94398 2003-03-19 01:15 /119 rader/ Trustix Secure Linux Advisor <tsl@trustix.com>
Importerad: 2003-03-19 01:15 av Brevbäraren
Extern mottagare: bugtraq@securityfocus.com
Mottagare: Bugtraq (import) <4037>
Ärende: TSLSA-2003-0007 - kernel
------------------------------------------------------------
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
- --------------------------------------------------------------------------
Trustix Secure Linux Security Advisory #2003-0007
Package name: kernel
Summary: Local root compromise
Date: 2003-03-18
Affected versions: TSL 1.01, 1.1, 1.2, 1.5
- --------------------------------------------------------------------------
Package description:
The kernel package contains the Linux kernel (vmlinuz), the core of your
Trustix Secure Linux operating system. The kernel handles the basic
functions of the operating system: memory allocation, process allocation,
device input and output, etc.
Problem description:
From the announce of 2.2.25 posted on linux-kernel:
The Linux 2.2 and Linux 2.4 kernels have a flaw in ptrace. This hole
allows local users to obtain full privileges. Remote exploitation of
this hole is not possible.
Action:
We recommend that all systems with this package installed be upgraded.
Note that swup with the default config will not update kernel packages
so you will need to update this package manually.
Location:
All TSL updates are available from
<URI:http://www.trustix.net/pub/Trustix/updates/>
<URI:ftp://ftp.trustix.net/pub/Trustix/updates/>
About Trustix Secure Linux:
Trustix Secure Linux is a small Linux distribution for servers. With focus
on security and stability, the system is painlessly kept safe and up to
date from day one using swup, the automated software updater.
Automatic updates:
Users of the SWUP tool can enjoy having updates automatically
installed using 'swup --upgrade'.
Get SWUP from:
<URI:ftp://ftp.trustix.net/pub/Trustix/software/swup/>
Public testing:
These packages have been available for public testing for some time.
If you want to contribute by testing the various packages in the
testing tree, please feel free to share your findings on the
tsl-discuss mailinglist.
The testing tree is located at
<URI:http://www.trustix.net/pub/Trustix/testing/>
<URI:ftp://ftp.trustix.net/pub/Trustix/testing/>
Questions?
Check out our mailing lists:
<URI:http://www.trustix.net/support/>
Verification:
This advisory along with all TSL packages are signed with the TSL sign key.
This key is available from:
<URI:http://www.trustix.net/TSL-GPG-KEY>
The advisory itself is available from the errata pages at
<URI:http://www.trustix.net/errata/trustix-1.2/> and
<URI:http://www.trustix.net/errata/trustix-1.5/>
or directly at
<URI:http://www.trustix.net/errata/misc/2003/TSL-2003-0007-kernel.asc.txt>
MD5sums of the packages:
- --------------------------------------------------------------------------
3a813391c5e3c41c2be6b5657698a713 ./1.1/RPMS/kernel-2.2.25-1tr.i586.rpm
6844dab3ae60c81ddfa0b39925c3821a ./1.1/RPMS/kernel-BOOT-2.2.25-1tr.i586.rpm
4e594c41a5b19ae439f27f277bc4a483 ./1.1/RPMS/kernel-doc-2.2.25-1tr.i586.rpm
52b44d2455be7fd0a4b238e56e8e9089 ./1.1/RPMS/kernel-headers-2.2.25-1tr.i586.rpm
7bbb25d20ef63dde0362bad50a378cad ./1.1/RPMS/kernel-smp-2.2.25-1tr.i586.rpm
be6272bd4904ad9f5ad9bc9fd9099c39 ./1.1/RPMS/kernel-source-2.2.25-1tr.i586.rpm
2cb946c29af479e2c12b315332b93a2a ./1.1/RPMS/kernel-utils-2.2.25-1tr.i586.rpm
bb6e2b12fb318ed7f8c0148845088cdd ./1.1/SRPMS/kernel-2.2.25-1tr.src.rpm
d657bbcdadcdbe60ef7621c2277ca7cf ./1.2/RPMS/kernel-2.2.25-1tr.i586.rpm
26bc2857a91e3943d0d26ad9319bd6ba ./1.2/RPMS/kernel-BOOT-2.2.25-1tr.i586.rpm
9b43d240edf407c83005f4c96654a7e0 ./1.2/RPMS/kernel-doc-2.2.25-1tr.i586.rpm
eacc6962059222714297baf73ac987a4 ./1.2/RPMS/kernel-headers-2.2.25-1tr.i586.rpm
afae2d3b57ea12308f385feb84051bb1 ./1.2/RPMS/kernel-smp-2.2.25-1tr.i586.rpm
4afdd9eb008eb77e0c8f502ef4c05fd9 ./1.2/RPMS/kernel-source-2.2.25-1tr.i586.rpm
f91cb757fc53befbc01a3bc2b0008ea6 ./1.2/RPMS/kernel-utils-2.2.25-1tr.i586.rpm
bb6e2b12fb318ed7f8c0148845088cdd ./1.2/SRPMS/kernel-2.2.25-1tr.src.rpm
9c86ed92bfac30c5a9a1a2d5b671b86f ./1.5/RPMS/kernel-2.2.25-1tr.i586.rpm
409e3e14ca954bd93d0c978a2e9e38c6 ./1.5/RPMS/kernel-BOOT-2.2.25-1tr.i586.rpm
2f8c660387c0d8a210fee48bf533a9dc ./1.5/RPMS/kernel-doc-2.2.25-1tr.i586.rpm
20ed3c60fee709a86151447ae518ae75 ./1.5/RPMS/kernel-headers-2.2.25-1tr.i586.rpm
8ed0a58f326fad4ff013a4e1b0c817ba ./1.5/RPMS/kernel-smp-2.2.25-1tr.i586.rpm
d507848c0ae72cb3117d4d4c661cf218 ./1.5/RPMS/kernel-source-2.2.25-1tr.i586.rpm
fda33aab763b978e0ca04d5be166f921 ./1.5/RPMS/kernel-utils-2.2.25-1tr.i586.rpm
bb6e2b12fb318ed7f8c0148845088cdd ./1.5/SRPMS/kernel-2.2.25-1tr.src.rpm
- --------------------------------------------------------------------------
Trustix Security Team
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (GNU/Linux)
Comment: For info see http://www.gnupg.org
iD8DBQE+dynPwRTcg4BxxS0RAp3JAJ4jmiUXgqEXJ12GWmeuLIQZaQLycwCeMPW/
EL1MMFiiHWSC1faJgemuVk8=
=pxc3
-----END PGP SIGNATURE-----
(94398) /Trustix Secure Linux Advisor <tsl@trustix.com>/