Date: Fri, 18 Jun 2004 16:00:22 +0200
From: Trustix Security Advisor <[email protected]>
To: [email protected]Subject: TSLSA-2004-0035 - kernel
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
- --------------------------------------------------------------------------
Trustix Secure Linux Security Advisory #2004-0035
Package name: kernel
Summary: Possible security holes in drivers
Date: 2004-06-18
Affected versions: Trustix Secure Linux 2.0
Trustix Secure Linux 2.1
Trustix Operating System - Enterprise Server 2
- --------------------------------------------------------------------------
Package description:
The kernel package contains the Linux kernel (vmlinuz), the core of your
Trustix Secure Linux operating system. The kernel handles the basic
functions of the operating system: memory allocation, process allocation,
device input and output, etc.
Problem description:
During checks of the Linux 2.6 source using an automated tool called sparse,
several issues were discovered. Some of these were discovered to also
apply to the 2.4 series of the Linux kernel. See CAN-2004-0495 at
http://cve.mitre.org/ for more information on this issue.
The patches used were provided by Alexander Viro and fix issues in the
following drivers: aironet, asus_acpi, decnet, mpu401, msnd, and pss.
Action:
We recommend that all systems with this package installed be upgraded.
Please note that if you do not need the functionality provided by a
package, you may want to remove it from your system.
Location:
All Trustix Secure Linux updates are available from
<URI:http://http.trustix.org/pub/trustix/updates/>
<URI:ftp://ftp.trustix.org/pub/trustix/updates/>
About Trustix Secure Linux:
Trustix Secure Linux is a small Linux distribution for servers. With focus
on security and stability, the system is painlessly kept safe and up to
date from day one using swup, the automated software updater.
Automatic updates:
Users of the SWUP tool can enjoy having updates automatically
installed using 'swup --upgrade'.
Public testing:
Most updates for Trustix Secure Linux are made available for public
testing some time before release.
If you want to contribute by testing the various packages in the
testing tree, please feel free to share your findings on the
tsl-discuss mailinglist.
The testing tree is located at
<URI:http://tsldev.trustix.org/horizon/>
You may also use swup for public testing of updates:
site {
class = 0
location = "http://tsldev.trustix.org/horizon/rdfs/latest.rdf"
regexp = ".*"
}
Questions?
Check out our mailing lists:
<URI:http://www.trustix.org/support/>
Verification:
This advisory along with all Trustix packages are signed with the
TSL sign key.
This key is available from:
<URI:http://www.trustix.org/TSL-SIGN-KEY>
The advisory itself is available from the errata pages at
<URI:http://www.trustix.org/errata/trustix-2.0/> and
<URI:http://www.trustix.org/errata/trustix-2.1/>
or directly at
<URI:http://www.trustix.org/errata/2004/0035>
MD5sums of the packages:
- --------------------------------------------------------------------------
22195923138313be0364b8e61dda9976 2.1/rpms/kernel-2.4.26-3tr.i586.rpm
f57e5647681740e8dede3f2b42b641d8 2.1/rpms/kernel-BOOT-2.4.26-3tr.i586.rpm
41d153652628df20dd31b333cd7c8446 2.1/rpms/kernel-doc-2.4.26-3tr.i586.rpm
3952ccb23e1a7e2dbf13500f30777ce3 2.1/rpms/kernel-firewall-2.4.26-3tr.i586.rpm
8f0a3fa07eb8794e67443ebcd75f8a2b 2.1/rpms/kernel-firewallsmp-2.4.26-3tr.i586.rpm
b5dd1969e52498693093346751583425 2.1/rpms/kernel-smp-2.4.26-3tr.i586.rpm
5a32b0abe3374b84479543e0ab71dc76 2.1/rpms/kernel-source-2.4.26-3tr.i586.rpm
3e51119fa72b1c35aebb8ea3841ee6d1 2.1/rpms/kernel-utils-2.4.26-3tr.i586.rpm
cc535941d1fb028b063451cff3e1c9f5 2.0/rpms/kernel-2.4.26-3tr.i586.rpm
e40a0219ac5bb7b7170cd8bdbcbb8da9 2.0/rpms/kernel-BOOT-2.4.26-3tr.i586.rpm
e958d97d02fd8d62a9caa37f0d55c32c 2.0/rpms/kernel-doc-2.4.26-3tr.i586.rpm
d241d68a96e16e7b7762046a4b07360a 2.0/rpms/kernel-firewall-2.4.26-3tr.i586.rpm
7e7dd026a55c737dce00fcc006cec405 2.0/rpms/kernel-firewallsmp-2.4.26-3tr.i586.rpm
61da0c5b2e3bb0cecbc36feeba97ce15 2.0/rpms/kernel-smp-2.4.26-3tr.i586.rpm
d3e09b45ba347a8981d39bfa0652c0dd 2.0/rpms/kernel-source-2.4.26-3tr.i586.rpm
9e26f39614829fa6b4f8060138648b6f 2.0/rpms/kernel-utils-2.4.26-3tr.i586.rpm
7c6eac6ac266e4d81a06ca8b86b5e0a3 e2/kernel-2.4.26-3tr.i586.rpm
bf501f2ae0145913e727285a02c32242 e2/kernel-BOOT-2.4.26-3tr.i586.rpm
6bc291b29b78b7ce41b012f9f84de5de e2/kernel-doc-2.4.26-3tr.i586.rpm
a5f92a80acbe411223b0c26f85b558d6 e2/kernel-firewall-2.4.26-3tr.i586.rpm
4dc76136c8d858e5fcf3321b6e17fb15 e2/kernel-firewallsmp-2.4.26-3tr.i586.rpm
9784f4dc71e45fc2518e7e92f543ff6b e2/kernel-smp-2.4.26-3tr.i586.rpm
636cad177c6248b7e7beb689c53aa947 e2/kernel-source-2.4.26-3tr.i586.rpm
406dfc1826d219e8942bcc4401d119ef e2/kernel-utils-2.4.26-3tr.i586.rpm
- --------------------------------------------------------------------------
Trustix Security Team
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.2 (GNU/Linux)
iD8DBQFA0vGJi8CEzsK9IksRAvaJAJ9kc5UUlMuLsauQ6vrRUHWQPN1xsQCeIRlM
I8jghBhCFzYlJlhQhHXuibg=
=Ig09
-----END PGP SIGNATURE-----