Date: Wed, 28 Nov 2007 13:46:27 -0700
From: [email protected]Subject: [ MDKSA-2007:232 ] - Updated kernel packages fix multiple
vulnerabilities and bugs
To: [email protected]
Reply-To: [email protected]
Message-id: <E1IxTnf-0003Lx-MR@artemis.annvix.ca.>
X-SA-Exim-Connect-IP: 10.0.5.11
X-SA-Exim-Mail-From: [email protected]
X-SA-Exim-Version: 4.2.1 (built Fri, 02 Feb 2007 19:02:33 -0700)
X-SA-Exim-Scanned: Yes (on hades.annvix.org)
X-Virus-Scanned: antivirus-gw at tyumen.ru
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
_______________________________________________________________________
Mandriva Linux Security Advisory MDKSA-2007:232
http://www.mandriva.com/security/
_______________________________________________________________________
Package : kernel
Date : November 28, 2007
Affected: 2008.0
_______________________________________________________________________
Problem Description:
Some vulnerabilities were discovered and corrected in the Linux
2.6 kernel:
The minix filesystem code allows local users to cause a denial of
service (hang) via a malformed minix file stream (CVE-2006-6058).
An integer underflow in the Linux kernel prior to 2.6.23 allows remote
attackers to cause a denial of service (crash) via a crafted SKB length
value in a runt IEEE 802.11 frame when the IEEE80211_STYPE_QOS_DATA
flag is set (CVE-2007-4997).
To update your kernel, please follow the directions located at:
http://www.mandriva.com/en/security/kernelupdate
_______________________________________________________________________
References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6058http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4997
_______________________________________________________________________
Updated Packages:
Mandriva Linux 2008.0:
5c1343b5d8ffdced8a3976f204f51525 2008.0/i586/kernel-2.6.22.12-1mdv-1-1mdv2008.0.i586.rpm
35d9b9d32b2dea3ced31c287dc48e7b5 2008.0/i586/kernel-desktop-2.6.22.12-1mdv-1-1mdv2008.0.i586.rpm
a0f6e8a00bcb369f60b42eda0a31e9a4 2008.0/i586/kernel-desktop-devel-2.6.22.12-1mdv-1-1mdv2008.0.i586.rpm
a2be11654f2b06d0579b6a3f5272c31a 2008.0/i586/kernel-desktop-devel-latest-2.6.22.12-1mdv2008.0.i586.rpm
4ac1c0d45cd643dbea927050e0a4010a 2008.0/i586/kernel-desktop-latest-2.6.22.12-1mdv2008.0.i586.rpm
beac61f42065285b3b2f34212d52d8d0 2008.0/i586/kernel-desktop586-2.6.22.12-1mdv-1-1mdv2008.0.i586.rpm
eb5bc9029a09d92870d1b2e33410eadd 2008.0/i586/kernel-desktop586-devel-2.6.22.12-1mdv-1-1mdv2008.0.i586.rpm
cb9ff0a7902a734e7f1378c46d2e024e 2008.0/i586/kernel-desktop586-devel-latest-2.6.22.12-1mdv2008.0.i586.rpm
5640e6c9846abf1cffdbba58517bc4f3 2008.0/i586/kernel-desktop586-latest-2.6.22.12-1mdv2008.0.i586.rpm
f47fc0edd34149905ec9c979b365ea1e 2008.0/i586/kernel-doc-2.6.22.12-1mdv2008.0.i586.rpm
4281e10a6a2ea8d0eec91e5d4c7f4a97 2008.0/i586/kernel-laptop-2.6.22.12-1mdv-1-1mdv2008.0.i586.rpm
bf0cdddc00747ca1eac97596d110b2b0 2008.0/i586/kernel-laptop-devel-2.6.22.12-1mdv-1-1mdv2008.0.i586.rpm
d8901cba80555234b45b7291966232f7 2008.0/i586/kernel-laptop-devel-latest-2.6.22.12-1mdv2008.0.i586.rpm
fc3f4e82c13a8fe0a3d7c138a4242523 2008.0/i586/kernel-laptop-latest-2.6.22.12-1mdv2008.0.i586.rpm
4471d2e11e5814d6b00a92203eb624fd 2008.0/i586/kernel-server-2.6.22.12-1mdv-1-1mdv2008.0.i586.rpm
3fd2a0f03031e55e1fd688f18a111909 2008.0/i586/kernel-server-devel-2.6.22.12-1mdv-1-1mdv2008.0.i586.rpm
60bebc8c572331ea54da8e2f2003d184 2008.0/i586/kernel-server-devel-latest-2.6.22.12-1mdv2008.0.i586.rpm
3603a84dec2dd525aee503face0f5466 2008.0/i586/kernel-server-latest-2.6.22.12-1mdv2008.0.i586.rpm
0fdee78f39eb58e8ed656dc746247805 2008.0/i586/kernel-source-2.6.22.12-1mdv-1-1mdv2008.0.i586.rpm
68e878051bf3584e2544382ffe685d4f 2008.0/i586/kernel-source-latest-2.6.22.12-1mdv2008.0.i586.rpm
666ec61a6b9f117b3a991bc0163b66a2 2008.0/SRPMS/kernel-2.6.22.12-1mdv2008.0.src.rpm
Mandriva Linux 2008.0/X86_64:
8a4670ea37e195b450780c65c1e848e1 2008.0/x86_64/kernel-2.6.22.12-1mdv-1-1mdv2008.0.x86_64.rpm
d423ea385be4e43c2e3662faf02ec952 2008.0/x86_64/kernel-desktop-2.6.22.12-1mdv-1-1mdv2008.0.x86_64.rpm
24d0752af597feb7d7df1ef0412010a4 2008.0/x86_64/kernel-desktop-devel-2.6.22.12-1mdv-1-1mdv2008.0.x86_64.rpm
61932b1d0078387f5212919776940e62 2008.0/x86_64/kernel-desktop-devel-latest-2.6.22.12-1mdv2008.0.x86_64.rpm
fff4298a795775460b87f2fe0b757d10 2008.0/x86_64/kernel-desktop-latest-2.6.22.12-1mdv2008.0.x86_64.rpm
a32ef6a87dc4a8dd28b6a83b810de9ff 2008.0/x86_64/kernel-doc-2.6.22.12-1mdv2008.0.x86_64.rpm
80b7e690f462eaf2993595afd70c9de0 2008.0/x86_64/kernel-laptop-2.6.22.12-1mdv-1-1mdv2008.0.x86_64.rpm
7f6df46dd7a05574c001527a3341b28d 2008.0/x86_64/kernel-laptop-devel-2.6.22.12-1mdv-1-1mdv2008.0.x86_64.rpm
efa087282b33923c354846909ec1585c 2008.0/x86_64/kernel-laptop-devel-latest-2.6.22.12-1mdv2008.0.x86_64.rpm
a24374352a24ce5c9e9fbfaf9c7f130d 2008.0/x86_64/kernel-laptop-latest-2.6.22.12-1mdv2008.0.x86_64.rpm
7a078712aea92dc7ce3f36288e6126e8 2008.0/x86_64/kernel-server-2.6.22.12-1mdv-1-1mdv2008.0.x86_64.rpm
53876a6ab82a4eabecb97be39a256d9b 2008.0/x86_64/kernel-server-devel-2.6.22.12-1mdv-1-1mdv2008.0.x86_64.rpm
bc7dc1b24b0acf0f0a4c819a765bd6f6 2008.0/x86_64/kernel-server-devel-latest-2.6.22.12-1mdv2008.0.x86_64.rpm
915a90d1b7dfd1f1b443d77191d90dad 2008.0/x86_64/kernel-server-latest-2.6.22.12-1mdv2008.0.x86_64.rpm
7b9728978473981add1ab6f95272a3ac 2008.0/x86_64/kernel-source-2.6.22.12-1mdv-1-1mdv2008.0.x86_64.rpm
e5e79acce294760ba2250590efffbcb1 2008.0/x86_64/kernel-source-latest-2.6.22.12-1mdv2008.0.x86_64.rpm
666ec61a6b9f117b3a991bc0163b66a2 2008.0/SRPMS/kernel-2.6.22.12-1mdv2008.0.src.rpm
_______________________________________________________________________
To upgrade automatically use MandrivaUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you.
All packages are signed by Mandriva for security. You can obtain the
GPG public key of the Mandriva Security Team by executing:
gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98
You can view other update advisories for Mandriva Linux at:
http://www.mandriva.com/security/advisories
If you want to report vulnerabilities, please contact
security_(at)_mandriva.com
_______________________________________________________________________
Type Bits/KeyID Date User ID
pub 1024D/22458A98 2000-07-10 Mandriva Security Team
<security*mandriva.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.7 (GNU/Linux)
iD8DBQFHTalKmqjQ0CJFipgRAmuMAKC5vYuP+GWkDtVgvHdlonswXNInPACgt14z
xMNG7xobmmz9u/fFFl77ZFw=
=+r4e
-----END PGP SIGNATURE-----