TSLSA-2002-0077 - kernel

From: Trustix Secure Linux Advisor (tslat_private)
Date: Mon Nov 18 2002 - 05:40:37 PST

Next message: 3APA3A: "LOM: Multiple vulnerabilities in Macromedia Flash ActiveX"

Previous message: Joseph Wagner: "GNU GCC: Optimizer Removes Code Necessary for Security"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- --------------------------------------------------------------------------
Trustix Secure Linux Security Advisory #2002-0077

Package name:      kernel
Summary:           local DoS
Date:              2002-11-15
Affected versions: TSL 1.1, 1.2, 1.5

- --------------------------------------------------------------------------
Package description:
  The kernel package contains the Linux kernel (vmlinuz), the core of your
  Trustix Secure Linux operating system.  The kernel handles the basic
  functions of the operating system:  memory allocation, process allocation,
  device input and output, etc.


Problem description:
  As reported on Bugtraq, any local user could cause the kernel to lock
  solid.  
  In addition, this update adds the aacraid driver.


Action:
  We recommend that all systems with this package installed be upgraded.


Location:
  All TSL updates are available from
  <URI:http://www.trustix.net/pub/Trustix/updates/>
  <URI:ftp://ftp.trustix.net/pub/Trustix/updates/>


About Trustix Secure Linux:
  Trustix Secure Linux is a small Linux distribution for servers. With focus on
  security and stability, the system is painlessly kept safe and up to date 
  from day one using swup, the automated software updater.


Automatic updates:
  Users of the SWUP tool can enjoy having updates automatically
  installed using 'swup --upgrade'.

  Get SWUP from:
  <URI:ftp://ftp.trustix.net/pub/Trustix/software/swup/>


Public testing:
  These packages have been available for public testing for some time.
  If you want to contribute by testing the various packages in the
  testing tree, please feel free to share your findings on the
  tsl-discuss mailinglist.
  The testing tree is located at
  <URI:http://www.trustix.net/pub/Trustix/testing/>
  <URI:ftp://ftp.trustix.net/pub/Trustix/testing/>
  

Questions?
  Check out our mailing lists:
  <URI:http://www.trustix.net/support/>


Verification:
  This advisory along with all TSL packages are signed with the TSL sign key.
  This key is available from:
  <URI:http://www.trustix.net/TSL-GPG-KEY>

  The advisory itself is available from the errata pages at
  <URI:http://www.trustix.net/errata/trustix-1.2/> and
  <URI:http://www.trustix.net/errata/trustix-1.5/>
  or directly at
  <URI:http://www.trustix.net/errata/misc/2002/TSL-2002-0077-kernel.asc.txt>


MD5sums of the packages:
- --------------------------------------------------------------------------
3cafd4b8397a9d444964a17757b2f134  ./1.1/RPMS/kernel-2.2.22-6tr.i586.rpm
fae3bc075be59859c26733794552c878  ./1.1/RPMS/kernel-BOOT-2.2.22-6tr.i586.rpm
2ffdb57751a7361f75773810d2c70240  ./1.1/RPMS/kernel-doc-2.2.22-6tr.i586.rpm
60c14be0b1ae9a3f6f4f8bf4d72e48c6  ./1.1/RPMS/kernel-headers-2.2.22-6tr.i586.rpm
10da9ee1fe295a2575a42a058a570a39  ./1.1/RPMS/kernel-smp-2.2.22-6tr.i586.rpm
0887a7898d97f5332900dc86842c898a  ./1.1/RPMS/kernel-source-2.2.22-6tr.i586.rpm
0755588bcc28392bec62fd94ef509e33  ./1.1/RPMS/kernel-utils-2.2.22-6tr.i586.rpm
f93a2f872341d21a8e37c8a70947e791  ./1.1/SRPMS/kernel-2.2.22-6tr.src.rpm
a708f419da8a2bb9009ae0c669e27d6c  ./1.2/RPMS/kernel-2.2.22-6tr.i586.rpm
3c7dafd9f55cba6158f824a238c13b83  ./1.2/RPMS/kernel-BOOT-2.2.22-6tr.i586.rpm
9bb57463220c577c19c4124da7c2efd7  ./1.2/RPMS/kernel-doc-2.2.22-6tr.i586.rpm
6a33c91c1d36651728b4686209c2d512  ./1.2/RPMS/kernel-headers-2.2.22-6tr.i586.rpm
f8d97d308760e2e342d521788b8fa498  ./1.2/RPMS/kernel-smp-2.2.22-6tr.i586.rpm
3b3b8f0706fd9b3424ebedb62f52eb90  ./1.2/RPMS/kernel-source-2.2.22-6tr.i586.rpm
14ffb3e5f6191bfb0936b521d06ff604  ./1.2/RPMS/kernel-utils-2.2.22-6tr.i586.rpm
f93a2f872341d21a8e37c8a70947e791  ./1.2/SRPMS/kernel-2.2.22-6tr.src.rpm
4155e0b348aa56b386ff0f48a7ff57bb  ./1.5/RPMS/kernel-2.2.22-6tr.i586.rpm
df5e6f9906b88cd4a14f88b47ef3392d  ./1.5/RPMS/kernel-BOOT-2.2.22-6tr.i586.rpm
45f603e41135ed444ad9cc5613ef2311  ./1.5/RPMS/kernel-doc-2.2.22-6tr.i586.rpm
7565dd60b09ccc700271770545938517  ./1.5/RPMS/kernel-headers-2.2.22-6tr.i586.rpm
cb08fd349e6471a51eee8fb0773a9250  ./1.5/RPMS/kernel-smp-2.2.22-6tr.i586.rpm
cf1117568d2c9490bddb7e9a40a2b10c  ./1.5/RPMS/kernel-source-2.2.22-6tr.i586.rpm
a661c87d6299e36877b621cb4895a406  ./1.5/RPMS/kernel-utils-2.2.22-6tr.i586.rpm
f93a2f872341d21a8e37c8a70947e791  ./1.5/SRPMS/kernel-2.2.22-6tr.src.rpm
- --------------------------------------------------------------------------


Trustix Security Team

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (GNU/Linux)
Comment: For info see http://www.gnupg.org

iD8DBQE92NuQwRTcg4BxxS0RAmhpAJsFvY4EB4V1z4AzWVw2GYUgYnqaywCbBNB2
PHlV7ynV5cTAPzDuIE32HC8=
=dc+l
-----END PGP SIGNATURE-----

Next message: 3APA3A: "LOM: Multiple vulnerabilities in Macromedia Flash ActiveX"
Previous message: Joseph Wagner: "GNU GCC: Optimizer Removes Code Necessary for Security"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Tue Nov 19 2002 - 12:51:29 PST