lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Message-ID: <20040616115421.GA31883@tsunami.trustix.net>
Date: Wed, 16 Jun 2004 13:54:21 +0200
From: Trustix Security Advisor <tsl@...stix.org>
To: bugtraq@...urityfocus.com
Subject: TSLSA-2004-0034 - kernel


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- --------------------------------------------------------------------------
Trustix Secure Linux Bugfix Advisory #2004-0034

Package name:      kernel
Summary:           Local DoS
Date:              2004-06-16
Affected versions: Trustix Secure Linux 2.0
                   Trustix Secure Linux 2.1
                   Trustix Operating System - Enterprise Server 2

- --------------------------------------------------------------------------
Package description:
  The kernel package contains the Linux kernel (vmlinuz), the core of your
  Trustix Secure Linux operating system.  The kernel handles the basic
  functions of the operating system:  memory allocation, process allocation,
  device input and output, etc.

Problem description:
  A flaw was by accident discovered by Stian Skjelstad when he was doing
  some code tests during vacation. He was quite surprised when I discovered
  that the code he was trying froze his machine. He reported it to the
  Linux-kernel mailing list and the gcc bugzilla 2004-06-09.

  See CAN-2004-0554 at http://cve.mitre.org/ for more information.


Action:
  We recommend that all systems with this package installed be upgraded.
  Please note that if you do not need the functionality provided by this
  package, you may want to remove it from your system.


Location:
  All Trustix Secure Linux updates are available from
  <URI:http://http.trustix.org/pub/trustix/updates/>
  <URI:ftp://ftp.trustix.org/pub/trustix/updates/>


About Trustix Secure Linux:
  Trustix Secure Linux is a small Linux distribution for servers. With focus
  on security and stability, the system is painlessly kept safe and up to
  date from day one using swup, the automated software updater.


Automatic updates:
  Users of the SWUP tool can enjoy having updates automatically
  installed using 'swup --upgrade'.


Public testing:
  Most updates for Trustix Secure Linux are made available for public
  testing some time before release.
  If you want to contribute by testing the various packages in the
  testing tree, please feel free to share your findings on the
  tsl-discuss mailinglist.
  The testing tree is located at
  <URI:http://tsldev.trustix.org/horizon/>

  You may also use swup for public testing of updates:
  
  site {
      class = 0
      location = "http://tsldev.trustix.org/horizon/rdfs/latest.rdf"
      regexp = ".*"
  }
  

Questions?
  Check out our mailing lists:
  <URI:http://www.trustix.org/support/>


Verification:
  This advisory along with all Trustix packages are signed with the
  TSL sign key.
  This key is available from:
  <URI:http://www.trustix.org/TSL-SIGN-KEY>

  The advisory itself is available from the errata pages at
  <URI:http://www.trustix.org/errata/trustix-2.0/> and
  <URI:http://www.trustix.org/errata/trustix-2.1/>
  or directly at
  <URI:http://www.trustix.org/errata/2004/0034>


MD5sums of the packages:
- --------------------------------------------------------------------------
4eeda04ede3e7538c560d78db0087abf  2.1/rpms/kernel-2.4.26-2tr.i586.rpm
f116f17ce723574940cf5653e24b189b  2.1/rpms/kernel-BOOT-2.4.26-2tr.i586.rpm
beb2d9638544bbe1e3d3d4c4f3bc0841  2.1/rpms/kernel-doc-2.4.26-2tr.i586.rpm
1da3f4c3c5489ad6441c1deb77ade460  2.1/rpms/kernel-firewall-2.4.26-2tr.i586.rpm
33a3d2cc288d8feca38bf723a532d5fc  2.1/rpms/kernel-firewallsmp-2.4.26-2tr.i586.rpm
2eca74fa29f9ab94400c3b660f1cb7d4  2.1/rpms/kernel-smp-2.4.26-2tr.i586.rpm
87d8729ae10b644fd4293028064b4449  2.1/rpms/kernel-source-2.4.26-2tr.i586.rpm
5e79ec0c2f39096258f277b6c9742010  2.1/rpms/kernel-utils-2.4.26-2tr.i586.rpm
19085e9447cf6c6e442dc7b5cce2741d  2.0/rpms/kernel-2.4.26-2tr.i586.rpm
65a65ef1e6387ff9d1c00f4775baf824  2.0/rpms/kernel-BOOT-2.4.26-2tr.i586.rpm
cfe247f0b22f9f9964ad192610030429  2.0/rpms/kernel-doc-2.4.26-2tr.i586.rpm
be9eaf3ea57f93f12732927230014e5d  2.0/rpms/kernel-firewall-2.4.26-2tr.i586.rpm
7ac9ad8333acd85d59337ab963021c95  2.0/rpms/kernel-firewallsmp-2.4.26-2tr.i586.rpm
ff07e3390ca40209e1a3e8cd4b5b6d3a  2.0/rpms/kernel-smp-2.4.26-2tr.i586.rpm
5216d7c88b49b6f4588ff68ca15a9bc5  2.0/rpms/kernel-source-2.4.26-2tr.i586.rpm
5881e9c49f504248ccdb983430f3d3cf  2.0/rpms/kernel-utils-2.4.26-2tr.i586.rpm
24ea881f70d85501dde7b0bd280db86b  e2/kernel-2.4.26-2tr.i586.rpm
b19ab411d3ecb4033b828a1dbd8b7d6e  e2/kernel-BOOT-2.4.26-2tr.i586.rpm
86bf9bee49f8aca7220c1be1fa085bc6  e2/kernel-doc-2.4.26-2tr.i586.rpm
2ae2ddcca0440e2a7995208500b05b88  e2/kernel-firewall-2.4.26-2tr.i586.rpm
53b6077acf13c8c1ae2358ad078b1710  e2/kernel-firewallsmp-2.4.26-2tr.i586.rpm
7ad7e859f539438ca7ada4ed0b12ea76  e2/kernel-smp-2.4.26-2tr.i586.rpm
2719c667ccbeabd5e40eadc747663ad3  e2/kernel-source-2.4.26-2tr.i586.rpm
c340c5b408699be1d6d44a2d9b9211c8  e2/kernel-utils-2.4.26-2tr.i586.rpm
- --------------------------------------------------------------------------


Trustix Security Team

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.2 (GNU/Linux)

iD8DBQFA0DFii8CEzsK9IksRAteIAJ97XC+eJOVpi/AVkvkk9W9O2byoGgCfYxMo
K4oBAeXOexvaNTo652IzAnA=
=7CnB
-----END PGP SIGNATURE-----


Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ