i386/XXX
http://download.fedoralegacy.org/redhat/7.3/updates/i386/XXX
athlon:
http://download.fedoralegacy.org/redhat/7.3/updates/i386/XXX
http://download.fedoralegacy.org/redhat/7.3/updates/i386/XXX
Red Hat Linux 9:
SRPM:
http://download.fedoralegacy.org/redhat/9/updates/SRPMS/XXX
i386:
http://download.fedoralegacy.org/redhat/9/updates/i386/XXX
http://download.fedoralegacy.org/redhat/9/updates/i386/XXX
http://download.fedoralegacy.org/redhat/9/updates/i386/XXX
http://download.fedoralegacy.org/redhat/9/updates/i386/XXX
i568:
http://download.fedoralegacy.org/redhat/9/updates/i386/XXX
http://download.fedoralegacy.org/redhat/9/updates/i386/XXX
i686:
http://download.fedoralegacy.org/redhat/9/updates/i386/XXX
http://download.fedoralegacy.org/redhat/9/updates/i386/XXX
http://download.fedoralegacy.org/redhat/9/updates/i386/XXX
athlon:
http://download.fedoralegacy.org/redhat/9/updates/i386/XXX
http://download.fedoralegacy.org/redhat/9/updates/i386/XXX
7. Verification:
SHA1 sum Package Name
---------------------------------------------------------------------------
XXX
These packages are GPG signed by Fedora Legacy for security. Our key is
available from http://www.fedoralegacy.org/about/security.php
You can verify each package with the following command:
rpm --checksig -v <filename>
If you only wish to verify that each package has not been corrupted or
tampered with, examine only the sha1sum with the following command:
sha1sum <filename>
8. References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0394
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0133
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0181
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0178
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0228
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0554
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0535
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0495
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0427
https://bugzilla.fedora.us/show_bug.cgi?id=1484
9. Contact:
The Fedora Legacy security contact is <secnotice@xxxxxxxxxxxxxxxx>. More
project details at http://www.fedoralegacy.org
10. Special Notes:
If you use lilo, you will have to edit your lilo.conf file and shorten
the label of this kernel. The label is too long for lilo, but not for
grub.
---------------------------------------------------------------------
--
fedora-legacy-list@xxxxxxxxxx
http://www.redhat.com/mailman/listinfo/fedora-legacy-list
