11060888 2003-12-05 18:02 -0200 /161 rader/ Conectiva Updates <secure@conectiva.com.br> Importerad: 2003-12-05 22:25 av Brevbäraren Extern mottagare: conectiva-updates@papaleguas.conectiva.com.br Extern mottagare: lwn@lwn.net Extern mottagare: bugtraq@securityfocus.com Extern mottagare: security-alerts@linuxsecurity.com Extern mottagare: linsec@lists.seifried.org Mottagare: Bugtraq (import) <30213> Ärende: [CLA-2003:796] Conectiva Security Announcement - kernel ------------------------------------------------------------ From: Conectiva Updates <secure@conectiva.com.br> To: conectiva-updates@papaleguas.conectiva.com.br, lwn@lwn.net, bugtraq@securityfocus.com, security-alerts@linuxsecurity.com, linsec@lists.seifried.org Message-ID: <200312052002.SAA05867@frajuto.distro.conectiva> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - -------------------------------------------------------------------------- CONECTIVA LINUX SECURITY ANNOUNCEMENT - -------------------------------------------------------------------------- PACKAGE : kernel SUMMARY : Fix for local do_brk() vulnerability DATE : 2003-12-05 18:00:00 ID : CLA-2003:796 RELEVANT RELEASES : 8, 9 - ------------------------------------------------------------------------- DESCRIPTION The Linux kernel is responsible for handling the basic functions of the GNU/Linux operating system. A vulnerability in the do_brk() function allows local attackers to obtain root privileges. Exploits for this vulnerability have already been published. Additionally, the following vulnerabilities have been fixed in a previous kernel release which was available on the ftp server but lacked an official announcement: - CAN-2003-0550[2] and CAN-2003-0551[3]: fixes for the STP protocol - CAN-2003-0501[4]: fix for /proc/information disclosure - CAN-2003-0464[5]: fix for RPC code (affects only CL9) - CAN-2003-0476[6]: fix for the execve system call which could allow local users to gain access to restricted file descriptors Specific for Conectiva Linux 8 (already fixed in a previous announcement for CL9[7]): - CAN-2003-0619[8]: fix for XDR code - CAN-2003-0246[9]: ioperm fix - CAN-2003-0248[10]: mxcsr fix - CAN-2003-0364[11]: TCP/IP fragments denial of service - CAN-2003-0244[12]: denial of service in routing table - CAN-2003-0247[13]: denial of service in the TTY layer Starting with this update, Conectiva Linux 9 has support for the PPTP protocol, which also requires an update for the iptables package. SOLUTION It is recommended that all Conectiva Linux users upgrade the kernel package. IMPORTANT: exercise caution and preparation when upgrading the kernel, since it will require a reboot after the new packages are installed. In particular, Conectiva Linux 9 will most likely require an initrd file (which is automatically created in the /boot directory after the new packages are installed). Generic kernel update instructions can be obtained in the manuals and in our updates page[15]. More detailed instructions are also available in Portuguese at our Moin[14] page. REFERENCES 1.http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0961 2.http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0550 3.http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0551 4.http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0501 5.http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0464 6.http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0476 7.http://distro.conectiva.com.br/atualizacoes/index.php?id=a&anuncio=000701&idioma=en 8.http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0619 9.http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0246 10.http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0248 11.http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0364 12.http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0244 13.http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0247 14.https://moin.conectiva.com.br/UpdatingKernelPackages 15.http://www.conectiva.com.br/suporte/pr/sistema.kernel.atualizar.html UPDATED PACKAGES ftp://atualizacoes.conectiva.com.br/8/SRPMS/kernel-2.4.19-1U80_18cl.src.rpm ftp://atualizacoes.conectiva.com.br/8/RPMS/devfsd-2.4.19-1U80_18cl.i386.rpm ftp://atualizacoes.conectiva.com.br/8/RPMS/kernel-2.4.19-1U80_18cl.i386.rpm ftp://atualizacoes.conectiva.com.br/8/RPMS/kernel-2.4.19-1U80_18cl.i586.rpm ftp://atualizacoes.conectiva.com.br/8/RPMS/kernel-2.4.19-1U80_18cl.i686.rpm ftp://atualizacoes.conectiva.com.br/8/RPMS/kernel-BOOT-2.4.19-1U80_18cl.i386.rpm ftp://atualizacoes.conectiva.com.br/8/RPMS/kernel-doc-2.4.19-1U80_18cl.i386.rpm ftp://atualizacoes.conectiva.com.br/8/RPMS/kernel-enterprise-2.4.19-1U80_18cl.i686.rpm ftp://atualizacoes.conectiva.com.br/8/RPMS/kernel-headers-2.4.19-1U80_18cl.i386.rpm ftp://atualizacoes.conectiva.com.br/8/RPMS/kernel-rbc-2.4.19-1U80_18cl.i386.rpm ftp://atualizacoes.conectiva.com.br/8/RPMS/kernel-smp-2.4.19-1U80_18cl.i386.rpm ftp://atualizacoes.conectiva.com.br/8/RPMS/kernel-smp-2.4.19-1U80_18cl.i586.rpm ftp://atualizacoes.conectiva.com.br/8/RPMS/kernel-smp-2.4.19-1U80_18cl.i686.rpm ftp://atualizacoes.conectiva.com.br/8/RPMS/kernel-source-2.4.19-1U80_18cl.i386.rpm ftp://atualizacoes.conectiva.com.br/9/SRPMS/iptables-1.2.9-26694U90_1cl.src.rpm ftp://atualizacoes.conectiva.com.br/9/SRPMS/kernel24-2.4.21-31301U90_11cl.src.rpm ftp://atualizacoes.conectiva.com.br/9/RPMS/devfsd-2.4.21-31301U90_11cl.i386.rpm ftp://atualizacoes.conectiva.com.br/9/RPMS/iptables-1.2.9-26694U90_1cl.i386.rpm ftp://atualizacoes.conectiva.com.br/9/RPMS/kernel24-2.4.21-31301U90_11cl.i386.rpm ftp://atualizacoes.conectiva.com.br/9/RPMS/kernel24-2.4.21-31301U90_11cl.i586.rpm ftp://atualizacoes.conectiva.com.br/9/RPMS/kernel24-2.4.21-31301U90_11cl.i686.rpm ftp://atualizacoes.conectiva.com.br/9/RPMS/kernel24-BOOT-2.4.21-31301U90_11cl.i386.rpm ftp://atualizacoes.conectiva.com.br/9/RPMS/kernel24-doc-2.4.21-31301U90_11cl.i386.rpm ftp://atualizacoes.conectiva.com.br/9/RPMS/kernel24-enterprise-2.4.21-31301U90_11cl.i686.rpm ftp://atualizacoes.conectiva.com.br/9/RPMS/kernel24-headers-2.4.21-31301U90_11cl.i386.rpm ftp://atualizacoes.conectiva.com.br/9/RPMS/kernel24-rbc-2.4.21-31301U90_11cl.i386.rpm ftp://atualizacoes.conectiva.com.br/9/RPMS/kernel24-smp-2.4.21-31301U90_11cl.i386.rpm ftp://atualizacoes.conectiva.com.br/9/RPMS/kernel24-smp-2.4.21-31301U90_11cl.i586.rpm ftp://atualizacoes.conectiva.com.br/9/RPMS/kernel24-smp-2.4.21-31301U90_11cl.i686.rpm ftp://atualizacoes.conectiva.com.br/9/RPMS/kernel24-source-2.4.21-31301U90_11cl.i386.rpm ftp://atualizacoes.conectiva.com.br/9/RPMS/kernel24-2.4.21-31301U90_11cl.athlon.rpm ftp://atualizacoes.conectiva.com.br/9/RPMS/kernel24-enterprise-2.4.21-31301U90_11cl.athlon.rpm ftp://atualizacoes.conectiva.com.br/9/RPMS/kernel24-smp-2.4.21-31301U90_11cl.athlon.rpm ftp://atualizacoes.conectiva.com.br/9/RPMS/kernel24-2.4.21-31301U90_11cl.pentium4.rpm ftp://atualizacoes.conectiva.com.br/9/RPMS/kernel24-enterprise-2.4.21-31301U90_11cl.pentium4.rpm ftp://atualizacoes.conectiva.com.br/9/RPMS/kernel24-smp-2.4.21-31301U90_11cl.pentium4.rpm ADDITIONAL INSTRUCTIONS The apt tool can be used to perform RPM packages upgrades: - run: apt-get update - after that, execute: apt-get upgrade Detailed instructions reagarding the use of apt and upgrade examples can be found at http://distro.conectiva.com.br/atualizacoes/#apt?idioma=en - ------------------------------------------------------------------------- All packages are signed with Conectiva's GPG key. The key and instructions on how to import it can be found at http://distro.conectiva.com.br/seguranca/chave/?idioma=en Instructions on how to check the signatures of the RPM packages can be found at http://distro.conectiva.com.br/seguranca/politica/?idioma=en - ------------------------------------------------------------------------- All our advisories and generic update instructions can be viewed at http://distro.conectiva.com.br/atualizacoes/?idioma=en - ------------------------------------------------------------------------- Copyright (c) 2003 Conectiva Inc. http://www.conectiva.com - ------------------------------------------------------------------------- subscribe: conectiva-updates-subscribe@papaleguas.conectiva.com.br unsubscribe: conectiva-updates-unsubscribe@papaleguas.conectiva.com.br -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (GNU/Linux) Comment: For info see http://www.gnupg.org iD8DBQE/0ORl42jd0JmAcZARAt3kAKDZmeLbJhy+2RKWLY6ZzTzEppCgewCfX0n1 fz2ldPSluqJjjP89wHCRrbk= =fZeN -----END PGP SIGNATURE----- (11060888) /Conectiva Updates <secure@conectiva.com.br>/(Ombruten)