| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
From: security-announce at turbolinux.co.jp (Turbolinux)
Subject: [TURBOLINUX SECURITY INFO] 13/Dec/2004
To: security-announce@...bolinux.co.jp
Message-Id: <200412131750.49195.security-announce@...bolinux.co.jp>
X-ML-Name: server-users-e
X-Mail-Count: 00039
X-MLServer: fml [fml 4.0 STABLE (20040215/4.0.4_BETA)](fml commands only mode); post only (only members can post)
X-ML-Info: If you have a question, send e-mail with the body
"help" (without quotes) to the address server-users-e-ctl@...bolinux.co.jp;
help=<mailto:server-users-e-ctl@...bolinux.co.jp?body=help>
User-Agent: KMail/1.5.4
Content-Disposition: inline
X-MIME-Autoconverted: from quoted-printable to 8bit by meigetsu.turbolinux.co.jp id iBD8ooH5014039
Mime-Version: 1.0
Content-Type: Text/Plain;
charset="us-ascii"
Content-Transfer-Encoding: 8bit
Content-Description: clearsigned data
Precedence: bulk
Lines: 159
List-Id: server-users-e.turbolinux.co.jp
List-Software: fml [fml 4.0 STABLE (20040215/4.0.4_BETA)]
List-Post: <mailto:server-users-e@...bolinux.co.jp>
List-Owner: <mailto:server-users-e-admin@...bolinux.co.jp>
List-Help: <mailto:server-users-e-ctl@...bolinux.co.jp?body=help>
List-Unsubscribe: <mailto:server-users-e-ctl@...bolinux.co.jp?body=unsubscribe>
Resent-From: security-announce@...bolinux.co.jp
Resent-To: server-users-e@...bolinux.co.jp (moderated)
Resent-Date: Mon, 13 Dec 2004 17:51:58 +0900
Resent-Message-Id: <200412131751.FMLAAB14047.server-users-e@...bolinux.co.jp>
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
This is an announcement only email list for the x86 architecture.
============================================================
Turbolinux Security Announcement 13/Dec/2004
============================================================
The following page contains the security information of Turbolinux Inc.
- Turbolinux Security Center
http://www.turbolinux.com/security/
(1) kernel -> Security & Bugfix
===========================================================
* kernel -> Security & Bugfix
===========================================================
More information:
The kernel package contains the Linux kernel -- the core of the Linux
operating system.
The following have been addressed:
- Numerous issues in the Linux ELF binary loader
- Issues relating to IDE DMA transfers which prevent installation on
machines with SiS chipsets using the SiS 962/963 IDE controller
- Null pointer dereferencing in the SG driver
- Kernel panic in the SG module caused by successive loading/unloading
of SCSI LLD kernel modules (i.e., successive calls to insmod/rmmod)
- Race condition in the usb-ehci module
- Deadlock condition in the memory manager with certain application-level
invocations of mutex_lock
- Quirks in the snd-intel8x0 module on some HP machines
- Kernel oops on USB CD devices
- A problem causing processes to be killed with "Out of Memory" errors
The following have been added/updated:
- 3c59x driver
- aic7xxx driver
- aic79xx driver
- ndisdriver (0.12) driver
- Support for 82597EX_LR by ixgb
- megaraid (v2.20.4.1) driver
- ext3 and xfs filesystem bug fixes and updates
Impact:
Affected Products:
- Turbolinux 10 Server
Solution:
Please use the turbopkg (zabom) tool to apply the necessary updates.
From KDE, click the K-menu (usually with the Turbolinux logo) and run
Turbo Update.
From the command line, use the commands below.
---------------------------------------------
# turboupdate
or
# zabom -u kernel kernel-extramodules kernel-headers kernel-numa \
kernel-pcmcia-cs kernel-smp kernel-smp64G kernel-source
---------------------------------------------
<Turbolinux 10 Server>
Source Packages
Size : MD5
ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/10/updates/SRPMS/kernel-2.6.8-3.src.rpm
55161164 0ca8e635c4ddbb235f2f83fc0acf7593
Binary Packages
Size : MD5
ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/10/updates/RPMS/kernel-2.6.8-3.i586.rpm
16448993 a4529057b9c3b6bf019806883e1331cd
ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/10/updates/RPMS/kernel-extramodules-2.6.8-3.i586.rpm
6838609 63f0d926c8183cd41543ec13eabe674a
ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/10/updates/RPMS/kernel-headers-2.6.8-3.i586.rpm
1894893 b3a3002daf1db85a46e3556470aa195f
ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/10/updates/RPMS/kernel-numa-2.6.8-3.i586.rpm
16248001 bb0f877d54a012e84028d45427ce9b6d
ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/10/updates/RPMS/kernel-pcmcia-cs-2.6.8-3.i586.rpm
334019 417d3e3c63b8529fa23ad49ec409583e
ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/10/updates/RPMS/kernel-smp-2.6.8-3.i586.rpm
16216652 b8a05fec8bf1da3a5303e993923e55eb
ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/10/updates/RPMS/kernel-smp64G-2.6.8-3.i586.rpm
16205367 87e1a7a968d46d035e29d6476adf9a62
ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/10/updates/RPMS/kernel-source-2.6.8-3.i586.rpm
32759397 2099739a50e643ec02348732051a6147
Notice: You must reboot your system for this (kernel) update to take effect.
References:
CVE
[CAN-2004-1070]
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1070
[CAN-2004-1071]
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1071
[CAN-2004-1072]
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1072
[CAN-2004-1073]
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1073
[CAN-2004-1074]
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1074
* You may need to update the turbopkg tool before applying the update.
Please refer to the following URL for detailed information.
http://www.turbolinux.com/download/zabom.html
http://www.turbolinux.com/download/zabomupdate.html
Package Update Path
http://www.turbolinux.com/update/
============================================================
* To obtain the public key
Here is the public key
http://www.turbolinux.com/security/
* To unsubscribe from the list
If you ever want to remove yourself from this mailing list,
you can send a message to <server-users-e-ctl@...bolinux.co.jp> with
the word `unsubscribe' in the body (don't include the quotes).
unsubscribe
* To change your email address
If you ever want to chage email address in this mailing list,
you can send a message to <server-users-e-ctl@...bolinux.co.jp> with
the following command in the message body:
chaddr 'old address' 'new address'
If you have any questions or problems, please contact
<supp_info@...bolinux.co.jp>
Thank you!
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.6 (GNU/Linux)
iD8DBQFBvVflK0LzjOqIJMwRAugXAJ4kdTgEmP7fNlQaldp36E244r7VlACcCdg7
qpyUBeD83kSOS83W0a6DJKo=
=Hn8D
-----END PGP SIGNATURE-----
Powered by blists - more mailing lists