Date: Mon, 9 Aug 2004 10:57:19 +0200
From: Trustix Security Advisor <[email protected]>
To: [email protected]Subject: TSLSA-2004-0041 - kernel
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
- --------------------------------------------------------------------------
Trustix Secure Linux Security Advisory #2004-0041
Package name: kernel
Summary: New upstream version fixes several issues
Date: 2004-08-09
Affected versions: Trustix Secure Linux 2.0
Trustix Secure Linux 2.1
Trustix Operating System - Enterprise Server 2
- --------------------------------------------------------------------------
Package description:
The kernel package contains the Linux kernel (vmlinuz), the core of your
Trustix Secure Linux operating system. The kernel handles the basic
functions of the operating system: memory allocation, process allocation,
device input and output, etc.
Problem description:
From the kernel changelog:
Here is a list of the most important security issues fixed by this release:
CAN-2004-0495 (Al Viro sparse fixes)
CAN-2004-0497 (users could modify group ID of arbitrary files on the system)
CAN-2004-0535 (e1000 minor info leak)
CAN-2004-0685 (backported Conectiva usb sparse fixes)
CAN-2004-0415 (file offset pointer handling race)
CAN-2004-0565 (information leak ia64)
Action:
We recommend that all systems with this package installed be upgraded.
Location:
All Trustix Secure Linux updates are available from
<URI:http://http.trustix.org/pub/trustix/updates/>
<URI:ftp://ftp.trustix.org/pub/trustix/updates/>
About Trustix Secure Linux:
Trustix Secure Linux is a small Linux distribution for servers. With focus
on security and stability, the system is painlessly kept safe and up to
date from day one using swup, the automated software updater.
Automatic updates:
Users of the SWUP tool can enjoy having updates automatically
installed using 'swup --upgrade'.
Public testing:
Most updates for Trustix Secure Linux are made available for public
testing some time before release.
If you want to contribute by testing the various packages in the
testing tree, please feel free to share your findings on the
tsl-discuss mailinglist.
The testing tree is located at
<URI:http://tsldev.trustix.org/horizon/>
You may also use swup for public testing of updates:
site {
class = 0
location = "http://tsldev.trustix.org/horizon/rdfs/latest.rdf"
regexp = ".*"
}
Questions?
Check out our mailing lists:
<URI:http://www.trustix.org/support/>
Verification:
This advisory along with all Trustix packages are signed with the
TSL sign key.
This key is available from:
<URI:http://www.trustix.org/TSL-SIGN-KEY>
The advisory itself is available from the errata pages at
<URI:http://www.trustix.org/errata/trustix-2.0/> and
<URI:http://www.trustix.org/errata/trustix-2.1/>
or directly at
<URI:http://www.trustix.org/errata/2004/0041>
MD5sums of the packages:
- --------------------------------------------------------------------------
43911b95b09a64d31568c37629af47bf e-2/kernel-2.4.27-1tr.i586.rpm
31cbf55b9f1b272fa1598545957f52e8 e-2/kernel-BOOT-2.4.27-1tr.i586.rpm
a6bc106dc1f63151d7327ae99d56afed e-2/kernel-doc-2.4.27-1tr.i586.rpm
8e7e7e0767705f58bfb443c9899320d8 e-2/kernel-firewall-2.4.27-1tr.i586.rpm
d979d87738e430080eeef5c655dd73a9 e-2/kernel-firewallsmp-2.4.27-1tr.i586.rpm
b70cb3a7d713c6529517d369117f4bc7 e-2/kernel-smp-2.4.27-1tr.i586.rpm
9ee80eb0580eb92e4cc47d0639970942 e-2/kernel-source-2.4.27-1tr.i586.rpm
1acafbffd7f4252fddc66d54f67e67f7 e-2/kernel-utils-2.4.27-1tr.i586.rpm
347e4c1d309fe969ab013392103a2c96 2.1/kernel-2.4.27-1tr.i586.rpm
9838fafeae889892bda8bf6471c306bf 2.1/kernel-BOOT-2.4.27-1tr.i586.rpm
13ede71fa7ac4dd290ecfc3b2b07b32a 2.1/kernel-doc-2.4.27-1tr.i586.rpm
d6389bbfc8966e4a19d701c4ed3447a3 2.1/kernel-firewall-2.4.27-1tr.i586.rpm
993eb004d09b3c755a81d6bcf788d345 2.1/kernel-firewallsmp-2.4.27-1tr.i586.rpm
6e5ac1dfd1df9d9ad54631b659db42c6 2.1/kernel-smp-2.4.27-1tr.i586.rpm
430497b3562d2955ea84a513ebbf42f0 2.1/kernel-source-2.4.27-1tr.i586.rpm
6e8906d509c67140d4b9f8190dc540ad 2.1/kernel-utils-2.4.27-1tr.i586.rpm
47216b87c09be3671e4c8c327c767492 2.0/kernel-2.4.27-1tr.i586.rpm
d341d44122448c69fa2820f7556adb97 2.0/kernel-BOOT-2.4.27-1tr.i586.rpm
1e4303234d42749f40d3543fe8a32293 2.0/kernel-doc-2.4.27-1tr.i586.rpm
91f89dbf2017bc7fa5c3bb33513b2596 2.0/kernel-firewall-2.4.27-1tr.i586.rpm
5ca35229f83c719f1847b2cc085eff35 2.0/kernel-firewallsmp-2.4.27-1tr.i586.rpm
d8e94125064513b1eed96f646002d304 2.0/kernel-smp-2.4.27-1tr.i586.rpm
22c0329d5ae478b0ec8d2dff0661267c 2.0/kernel-source-2.4.27-1tr.i586.rpm
4bd0ca85b3bc8ec90e983cf526f4d106 2.0/kernel-utils-2.4.27-1tr.i586.rpm
- --------------------------------------------------------------------------
Trustix Security Team
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.2 (GNU/Linux)
iD8DBQFBFzwOi8CEzsK9IksRAhHmAJoCNHtCOq3dMdVGVjgamg7Z6SIU3ACfaTZB
Np5sw/VN77zVwznRAqNPRBo=
=V2bK
-----END PGP SIGNATURE-----