Date: Mon, 20 Dec 2004 11:32:17 +0100
From: Trustix Security Advisor <tsl@trustix.org.>
To: [email protected]Subject: TSLSA-2004-0068 - kernel
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
- --------------------------------------------------------------------------
Trustix Secure Linux Advisory #2004-0068
Package name: kernel
Summary: Remote hole, local DoS
Date: 2004-01-19
Affected versions: Trustix Secure Linux 2.0
Trustix Secure Linux 2.1
Trustix Secure Linux 2.2
Trustix Operating System - Enterprise Server 2
- --------------------------------------------------------------------------
Package description:
The kernel package contains the Linux kernel (vmlinuz), the core of your
Trustix Secure Linux operating system. The kernel handles the basic
functions of the operating system: memory allocation, process allocation,
device input and output, etc.
Problem description:
Problem 1:
Paul Starzetz discovered a bug in the IGMP networking modules of the
Linux kernel. This allows for a remote DoS and local root exploit.
The Common Vulnerabilities and Exposures project (cve.mitre.org) has
assigned the name CAN-2004-1137 to this issue.
Problem 2:
Paul Starzetz discovered a bug in the socket API of the Linux kernel.
This allows for a local DoS.
The Common Vulnerabilities and Exposures project (cve.mitre.org) has
assigned the name CAN-2004-1016 to this issue.
Action:
We recommend that all systems with this package installed be upgraded.
Please note that if you do not need the functionality provided by this
package, you may want to remove it from your system.
Location:
All Trustix Secure Linux updates are available from
<URI:http://http.trustix.org/pub/trustix/updates/>
<URI:ftp://ftp.trustix.org/pub/trustix/updates/>
About Trustix Secure Linux:
Trustix Secure Linux is a small Linux distribution for servers. With focus
on security and stability, the system is painlessly kept safe and up to
date from day one using swup, the automated software updater.
Automatic updates:
Users of the SWUP tool can enjoy having updates automatically
installed using 'swup --upgrade'.
Questions?
Check out our mailing lists:
<URI:http://www.trustix.org/support/>
Verification:
This advisory along with all Trustix packages are signed with the
TSL sign key.
This key is available from:
<URI:http://www.trustix.org/TSL-SIGN-KEY>
The advisory itself is available from the errata pages at
<URI:http://www.trustix.org/errata/trustix-2.0/>,
<URI:http://www.trustix.org/errata/trustix-2.1/> and
<URI:http://www.trustix.org/errata/trustix-2.2/>
or directly at
<URI:http://www.trustix.org/errata/2004/0068/>
MD5sums of the packages:
- --------------------------------------------------------------------------
781655c929326e7e9d3ade0c474582ca 2.2/rpms/kernel-2.4.28-7tr.i586.rpm
b993766375aa81c6714be71475a5b447 2.2/rpms/kernel-BOOT-2.4.28-7tr.i586.rpm
9ab7b909185640dff72a333fbfffcb14 2.2/rpms/kernel-doc-2.4.28-7tr.i586.rpm
6b561081a1183a809cc2eb89ff076d4d 2.2/rpms/kernel-smp-2.4.28-7tr.i586.rpm
ee7ca7031f29928941d726be9a1f3dc4 2.2/rpms/kernel-source-2.4.28-7tr.i586.rpm
b4bc5dbc4811c43479896630f8d0b39a 2.2/rpms/kernel-utils-2.4.28-7tr.i586.rpm
5afee2abe55f335c143d303cc329b81d 2.1/rpms/kernel-2.4.28-2tr.i586.rpm
1ffe80f443589b8ffff7f32d3eb7a6b5 2.1/rpms/kernel-BOOT-2.4.28-2tr.i586.rpm
9b85940ca0ee1274de09cb5128e39950 2.1/rpms/kernel-doc-2.4.28-2tr.i586.rpm
e1b6a2dfe47c1aac555b57553b5aee70 2.1/rpms/kernel-firewall-2.4.28-2tr.i586.rpm
eef015869b503ab599462c38e702875f 2.1/rpms/kernel-firewallsmp-2.4.28-2tr.i586.rpm
a6fd219cd7d2cb45523c35c912a7ffbc 2.1/rpms/kernel-smp-2.4.28-2tr.i586.rpm
4f741300d8664e4b79c3ee9b96014723 2.1/rpms/kernel-source-2.4.28-2tr.i586.rpm
103207dad12fc60d3ee265a44e41cfa5 2.1/rpms/kernel-utils-2.4.28-2tr.i586.rpm
4c774553e1ea27bc54877564c9f05272 2.0/rpms/kernel-2.4.28-1tr.i586.rpm
d8a32bd9ea3bd3098202d45abccbc51b 2.0/rpms/kernel-BOOT-2.4.28-1tr.i586.rpm
e79bd34a8f9d99f4dde68ecae86c8af8 2.0/rpms/kernel-doc-2.4.28-1tr.i586.rpm
716264ba652ce2a34f643628b5776fe9 2.0/rpms/kernel-firewall-2.4.28-1tr.i586.rpm
14ea5a9e9e7e40620ba7a8d2659eb18f 2.0/rpms/kernel-firewallsmp-2.4.28-1tr.i586.rpm
f9b96b32950b523b0722025f2959989a 2.0/rpms/kernel-smp-2.4.28-1tr.i586.rpm
c4dc601b7e8ab4ca3816129d20d1de11 2.0/rpms/kernel-source-2.4.28-1tr.i586.rpm
ff850ebad1dedb0971d3f774272d10cf 2.0/rpms/kernel-utils-2.4.28-1tr.i586.rpm
- --------------------------------------------------------------------------
Trustix Security Team
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.2 (GNU/Linux)
iD8DBQFBxphyi8CEzsK9IksRAh50AJ9/XSQjkQlbXXsafgcrGRdENX9hlQCfdB9/
xm65cBrz+0qSzjvWXUEOyLM=
=BwnO
-----END PGP SIGNATURE-----