These packages were updated to fix an incorrect patch that caused instability under heavy load. --------------------------------------------------------------------- Fedora Legacy Test Update Notification FEDORALEGACY-2006-157459-1 Bugzilla https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=157459 2006-03-05 --------------------------------------------------------------------- Name : kernel Versions : rh7.3: kernel-2.4.20-46.7.legacy Versions : rh9: kernel-2.4.20-46.9.legacy Summary : The Linux kernel (the core of the Linux operating system). Description : The kernel package contains the Linux kernel (vmlinuz), the core of the Red Hat Linux operating system. The kernel handles the basic functions of the operating system: memory allocation, process allocation, device input and output, etc. --------------------------------------------------------------------- Update Information: Updated kernel packages that fix several security issues are now available. The Linux kernel handles the basic functions of the operating system. These new kernel packages contain fixes for the security issues described below: - a flaw in network IGMP processing that a allowed a remote user on the local network to cause a denial of service (disabling of multicast reports) if the system is running multicast applications (CVE-2002-2185) - a recent Internet Draft by Fernando Gont recommended that ICMP Source Quench messages be ignored by hosts. A patch to ignore these messages is included. (CVE-2004-0791) - flaws in the coda module that allowed denial-of-service attacks (crashes) or local privilege escalations (CVE-2005-0124) - a flaw between execve() syscall handling and core dumping of ELF-format executables allowed local unprivileged users to cause a denial of service (system crash) or possibly gain privileges (CVE-2005-1263) - a flaw in gzip/zlib handling internal to the kernel that may allow a local user to cause a denial of service (crash) (CVE-2005-2458) - a flaw in sendmsg() syscall handling on 64-bit systems that allowed a local user to cause a denial of service or potentially gain privileges (CAN-2005-2490) - a flaw in exec() handling on some 64-bit architectures that allowed a local user to cause a denial of service (crash) (CVE-2005-2708) - a flaw in procfs handling during unloading of modules that allowed a local user to cause a denial of service or potentially gain privileges (CVE-2005-2709) - a flaw in IPv6 network UDP port hash table lookups that allowed a local user to cause a denial of service (hang) (CVE-2005-2973) - a network buffer info leak using the orinoco driver that allowed a remote user to possibly view uninitialized data (CVE-2005-3180) - a flaw in the packet radio ROSE protocol that allowed a user to trigger out-of-bounds errors. (CVE-2005-3273) - a flaw in IPv4 network TCP and UDP netfilter handling that allowed a local user to cause a denial of service (crash) (CVE-2005-3275) - a minor info leak with the get_thread_area() syscall that allowed a local user to view uninitialized kernel stack data (CVE-2005-3276) - a flaw in the IPv6 flowlabel code that allowed a local user to cause a denial of service (crash) (CVE-2005-3806) - a flaw in file lease time-out handling that allowed a local user to cause a denial of service (log file overflow) (CVE-2005-3857) All users are advised to upgrade their kernels to the packages associated with their machine architectures and configurations as listed in this erratum. --------------------------------------------------------------------- Changelogs rh73: * Thu Mar 02 2006 Marc Deslauriers <marcdeslauriers@xxxxxxxxxxxx> 2.4.20-46.9.legacy - Fixed the broken CVE-2005-0749 patch that was causing unstability * Sat Feb 04 2006 Marc Deslauriers <marcdeslauriers@xxxxxxxxxxxx> 2.4.20-45.9.legacy - Removed CVE-2005-3044 patch (it was 64-bit only) - Fixed CVE-2005-2709 patch - Added patch for CVE-2002-2185 (potential IGMP DoS) * Fri Feb 03 2006 Marc Deslauriers <marcdeslauriers@xxxxxxxxxxxx> 2.4.20-44.9.legacy - Added patches for: CVE-2004-0791 (source quench DoS) CVE-2005-0124 (coda fs flaw) CVE-2005-1263 (ELF core dump privilege elevation) CVE-2005-2458 (gzip/zlib flaws) CVE-2005-2490 (compat layer sendmsg() races) CVE-2005-2708 (user code panics kernel in exec.c) CVE-2005-2709 (sysctl races) CVE-2005-2973 (ipv6 infinite loop) CVE-2005-3044 (lost fput and sockfd_put could lead to DoS) CVE-2005-3180 (orinoco driver information leakage) CVE-2005-3273 (ROSE ndigis verification) CVE-2005-3275 (NAT DoS) CVE-2005-3276 (sys_get_thread_area minor info leak) CVE-2005-3806 (ipv6 flowlabel DOS) CVE-2005-3857 (lease printk DoS) rh9: * Thu Mar 02 2006 Marc Deslauriers <marcdeslauriers@xxxxxxxxxxxx> 2.4.20-46.9.legacy - Fixed the broken CVE-2005-0749 patch that was causing unstability * Sat Feb 04 2006 Marc Deslauriers <marcdeslauriers@xxxxxxxxxxxx> 2.4.20-45.9.legacy - Removed CVE-2005-3044 patch (it was 64-bit only) - Fixed CVE-2005-2709 patch - Added patch for CVE-2002-2185 (potential IGMP DoS) * Fri Feb 03 2006 Marc Deslauriers <marcdeslauriers@xxxxxxxxxxxx> 2.4.20-44.9.legacy - Added patches for: CVE-2004-0791 (source quench DoS) CVE-2005-0124 (coda fs flaw) CVE-2005-1263 (ELF core dump privilege elevation) CVE-2005-2458 (gzip/zlib flaws) CVE-2005-2490 (compat layer sendmsg() races) CVE-2005-2708 (user code panics kernel in exec.c) CVE-2005-2709 (sysctl races) CVE-2005-2973 (ipv6 infinite loop) CVE-2005-3044 (lost fput and sockfd_put could lead to DoS) CVE-2005-3180 (orinoco driver information leakage) CVE-2005-3273 (ROSE ndigis verification) CVE-2005-3275 (NAT DoS) CVE-2005-3276 (sys_get_thread_area minor info leak) CVE-2005-3806 (ipv6 flowlabel DOS) CVE-2005-3857 (lease printk DoS) --------------------------------------------------------------------- This update can be downloaded from: http://download.fedoralegacy.org/ (sha1sums) rh7.3: 13d96ec3b350e2fe08a0b2daea0fbc903b55dba6 redhat/7.3/updates-testing/i386/kernel-2.4.20-46.7.legacy.athlon.rpm dd2a0de51955f130914b97e54002999398594e78 redhat/7.3/updates-testing/i386/kernel-2.4.20-46.7.legacy.i386.rpm c2a33858f1863b5aa8fc61812620bd538416eec1 redhat/7.3/updates-testing/i386/kernel-2.4.20-46.7.legacy.i586.rpm 82f9abe5137fe60c379e54ed4c30102e77a3d7ce redhat/7.3/updates-testing/i386/kernel-2.4.20-46.7.legacy.i686.rpm 2b7d00492c0bdd1c42f8e1fd60c69aa06d2af5b2 redhat/7.3/updates-testing/i386/kernel-bigmem-2.4.20-46.7.legacy.i686.rpm 18b774d3bbe7bc2c3b1326b31cf653fc4ec3dd02 redhat/7.3/updates-testing/i386/kernel-BOOT-2.4.20-46.7.legacy.i386.rpm 53e150d66bcd19881e6d3375b3921cbdcc19f9da redhat/7.3/updates-testing/i386/kernel-doc-2.4.20-46.7.legacy.i386.rpm 8451d90ea0f882cc95635eac07ad794fe3a80b73 redhat/7.3/updates-testing/i386/kernel-smp-2.4.20-46.7.legacy.athlon.rpm 70cbb1233156b94cb7adf05a9a60932bdebd01a7 redhat/7.3/updates-testing/i386/kernel-smp-2.4.20-46.7.legacy.i586.rpm df9078043ff5fb7a46de6c664c6009d1a17591d3 redhat/7.3/updates-testing/i386/kernel-smp-2.4.20-46.7.legacy.i686.rpm d41ae5e41700ea15838560c1ab4cff28b405ebc6 redhat/7.3/updates-testing/i386/kernel-source-2.4.20-46.7.legacy.i386.rpm 21f35ccaf8e57e440c3019b34feb9d9505400b35 redhat/7.3/updates-testing/SRPMS/kernel-2.4.20-46.7.legacy.src.rpm rh9: 109e959e391c02665c2683714476641b512b1d2a redhat/9/updates-testing/i386/kernel-2.4.20-46.9.legacy.athlon.rpm bf329aff38c0cc9c6976994ba8b4fecf23f9a842 redhat/9/updates-testing/i386/kernel-2.4.20-46.9.legacy.i386.rpm c805fe8f45b96104ad70e1886bd46de107dee452 redhat/9/updates-testing/i386/kernel-2.4.20-46.9.legacy.i586.rpm 8bd381c660a26da151afbd1e3fc732b83c2becc4 redhat/9/updates-testing/i386/kernel-2.4.20-46.9.legacy.i686.rpm 70e9a8644eee9902c0d19ebf6b73b382909f178b redhat/9/updates-testing/i386/kernel-bigmem-2.4.20-46.9.legacy.i686.rpm d6f9e20636ac96af35f9c001b51b0be121aed44f redhat/9/updates-testing/i386/kernel-BOOT-2.4.20-46.9.legacy.i386.rpm f6c3109670d2cea5c47f78f1852ad28764ac5f4f redhat/9/updates-testing/i386/kernel-doc-2.4.20-46.9.legacy.i386.rpm 4c6803f8075e975ce898fabd55cc1534db98e0e8 redhat/9/updates-testing/i386/kernel-smp-2.4.20-46.9.legacy.athlon.rpm 79c7bda4bfe36807fdd4144146e728ffe20e1a9a redhat/9/updates-testing/i386/kernel-smp-2.4.20-46.9.legacy.i586.rpm 833c41272f7836354359194344de076e566c7eb4 redhat/9/updates-testing/i386/kernel-smp-2.4.20-46.9.legacy.i686.rpm f56721c762dcf68d1021213cae598765d53b710f redhat/9/updates-testing/i386/kernel-source-2.4.20-46.9.legacy.i386.rpm 665d140e5dacf04a703408634be6619e6878112a redhat/9/updates-testing/SRPMS/kernel-2.4.20-46.9.legacy.src.rpm --------------------------------------------------------------------- Please test and comment in bugzilla.
Attachment:
signature.asc
Description: OpenPGP digital signature
-- fedora-legacy-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-legacy-list
