lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Message-ID: <20030814004604.GA6337@alcor.net>
From: debian-security-announce at lists.debian.org (debian-security-announce@...ts.debian.org)
Subject: [SECURITY] [DSA-358-4] New kernel packages fix potential "oops"

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- --------------------------------------------------------------------------
Debian Security Advisory DSA 358-4                     security@...ian.org
http://www.debian.org/security/                             Matt Zimmerman
August 13th, 2003                       http://www.debian.org/security/faq
- --------------------------------------------------------------------------

Package        : linux-kernel-i386, linux-kernel-alpha

This advisory provides a correction to the previous kernel updates,
which contained an error introduced in kernel-source-2.4.18 version
2.4.18-10.  This error could result in a kernel "oops" under certain
circumstances involving POSIX locks and multithreaded programs.

For the stable distribution (woody) on the i386 architecture, this
problem has been fixed in kernel-source-2.4.18 version 2.4.18-13,
kernel-image-2.4.18-i386bf version 2.4.18-5woody4, and
kernel-image-2.4.18-1-i386 version 2.4.18-11.

For the stable distribution (woody) on the alpha architecture, this
problem has been fixed in kernel-source-2.4.18 version 2.4.18-13 and
kernel-image-2.4.18-1-alpha version 2.4.18-10.

For the unstable distribution (sid) this problem has been fixed in
kernel-source-2.4.20 version 2.4.20-7.

We recommend that you update your kernel packages.

If you are using the kernel installed by the installation system when
the "bf24" option is selected (for a 2.4.x kernel), you should install
the kernel-image-2.4.18-bf2.4 package.  If you installed a different
kernel-image package after installation, you should install the
corresponding 2.4.18-1 kernel.  You may use the table below as a
guide.

| If "uname -r" shows: | Install this package:
- ------------------------------------------------------
| 2.4.18-bf2.4         | kernel-image-2.4.18-bf2.4
| 2.4.18-386           | kernel-image-2.4.18-1-386
| 2.4.18-586tsc        | kernel-image-2.4.18-1-586tsc
| 2.4.18-686           | kernel-image-2.4.18-1-686
| 2.4.18-686-smp       | kernel-image-2.4.18-1-686-smp
| 2.4.18-k6            | kernel-image-2.4.18-1-k6
| 2.4.18-k7            | kernel-image-2.4.18-1-k7

NOTE: that this kernel is binary compatible with the previous kernel
security updates, but not binary compatible with the corresponding
kernel included in Debian 3.0r1.  If you have not already applied the
previous security update (kernel-image-2.4.18-bf2.4 version
2.4.18-5woody1 or any of the 2.4.18-1-* kernels), then any custom
modules will need to be rebuilt in order to work with the new kernel.
New PCMCIA modules are provided for all of the above kernels.

NOTE: A system reboot will be required immediately after the upgrade
in order to replace the running kernel.  Remember to read carefully
and follow the instructions given during the kernel upgrade process.

Upgrade Instructions
- --------------------

wget url
        will fetch the file for you
dpkg -i file.deb
        will install the referenced file.

If you are using the apt-get package manager, use the line for
sources.list as given below:

apt-get update
        will update the internal database
apt-get upgrade
        will install corrected packages

You may use an automated update by adding the resources from the
footer to the proper configuration.

Debian GNU/Linux 3.0 alias woody
- --------------------------------

  Source archives:

    http://security.debian.org/pool/updates/main/k/kernel-source-2.4.18/kernel-source-2.4.18_2.4.18-13.dsc
      Size/MD5 checksum:      798 0474286fe0631aca601a668f3b9a6f7d
    http://security.debian.org/pool/updates/main/k/kernel-source-2.4.18/kernel-source-2.4.18_2.4.18-13.diff.gz
      Size/MD5 checksum:    66753 a4b199baa42082fccbd3992f77b442bf
    http://security.debian.org/pool/updates/main/k/kernel-source-2.4.18/kernel-source-2.4.18_2.4.18.orig.tar.gz
      Size/MD5 checksum: 29818323 24b4c45a04a23eb4ce465eb326a6ddf2
    http://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-i386bf/kernel-image-2.4.18-i386bf_2.4.18-5woody4.dsc
      Size/MD5 checksum:      654 5410ea3327a01dbba31f6a1c9318040d
    http://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-i386bf/kernel-image-2.4.18-i386bf_2.4.18-5woody4.tar.gz
      Size/MD5 checksum:    25953 710399a835192f323b4e5b3d59691e0c
    http://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-1-i386/kernel-image-2.4.18-1-i386_2.4.18-11.dsc
      Size/MD5 checksum:     1325 d8e3c8474c79f7e5470b8e66ba06cd64
    http://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-1-i386/kernel-image-2.4.18-1-i386_2.4.18-11.tar.gz
      Size/MD5 checksum:    69701 01893cf83ce365ce9d149c48aad5c4fb
    http://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-1-alpha/kernel-image-2.4.18-1-alpha_2.4.18-10.dsc
      Size/MD5 checksum:      874 fd6016646413699527f2bd92b97c27bf
    http://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-1-alpha/kernel-image-2.4.18-1-alpha_2.4.18-10.tar.gz
      Size/MD5 checksum:    24151 31b559520b81e580cc6b8356d662417b


  Architecture independent components:

    http://security.debian.org/pool/updates/main/k/kernel-source-2.4.18/kernel-doc-2.4.18_2.4.18-13_all.deb
      Size/MD5 checksum:  1710390 82a21d0bb4a9cf24a2b54109edee95c5
    http://security.debian.org/pool/updates/main/k/kernel-source-2.4.18/kernel-source-2.4.18_2.4.18-13_all.deb
      Size/MD5 checksum: 23886478 b3e50b8313c93d06cec058d6daecd32e

  Intel IA-32 architecture:

    http://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-i386bf/kernel-headers-2.4.18-bf2.4_2.4.18-5woody4_i386.deb
      Size/MD5 checksum:  3395152 ce36117cf285cec2712b04b63bcfa123
    http://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-i386bf/kernel-image-2.4.18-bf2.4_2.4.18-5woody4_i386.deb
      Size/MD5 checksum:  6424840 754ecbe313899bfa60c0f82cc1ed27e2
    http://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-1-i386/kernel-headers-2.4.18-1_2.4.18-11_i386.deb
      Size/MD5 checksum:  3398074 e7a82c669bc55b575478c9d5b9f3da29
    http://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-1-i386/kernel-headers-2.4.18-1-386_2.4.18-11_i386.deb
      Size/MD5 checksum:  3487382 fcd83e99910a94b6f5b6f1dd2fb3dc72
    http://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-1-i386/kernel-headers-2.4.18-1-586tsc_2.4.18-11_i386.deb
      Size/MD5 checksum:  3488092 165203c91288aa3a6ddfb5a3d2ec9636
    http://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-1-i386/kernel-headers-2.4.18-1-686_2.4.18-11_i386.deb
      Size/MD5 checksum:  3488438 e4fc0d2c216c2b64d678fe8cd8484132
    http://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-1-i386/kernel-headers-2.4.18-1-686-smp_2.4.18-11_i386.deb
      Size/MD5 checksum:  3489652 ca72c5d39f40db35a16bb0bb8e60e93e
    http://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-1-i386/kernel-headers-2.4.18-1-k6_2.4.18-11_i386.deb
      Size/MD5 checksum:  3487788 b445f5bb84ad1e06a689dcc058c77aae
    http://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-1-i386/kernel-headers-2.4.18-1-k7_2.4.18-11_i386.deb
      Size/MD5 checksum:  3488102 be025488d37c786137240a7e00d18e65
    http://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-1-i386/kernel-image-2.4.18-1-386_2.4.18-11_i386.deb
      Size/MD5 checksum:  8797522 8ba95c7330e02ab60379bb81ef93b4b1
    http://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-1-i386/kernel-image-2.4.18-1-586tsc_2.4.18-11_i386.deb
      Size/MD5 checksum:  8704278 6905e1bcd5b9b06b9db0e5e50660be05
    http://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-1-i386/kernel-image-2.4.18-1-686_2.4.18-11_i386.deb
      Size/MD5 checksum:  8702472 9ec990c325db4161e2797b7ba1a33acf
    http://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-1-i386/kernel-image-2.4.18-1-686-smp_2.4.18-11_i386.deb
      Size/MD5 checksum:  8959994 75c5185d3faebe8f3385fc8d9344e545
    http://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-1-i386/kernel-image-2.4.18-1-k6_2.4.18-11_i386.deb
      Size/MD5 checksum:  8661098 e90103e93919ceaaf18678af3d674842
    http://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-1-i386/kernel-image-2.4.18-1-k7_2.4.18-11_i386.deb
      Size/MD5 checksum:  8863096 c4cb4b2b04298cb11e1e84bc54d0649c
    http://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-1-i386/kernel-pcmcia-modules-2.4.18-1-386_2.4.18-11_i386.deb
      Size/MD5 checksum:   228246 9d7f9e9bf6fa6d587b7bb20db0353f5c
    http://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-1-i386/kernel-pcmcia-modules-2.4.18-1-586tsc_2.4.18-11_i386.deb
      Size/MD5 checksum:   227784 c32bdcf2afbd288a706739a3d62d801d
    http://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-1-i386/kernel-pcmcia-modules-2.4.18-1-686_2.4.18-11_i386.deb
      Size/MD5 checksum:   227246 7b2314445633627f41abf8c7225e174a
    http://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-1-i386/kernel-pcmcia-modules-2.4.18-1-686-smp_2.4.18-11_i386.deb
      Size/MD5 checksum:   230890 2cb9020c466b5060586af74891a96724
    http://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-1-i386/kernel-pcmcia-modules-2.4.18-1-k6_2.4.18-11_i386.deb
      Size/MD5 checksum:   226876 212ad6114bce72a5583b525eda135ab4
    http://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-1-i386/kernel-pcmcia-modules-2.4.18-1-k7_2.4.18-11_i386.deb
      Size/MD5 checksum:   230158 f612244cf007da73705acd321e2804d2

  Alpha architecture:

    http://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-1-alpha/kernel-headers-2.4.18-1_2.4.18-10_alpha.deb
      Size/MD5 checksum:  3333366 25618ec62983262745220841e6969ba3
    http://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-1-alpha/kernel-headers-2.4.18-1-generic_2.4.18-10_alpha.deb
      Size/MD5 checksum:  3474594 3c02c28156b031071d43d0d2c7f9385f
    http://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-1-alpha/kernel-headers-2.4.18-1-smp_2.4.18-10_alpha.deb
      Size/MD5 checksum:  3477020 f0ba185dddbf538c55ba50ba35616fb6
    http://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-1-alpha/kernel-image-2.4.18-1-generic_2.4.18-10_alpha.deb
      Size/MD5 checksum: 12425880 459d277c533fa19ce78bb3dc02cef36e
    http://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-1-alpha/kernel-image-2.4.18-1-smp_2.4.18-10_alpha.deb
      Size/MD5 checksum: 12799764 454388dbca3f95c864075771066941c8

  These files will probably be moved into the stable distribution on
  its next revision.

- ---------------------------------------------------------------------------------
For apt-get: deb http://security.debian.org/ stable/updates main
For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main
Mailing list: debian-security-announce@...ts.debian.org
Package info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.2 (GNU/Linux)

iD8DBQE/OtuhArxCt0PiXR4RAkZxAKCL0P2yKedPmfKNVMGhziiOMcKdEwCggSTZ
iuEDsUlq0wq4jqhmnHH/JrE=
=sHnj
-----END PGP SIGNATURE-----


Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ