[<prev] [next>] [day] [month] [year] [list]
Message-ID: <200401061256.42557.security-announce@turbolinux.co.jp>
From: security-announce at turbolinux.co.jp (Turbolinux)
Subject: [TURBOLINUX SECURITY INFO] 06/Jan/2004
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
This is an announcement only email list for the x86 architecture.
============================================================
Turbolinux Security Announcement 06/Jan/2004
============================================================
The following page contains the security information of Turbolinux Inc.
- Turbolinux Security Center
http://www.turbolinux.com/security/
(1) kernel -> kernel mremap vulnerability
===========================================================
* kernel -> kernel mremap vulnerability
===========================================================
More information :
The kernel package contains the Linux kernel (vmlinuz), the core of your Linux operating system.
The kernel handles the basic functions of the operating system.
The Linux memory management subsystem (mremap) isssue have been discovered in Kernel2.4.
Impact :
The local users may be able to gain root privileges.
Affected Products :
- Turbolinux 8 Server
- Turbolinux 8 Workstation
- Turbolinux 7 Server
- Turbolinux 7 Workstation
Solution :
Please use turbopkg(zabom) tool to apply the update.
---------------------------------------------
# turbopkg
or
# zabom update kernel kernel-BOOT kernel-doc kernel-headers kernel-pcmcia-cs kernel-smp kernel-smp64G kernel-source
---------------------------------------------
<Turbolinux 8 Server>
Source Packages
Size : MD5
ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/8/updates/SRPMS/kernel-2.4.18-16.src.rpm
41913762 bb068af1293917a5830bc39939c7ed60
Binary Packages
Size : MD5
ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Server/8/updates/RPMS/kernel-2.4.18-16.i586.rpm
14072693 1e2dfa0a3a6f90daaa15d48a34082c31
ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Server/8/updates/RPMS/kernel-BOOT-2.4.18-16.i586.rpm
7100767 f2ab93bca6266a0484828d697af11d79
ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Server/8/updates/RPMS/kernel-doc-2.4.18-16.i586.rpm
1457894 ab50b07561aefd7ad8953ed599867163
ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Server/8/updates/RPMS/kernel-headers-2.4.18-16.i586.rpm
1815780 77d5fa6d227e8124bc9746f0f3e8da76
ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Server/8/updates/RPMS/kernel-pcmcia-cs-2.4.18-16.i586.rpm
329042 d2672266844a19e9b8aeb290d817e4e3
ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Server/8/updates/RPMS/kernel-smp-2.4.18-16.i586.rpm
14551108 9c0260f2032f0a9411b48030e37ecc6e
ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Server/8/updates/RPMS/kernel-smp64G-2.4.18-16.i586.rpm
14540333 e4bc5e66c81abf489645ebbd593ba558
ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Server/8/updates/RPMS/kernel-source-2.4.18-16.i586.rpm
26537903 6d29fd4d02d927970fc18e4f9b4bde3d
<Turbolinux 8 Workstation>
Source Packages
Size : MD5
ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Workstation/8/updates/SRPMS/kernel-2.4.18-16.src.rpm
41913762 bb068af1293917a5830bc39939c7ed60
Binary Packages
Size : MD5
ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Workstation/8/updates/RPMS/kernel-2.4.18-16.i586.rpm
14072693 1e2dfa0a3a6f90daaa15d48a34082c31
ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Workstation/8/updates/RPMS/kernel-BOOT-2.4.18-16.i586.rpm
7100767 f2ab93bca6266a0484828d697af11d79
ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Workstation/8/updates/RPMS/kernel-doc-2.4.18-16.i586.rpm
1457894 ab50b07561aefd7ad8953ed599867163
ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Workstation/8/updates/RPMS/kernel-headers-2.4.18-16.i586.rpm
1815780 77d5fa6d227e8124bc9746f0f3e8da76
ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Workstation/8/updates/RPMS/kernel-pcmcia-cs-2.4.18-16.i586.rpm
329042 d2672266844a19e9b8aeb290d817e4e3
ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Workstation/8/updates/RPMS/kernel-smp-2.4.18-16.i586.rpm
14551108 9c0260f2032f0a9411b48030e37ecc6e
ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Workstation/8/updates/RPMS/kernel-smp64G-2.4.18-16.i586.rpm
14540333 e4bc5e66c81abf489645ebbd593ba558
ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Workstation/8/updates/RPMS/kernel-source-2.4.18-16.i586.rpm
26537903 6d29fd4d02d927970fc18e4f9b4bde3d
<Turbolinux 7 Server>
Source Packages
Size : MD5
ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Server/7/updates/SRPMS/kernel-2.4.18-16.src.rpm
41913762 bb068af1293917a5830bc39939c7ed60
Binary Packages
Size : MD5
ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Server/7/updates/RPMS/kernel-2.4.18-16.i586.rpm
14072693 1e2dfa0a3a6f90daaa15d48a34082c31
ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Server/7/updates/RPMS/kernel-BOOT-2.4.18-16.i586.rpm
7100767 f2ab93bca6266a0484828d697af11d79
ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Server/7/updates/RPMS/kernel-doc-2.4.18-16.i586.rpm
1457894 ab50b07561aefd7ad8953ed599867163
ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Server/7/updates/RPMS/kernel-headers-2.4.18-16.i586.rpm
1815780 77d5fa6d227e8124bc9746f0f3e8da76
ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Server/7/updates/RPMS/kernel-pcmcia-cs-2.4.18-16.i586.rpm
329042 d2672266844a19e9b8aeb290d817e4e3
ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Server/7/updates/RPMS/kernel-smp-2.4.18-16.i586.rpm
14551108 9c0260f2032f0a9411b48030e37ecc6e
ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Server/7/updates/RPMS/kernel-smp64G-2.4.18-16.i586.rpm
14540333 e4bc5e66c81abf489645ebbd593ba558
ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Server/7/updates/RPMS/kernel-source-2.4.18-16.i586.rpm
26537903 6d29fd4d02d927970fc18e4f9b4bde3d
<Turbolinux 7 Workstation>
Source Packages
Size : MD5
ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Workstation/7/updates/SRPMS/kernel-2.4.18-16.src.rpm
41913762 bb068af1293917a5830bc39939c7ed60
Binary Packages
Size : MD5
ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Workstation/7/updates/RPMS/kernel-2.4.18-16.i586.rpm
14072693 1e2dfa0a3a6f90daaa15d48a34082c31
ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Workstation/7/updates/RPMS/kernel-BOOT-2.4.18-16.i586.rpm
7100767 f2ab93bca6266a0484828d697af11d79
ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Workstation/7/updates/RPMS/kernel-doc-2.4.18-16.i586.rpm
1457894 ab50b07561aefd7ad8953ed599867163
ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Workstation/7/updates/RPMS/kernel-headers-2.4.18-16.i586.rpm
1815780 77d5fa6d227e8124bc9746f0f3e8da76
ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Workstation/7/updates/RPMS/kernel-pcmcia-cs-2.4.18-16.i586.rpm
329042 d2672266844a19e9b8aeb290d817e4e3
ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Workstation/7/updates/RPMS/kernel-smp-2.4.18-16.i586.rpm
14551108 9c0260f2032f0a9411b48030e37ecc6e
ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Workstation/7/updates/RPMS/kernel-smp64G-2.4.18-16.i586.rpm
14540333 e4bc5e66c81abf489645ebbd593ba558
ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Workstation/7/updates/RPMS/kernel-source-2.4.18-16.i586.rpm
26537903 6d29fd4d02d927970fc18e4f9b4bde3d
References :
CVE
[CAN-2003-0985]
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0985
* You may need to update the turbopkg tool before applying the update.
Please refer to the following URL for detailed information.
http://www.turbolinux.com/download/zabom.html
http://www.turbolinux.com/download/zabomupdate.html
Package Update Path
http://www.turbolinux.com/update
============================================================
* To obtain the public key
Here is the public key
http://www.turbolinux.com/security/
* To unsubscribe from the list
If you ever want to remove yourself from this mailing list,
you can send a message to <server-users-e-ctl@...bolinux.co.jp> with
the word `unsubscribe' in the body (don't include the quotes).
unsubscribe
* To change your email address
If you ever want to chage email address in this mailing list,
you can send a message to <server-users-e-ctl@...bolinux.co.jp> with
the following command in the message body:
chaddr 'old address' 'new address'
If you have any questions or problems, please contact
<supp_info@...bolinux.co.jp>
Thank you!
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.3 (GNU/Linux)
iD8DBQE/+jHsK0LzjOqIJMwRAmKgAJ9lsDB19QPplRaX2f9bjekaMPkCtACeNgfi
9CSZg6sN3tPlfNhFr4q+PAk=
=uB9b
-----END PGP SIGNATURE-----
Powered by blists - more mailing lists