These packages were updated to fix an incorrect patch that caused instability under heavy load. --------------------------------------------------------------------- Fedora Legacy Test Update Notification FEDORALEGACY-2006-157459-2 Bugzilla https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=157459 2006-03-05 --------------------------------------------------------------------- Name : kernel Versions : fc1: kernel-2.4.22-1.2199.8.legacy.nptl Summary : The Linux kernel (the core of the Linux operating system). Description : The kernel package contains the Linux kernel (vmlinuz), the core of the Red Hat Linux operating system. The kernel handles the basic functions of the operating system: memory allocation, process allocation, device input and output, etc. --------------------------------------------------------------------- Update Information: Updated kernel packages that fix several security issues are now available. The Linux kernel handles the basic functions of the operating system. These new kernel packages contain fixes for the security issues described below: - a flaw in network IGMP processing that a allowed a remote user on the local network to cause a denial of service (disabling of multicast reports) if the system is running multicast applications (CVE-2002-2185) - a recent Internet Draft by Fernando Gont recommended that ICMP Source Quench messages be ignored by hosts. A patch to ignore these messages is included. (CVE-2004-0791) - flaws in ptrace() syscall handling on AMD64 and Intel EM64T systems that allowed a local user to cause a denial of service (crash) (CAN-2005-0756, CAN-2005-1762, CAN-2005-2553) - a flaw between execve() syscall handling and core dumping of ELF-format executables allowed local unprivileged users to cause a denial of service (system crash) or possibly gain privileges (CVE-2005-1263) - a flaw in gzip/zlib handling internal to the kernel that may allow a local user to cause a denial of service (crash) (CVE-2005-2458) - a flaw in sendmsg() syscall handling on 64-bit systems that allowed a local user to cause a denial of service or potentially gain privileges (CAN-2005-2490) - a flaw in exec() handling on some 64-bit architectures that allowed a local user to cause a denial of service (crash) (CVE-2005-2708) - a flaw in procfs handling during unloading of modules that allowed a local user to cause a denial of service or potentially gain privileges (CVE-2005-2709) - a flaw in IPv6 network UDP port hash table lookups that allowed a local user to cause a denial of service (hang) (CVE-2005-2973) - a flaw in 32-bit-compat handling of the TIOCGDEV ioctl that allowed a local user to cause a denial of service (crash) (CVE-2005-3044) - a network buffer info leak using the orinoco driver that allowed a remote user to possibly view uninitialized data (CVE-2005-3180) - a flaw in IPv4 network TCP and UDP netfilter handling that allowed a local user to cause a denial of service (crash) (CVE-2005-3275) - a minor info leak with the get_thread_area() syscall that allowed a local user to view uninitialized kernel stack data (CVE-2005-3276) - a flaw in the IPv6 flowlabel code that allowed a local user to cause a denial of service (crash) (CVE-2005-3806) - a flaw in file lease time-out handling that allowed a local user to cause a denial of service (log file overflow) (CVE-2005-3857) All users are advised to upgrade their kernels to the packages associated with their machine architectures and configurations as listed in this erratum. --------------------------------------------------------------------- Changelogs fc1: * Fri Mar 03 2006 Marc Deslauriers <marcdeslauriers@xxxxxxxxxxxx> 2.4.22-1.2199.8.legacy.nptl - Fixed the broken CVE-2005-0749 patch that was causing unstability * Fri Feb 17 2006 Marc Deslauriers <marcdeslauriers@xxxxxxxxxxxx> 2.4.22-1.2199.7.legacy.nptl - Added patch for CVE-2002-2185 (potential IGMP DoS) * Thu Feb 02 2006 Marc Deslauriers <marcdeslauriers@xxxxxxxxxxxx> 2.4.22-1.2199.6.legacy.nptl - Added patches for: CVE-2004-0791 (source quench DoS) CVE-2005-0756 (ptrace-check-segment x86_64 crash) CVE-2005-1263 (ELF core dump privilege elevation) CVE-2005-1762 (ptrace can induce double-fault on x86_64) CVE-2005-2458 (gzip/zlib flaws) CVE-2005-2490 (compat layer sendmsg() races) CVE-2005-2553 (32-bit ptrace find_target() oops) CVE-2005-2708 (user code panics kernel in exec.c) CVE-2005-2709 (sysctl races) CVE-2005-2973 (ipv6 infinite loop) CVE-2005-3044 (lost fput and sockfd_put could lead to DoS) CVE-2005-3180 (orinoco driver information leakage) CVE-2005-3275 (NAT DoS) CVE-2005-3276 (sys_get_thread_area minor info leak) CVE-2005-3806 (ipv6 flowlabel DOS) CVE-2005-3857 (lease printk DoS) --------------------------------------------------------------------- This update can be downloaded from: http://download.fedoralegacy.org/ (sha1sums) fc1: 5ec641496db89906ce3e587bda826b38f0e2b2b4 fedora/1/updates-testing/i386/kernel-2.4.22-1.2199.8.legacy.nptl.athlon.rpm 70e345e1ff5427a4aa41fb4b72155e6ba73fcc38 fedora/1/updates-testing/i386/kernel-2.4.22-1.2199.8.legacy.nptl.i586.rpm a8b7fe13256306a237f7bbbcbabd9f20223d4ed9 fedora/1/updates-testing/i386/kernel-2.4.22-1.2199.8.legacy.nptl.i686.rpm 3917adb45e830432e875092aca7c7447eb2c8363 fedora/1/updates-testing/i386/kernel-BOOT-2.4.22-1.2199.8.legacy.nptl.i386.rpm 337feb3c89f824fe1191cdf9332497e84effe122 fedora/1/updates-testing/i386/kernel-doc-2.4.22-1.2199.8.legacy.nptl.i386.rpm e015d687b7cb7ce56396d0199686e9ea182adb1e fedora/1/updates-testing/i386/kernel-smp-2.4.22-1.2199.8.legacy.nptl.athlon.rpm 157b2e6c26d187f9706d201e60ee1ea025cbec1c fedora/1/updates-testing/i386/kernel-smp-2.4.22-1.2199.8.legacy.nptl.i586.rpm 987d9826216bdeadfdc364aaa1a8272a11a5c478 fedora/1/updates-testing/i386/kernel-smp-2.4.22-1.2199.8.legacy.nptl.i686.rpm 4d4b7eae72326f73abb03a6833b767ab1170e3e9 fedora/1/updates-testing/i386/kernel-source-2.4.22-1.2199.8.legacy.nptl.i386.rpm 973e0e5c1916951e9fac3dcf02999969e6da102d fedora/1/updates-testing/SRPMS/kernel-2.4.22-1.2199.8.legacy.nptl.src.rpm --------------------------------------------------------------------- Please test and comment in bugzilla.
Attachment:
signature.asc
Description: OpenPGP digital signature
-- fedora-legacy-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-legacy-list