[<prev] [next>] [day] [month] [year] [list]
Message-ID: <20050405141044.GA28714@tsunami.trustix.net>
Date: Tue, 5 Apr 2005 16:10:44 +0200
From: Trustix Security Advisor <tsl@...stix.org>
To: bugtraq@...urityfocus.com
Subject: TSLSA-2005-0011 - kernel
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
- --------------------------------------------------------------------------
Trustix Secure Linux Security Advisory #2005-0011
Package name: kernel
Summary: Various security bugs
Date: 2005-04-05
Affected versions: Trustix Secure Linux 2.1
Trustix Secure Linux 2.2
Trustix Operating System - Enterprise Server 2
- --------------------------------------------------------------------------
Package description:
The kernel package contains the Linux kernel (vmlinuz), the core of your
Trustix Secure Linux operating system. The kernel handles the basic
functions of the operating system: memory allocation, process allocation,
device input and output, etc.
Problem description:
Mathieu Lafon didcovered an information leak in the ext2 mkdir() function
where random kernel memory is written to disk.
The Common Vulnerabilities and Exposures project (cve.mitre.org) has
assigned the name CAN-2005-0400 to this issue.
Herbert Xu discovered a potential DOS in load_elf_library.
The Common Vulnerabilities and Exposures project (cve.mitre.org) has
assigned the name CAN-2005-0749 to this issue.
Ilja van Sprundel discovered an exploitable integer overflow in
af_bluetooth which could lead to priviliege escalation.
The Common Vulnerabilities and Exposures project (cve.mitre.org) has
assigned the name CAN-2005-0750 to this issue.
Action:
We recommend that all systems with this package installed be upgraded.
Please note that if you do not need the functionality provided by this
package, you may want to remove it from your system.
Location:
All Trustix Secure Linux updates are available from
<URI:http://http.trustix.org/pub/trustix/updates/>
<URI:ftp://ftp.trustix.org/pub/trustix/updates/>
About Trustix Secure Linux:
Trustix Secure Linux is a small Linux distribution for servers. With focus
on security and stability, the system is painlessly kept safe and up to
date from day one using swup, the automated software updater.
Automatic updates:
Users of the SWUP tool can enjoy having updates automatically
installed using 'swup --upgrade'.
Questions?
Check out our mailing lists:
<URI:http://www.trustix.org/support/>
Verification:
This advisory along with all Trustix packages are signed with the
TSL sign key.
This key is available from:
<URI:http://www.trustix.org/TSL-SIGN-KEY>
The advisory itself is available from the errata pages at
<URI:http://www.trustix.org/errata/trustix-2.1/> and
<URI:http://www.trustix.org/errata/trustix-2.2/>
or directly at
<URI:http://www.trustix.org/errata/2005/0011/>
MD5sums of the packages:
- --------------------------------------------------------------------------
5a101df55c1b7913557af4f6973de263 2.2/rpms/kernel-2.4.30-2tr.i586.rpm
8168ff203ce1d9d8abfac4e8ea43bc56 2.2/rpms/kernel-BOOT-2.4.30-2tr.i586.rpm
2c7f4c7f9a7b6f4046712aa11bc54a81 2.2/rpms/kernel-doc-2.4.30-2tr.i586.rpm
de8a41479e466904e1e4ac48f404d15d 2.2/rpms/kernel-smp-2.4.30-2tr.i586.rpm
09bc2ed6711f8cd78eacd4231b10c3a2 2.2/rpms/kernel-source-2.4.30-2tr.i586.rpm
6443f710872c3c70f7bcc3b4ed14d20c 2.2/rpms/kernel-utils-2.4.30-2tr.i586.rpm
1b56583fb5e9c9c6feb7bd2210be9f4b 2.1/rpms/kernel-2.4.30-1tr.i586.rpm
3d56c6e78d2efef344fc40d0909dc0ed 2.1/rpms/kernel-BOOT-2.4.30-1tr.i586.rpm
b8587c2e64c1f78f3dc0f450fa7958f9 2.1/rpms/kernel-doc-2.4.30-1tr.i586.rpm
e2eca2719a9cb1243ba6e67dc59d8fde 2.1/rpms/kernel-firewall-2.4.30-1tr.i586.rpm
28469f57323a08a810315e8120bf212e 2.1/rpms/kernel-firewallsmp-2.4.30-1tr.i586.rpm
7df6788b4799278b7f573ca6c32cd2b2 2.1/rpms/kernel-smp-2.4.30-1tr.i586.rpm
f54c959f4c7bbd08ff1d8d6f4fcf3e8e 2.1/rpms/kernel-source-2.4.30-1tr.i586.rpm
15358a847f862cf00d9130682e58844d 2.1/rpms/kernel-utils-2.4.30-1tr.i586.rpm
- --------------------------------------------------------------------------
Trustix Security Team
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.6 (GNU/Linux)
iD8DBQFCUpovi8CEzsK9IksRAjTyAJ9vFZ/l4PKsPKtptwp7swMpR5n3nQCcD/9D
kr7wqn50Gvl5Fn5W+ZxNXLU=
=Cbpv
-----END PGP SIGNATURE-----
Powered by blists - more mailing lists