[2542] in linux-security and linux-alert archive


home	help	back	first	fref	pref	prev	next	nref	lref	last	post
[RHSA-2001:129-05] New kernel 2.4 packages are available

daemon@ATHENA.MIT.EDU (bugzilla@redhat.com)
Sun Oct 21 08:59:06 2001

From: bugzilla@redhat.com
Content-Class: urn:content-classes:message
Message-ID: <2377c01c15a2f$1b4dc990$0c03ca0a@cp98suwbm01>
To: <jaymalone@msn.com>
Cc: <bugtraq@securityfocus.com>, <linux-security@redhat.com>
MIME-Version: 1.0
Content-Type: multipart/mixed;	boundary="-----mail5.uswest.net-1003463841-86642"
Errors-To: linux-security-admin@redhat.com
Date: Sun, 21 Oct 2001 05:51:31 -0700

This is a multi-part message in MIME format.

-------mail5.uswest.net-1003463841-86642
Content-Type: text/plain;
	charset="Windows-1252"
Content-Transfer-Encoding: 7bit

This email was forwarded from your previous Qwest.net email address
to your MSN email address.  To discontinue email forwarding for any
future emails sent to your previous Qwest.net email address, please
contact MSN Customer Service.


-------mail5.uswest.net-1003463841-86642
Content-Type: message/rfc822
Content-Transfer-Encoding: 7bit
Content-Description: forwarded message
Content-Disposition: inline

Received: (qmail 86588 invoked by uid 0); 19 Oct 2001 03:57:20 -0000
Received: from unknown (HELO outgoing.securityfocus.com) (66.38.151.27)
  by mail5.uswest.net with SMTP; 19 Oct 2001 03:57:20 -0000
Received: from lists.securityfocus.com (lists.securityfocus.com [66.38.151.19])
	by outgoing.securityfocus.com (Postfix) with QMQP
	id 4F8F7A30EE; Thu, 18 Oct 2001 21:44:08 -0600 (MDT)
Delivered-To: mailing list bugtraq@securityfocus.com
Delivered-To: moderator for bugtraq@securityfocus.com
Received: (qmail 19127 invoked from network); 18 Oct 2001 23:11:15 -0000
Date: Thu, 18 Oct 2001 18:42 -0400
Message-Id: <200110182242.f9IMgho24683@porkchop.redhat.com>
From: bugzilla@redhat.com
To: redhat-watch-list@redhat.com
Cc: bugtraq@securityfocus.com, linux-security@redhat.com
Mailing-List: contact bugtraq-help@securityfocus.com; run by ezmlm
Precedence: bulk
List-Id: <bugtraq.list-id.securityfocus.com>
List-Post: <mailto:bugtraq@securityfocus.com>
List-Help: <mailto:bugtraq-help@securityfocus.com>
List-Unsubscribe: <mailto:bugtraq-unsubscribe@securityfocus.com>
List-Subscribe: <mailto:bugtraq-subscribe@securityfocus.com>
Subject: [RHSA-2001:129-05] New kernel 2.4 packages are available
Mime-version: 1.0
Content-type: text/plain; charset="iso-8859-1"
Content-transfer-encoding: quoted-printable

---------------------------------------------------------------------
                   Red Hat, Inc. Red Hat Security Advisory

Synopsis:          New kernel 2.4 packages are available
Advisory ID:       RHSA-2001:129-05
Issue date:        2001-10-09
Updated on:        2001-10-18
Product:           Red Hat Linux
Keywords:          ptrace local root kernel
Cross references:=20=20
Obsoletes:=20=20=20=20=20=20=20=20=20
---------------------------------------------------------------------

1. Topic:

A vulnerability has been found in the ptrace code of the kernel (ptrace is
the part that allows program debuggers to run) that could be abused by
local users to gain root privileges.

2. Relevant releases/architectures:

Red Hat Linux 7.1 - alpha, i386, i586, i686, ia64, noarch

3. Problem description:



4. Solution:

Before applying this update, make sure all previously released errata
relevant to your system have been applied.=20

The procedure for upgrading the kernel is documented at:

http://www.redhat.com/support/docs/howto/kernel-upgrade/kernel-upgrade.html

Please read the directions for your architecture carefully before
proceeding with the kernel upgrade.

Please note that this update is also available via Red Hat Network.  Many
people find this to be an easier way to apply updates.  To use Red Hat
Network, launch the Red Hat Update Agent with the following command:

up2date

This will start an interactive process that will result in the appropriate
RPMs being upgraded on your system. Note that you need to select the kernel
explicitly on default configurations of up2date.

5. Bug IDs fixed (http://bugzilla.redhat.com/bugzilla for more info):



6. RPMs required:

Red Hat Linux 7.1:

SRPMS:
ftp://updates.redhat.com/7.1/en/os/SRPMS/kernel-2.4.9-6.src.rpm
ftp://updates.redhat.com/7.1/en/os/SRPMS/initscripts-5.84.1-1.src.rpm
ftp://updates.redhat.com/7.1/en/os/SRPMS/filesystem-2.1.0-2.1.src.rpm
ftp://updates.redhat.com/7.1/en/os/SRPMS/mkinitrd-3.2.6-1.src.rpm
ftp://updates.redhat.com/7.1/en/os/SRPMS/e2fsprogs-1.23-1.7.1.src.rpm
ftp://updates.redhat.com/7.1/en/os/SRPMS/tux-2.1.0-2.src.rpm
ftp://updates.redhat.com/7.1/en/os/SRPMS/modutils-2.4.6-4.src.rpm

alpha:
ftp://updates.redhat.com/7.1/en/os/alpha/kernel-2.4.9-6.alpha.rpm
ftp://updates.redhat.com/7.1/en/os/alpha/kernel-source-2.4.9-6.alpha.rpm
ftp://updates.redhat.com/7.1/en/os/alpha/kernel-headers-2.4.9-6.alpha.rpm
ftp://updates.redhat.com/7.1/en/os/alpha/kernel-doc-2.4.9-6.alpha.rpm
ftp://updates.redhat.com/7.1/en/os/alpha/kernel-smp-2.4.9-6.alpha.rpm
ftp://updates.redhat.com/7.1/en/os/alpha/kernel-BOOT-2.4.9-6.alpha.rpm
ftp://updates.redhat.com/7.1/en/os/alpha/initscripts-5.84.1-1.alpha.rpm
ftp://updates.redhat.com/7.1/en/os/alpha/mkinitrd-3.2.6-1.alpha.rpm
ftp://updates.redhat.com/7.1/en/os/alpha/e2fsprogs-1.23-1.7.1.alpha.rpm
ftp://updates.redhat.com/7.1/en/os/alpha/e2fsprogs-devel-1.23-1.7.1.alpha.r=
pm
ftp://updates.redhat.com/7.1/en/os/alpha/tux-2.1.0-2.alpha.rpm
ftp://updates.redhat.com/7.1/en/os/alpha/modutils-2.4.6-4.alpha.rpm

i386:
ftp://updates.redhat.com/7.1/en/os/i386/kernel-2.4.9-6.i386.rpm
ftp://updates.redhat.com/7.1/en/os/i386/kernel-source-2.4.9-6.i386.rpm
ftp://updates.redhat.com/7.1/en/os/i386/kernel-headers-2.4.9-6.i386.rpm
ftp://updates.redhat.com/7.1/en/os/i386/kernel-doc-2.4.9-6.i386.rpm
ftp://updates.redhat.com/7.1/en/os/i386/kernel-BOOT-2.4.9-6.i386.rpm
ftp://updates.redhat.com/7.1/en/os/i386/initscripts-5.84.1-1.i386.rpm
ftp://updates.redhat.com/7.1/en/os/i386/mkinitrd-3.2.6-1.i386.rpm
ftp://updates.redhat.com/7.1/en/os/i386/e2fsprogs-1.23-1.7.1.i386.rpm
ftp://updates.redhat.com/7.1/en/os/i386/e2fsprogs-devel-1.23-1.7.1.i386.rpm
ftp://updates.redhat.com/7.1/en/os/i386/tux-2.1.0-2.i386.rpm
ftp://updates.redhat.com/7.1/en/os/i386/modutils-2.4.6-4.i386.rpm

i586:
ftp://updates.redhat.com/7.1/en/os/i586/kernel-2.4.9-6.i586.rpm
ftp://updates.redhat.com/7.1/en/os/i586/kernel-smp-2.4.9-6.i586.rpm

i686:
ftp://updates.redhat.com/7.1/en/os/i686/kernel-2.4.9-6.i686.rpm
ftp://updates.redhat.com/7.1/en/os/i686/kernel-smp-2.4.9-6.i686.rpm
ftp://updates.redhat.com/7.1/en/os/i686/kernel-enterprise-2.4.9-6.i686.rpm

ia64:
ftp://updates.redhat.com/7.1/en/os/ia64/kernel-2.4.9-6.ia64.rpm
ftp://updates.redhat.com/7.1/en/os/ia64/kernel-source-2.4.9-6.ia64.rpm
ftp://updates.redhat.com/7.1/en/os/ia64/kernel-headers-2.4.9-6.ia64.rpm
ftp://updates.redhat.com/7.1/en/os/ia64/kernel-doc-2.4.9-6.ia64.rpm
ftp://updates.redhat.com/7.1/en/os/ia64/kernel-smp-2.4.9-6.ia64.rpm
ftp://updates.redhat.com/7.1/en/os/ia64/initscripts-5.84.1-1.ia64.rpm
ftp://updates.redhat.com/7.1/en/os/ia64/tux-2.1.0-2.ia64.rpm
ftp://updates.redhat.com/7.1/en/os/ia64/modutils-2.4.6-4.ia64.rpm

noarch:
ftp://updates.redhat.com/7.1/en/os/noarch/filesystem-2.1.0-2.1.noarch.rpm



7. Verification:

MD5 sum                           Package Name
--------------------------------------------------------------------------
c0de6c2dc68b7fd8c2387a609f831300 7.1/en/os/SRPMS/e2fsprogs-1.23-1.7.1.src.r=
pmf1b186064204b0847d65e5ed410326c0 7.1/en/os/SRPMS/filesystem-2.1.0-2.1.src=
rpm0a9eabee87e02f38daac18608c700602 7.1/en/os/SRPMS/initscripts-5.84.1-1.s=
rc.rpmade852159b65d73889ae3b6a81bca7fc 7.1/en/os/SRPMS/kernel-2.4.9-6.src.r=
pmafcbfa7fcb7c15bc39db1fd4fb7ceb0d 7.1/en/os/SRPMS/mkinitrd-3.2.6-1.src.rpm=
ceb368d11b19472703996d4a74a80b4b 7.1/en/os/SRPMS/modutils-2.4.6-4.src.rpm69=
ee0f556efb223f0b83cd242328777f 7.1/en/os/SRPMS/tux-2.1.0-2.src.rpm1b288a8f5=
6975831d016fd367f2fcf9a 7.1/en/os/alpha/e2fsprogs-1.23-1.7.1.alpha.rpm98335=
c23fa4002f5f7fbc4ddff7cf7f3 7.1/en/os/alpha/e2fsprogs-devel-1.23-1.7.1.alph=
a.rpm545c22afe254117c978f60508d617e21 7.1/en/os/alpha/initscripts-5.84.1-1.=
alpha.rpm6c7524b6c96ef1a8b0877041fa1b8713 7.1/en/os/alpha/kernel-2.4.9-6.al=
pha.rpmb81e3e4fcf47c2b69ec863fa3e38ba0c 7.1/en/os/alpha/kernel-BOOT-2.4.9-6=
alpha.rpmcc0e07a8431d3abb2213a47f4c035c18 7.1/en/os/alpha/kernel-doc-2.4.9=
-6.alpha.rpmcf170c33eed766795529a2fa25f5347f 7.1/en/os/alpha/kernel-headers=
-2.4.9-6.alpha.rpma06ef52b0f35d5b7cbf0bcbb6cf3c126 7.1/en/os/alpha/kernel-s=
mp-2.4.9-6.alpha.rpmee5d668bca79e61169dff2cac03923a9 7.1/en/os/alpha/kernel=
-source-2.4.9-6.alpha.rpm6b72c828a17d10d584e6a456ec58cb8e 7.1/en/os/alpha/m=
kinitrd-3.2.6-1.alpha.rpm523cb756275604b76df81edce0aa96dd 7.1/en/os/alpha/m=
odutils-2.4.6-4.alpha.rpm214ec9cb9c826f532aa22549215b624d 7.1/en/os/alpha/t=
ux-2.1.0-2.alpha.rpm10429f3d3ec1c0efb63cdabdc732d3f8 7.1/en/os/i386/e2fspro=
gs-1.23-1.7.1.i386.rpmf95277f4257eeaa1af44c0dc4f88c89d 7.1/en/os/i386/e2fsp=
rogs-devel-1.23-1.7.1.i386.rpm684f6a19a6b5a4a6ed12193216df7a28 7.1/en/os/i3=
86/initscripts-5.84.1-1.i386.rpm973a8b27ca9e8ee8a782f8828049d1a3 7.1/en/os/=
i386/kernel-2.4.9-6.i386.rpm03b81b6ee99298b80a639a566e010984 7.1/en/os/i386=
/kernel-BOOT-2.4.9-6.i386.rpm740a3a9798ac5c09dc63244cc68245ad 7.1/en/os/i38=
6/kernel-doc-2.4.9-6.i386.rpm87d776c849b1e5e0a3768200d9ea7905 7.1/en/os/i38=
6/kernel-headers-2.4.9-6.i386.rpm79fe87b50f4b246de850699e38a98b79 7.1/en/os=
/i386/kernel-source-2.4.9-6.i386.rpmfb4e7b2b6b75bc546ec5681fd6039bff 7.1/en=
/os/i386/mkinitrd-3.2.6-1.i386.rpm30bf3dada85275f85e77e5362eb4c008 7.1/en/o=
s/i386/modutils-2.4.6-4.i386.rpmddb1a483f925f7a9a15710b0ac463264 7.1/en/os/=
i386/tux-2.1.0-2.i386.rpm5791131b49492d35059cd9e9522fa93e 7.1/en/os/i586/ke=
rnel-2.4.9-6.i586.rpm835c39b74fc422bd71a35971680bbf59 7.1/en/os/i586/kernel=
-smp-2.4.9-6.i586.rpmc1ed1963d569389452c2d0af69a0820a 7.1/en/os/i686/kernel=
-2.4.9-6.i686.rpme26159a6f77e6c6be26cbe224616bf32 7.1/en/os/i686/kernel-ent=
erprise-2.4.9-6.i686.rpmfe3a3765b0f9f1271c22a961381f3ae1 7.1/en/os/i686/ker=
nel-smp-2.4.9-6.i686.rpm3c402853c7e902c63af9ee6a69347dc6 7.1/en/os/ia64/ini=
tscripts-5.84.1-1.ia64.rpm46300b1cd84ef06e2e22826501101bb5 7.1/en/os/ia64/k=
ernel-2.4.9-6.ia64.rpm97bea74c79f97f68e3527e487c69c700 7.1/en/os/ia64/kerne=
l-doc-2.4.9-6.ia64.rpm0c0ac573d838a737232ef460192e641b 7.1/en/os/ia64/kerne=
l-headers-2.4.9-6.ia64.rpmef0650b6f73a3e2451450ffa03a0ccfa 7.1/en/os/ia64/k=
ernel-smp-2.4.9-6.ia64.rpmfc2b5c49995bb3b4c656992325760ea8 7.1/en/os/ia64/k=
ernel-source-2.4.9-6.ia64.rpmc976c028f57bef2caa4da97f0d95dbc2 7.1/en/os/ia6=
4/modutils-2.4.6-4.ia64.rpm6b372e64d483bc180e63a9a58e10fcd6 7.1/en/os/ia64/=
tux-2.1.0-2.ia64.rpmcbebb62e10affc94f4896caf149dfac2 7.1/en/os/noarch/files=
ystem-2.1.0-2.1.noarch.rpm

These packages are GPG signed by Red Hat, Inc. for security.  Our key
is available at:
    http://www.redhat.com/about/contact/pgpkey.html

You can verify each package with the following command:
    rpm --checksig  <filename>

If you only wish to verify that each package has not been corrupted or
tampered with, examine only the md5sum with the following command:
    rpm --checksig --nogpg <filename>

8. References:




Copyright(c) 2000, 2001 Red Hat, Inc.


-------mail5.uswest.net-1003463841-86642--



_______________________________________________
Linux-security mailing list
Linux-security@redhat.com
https://listman.redhat.com/mailman/listinfo/linux-security

home	help	back	first	fref	pref	prev	next	nref	lref	last	post
[2542] in linux-security and linux-alert archive

[RHSA-2001:129-05] New kernel 2.4 packages are available

daemon@ATHENA.MIT.EDU (bugzilla@redhat.com)Sun Oct 21 08:59:06 2001

daemon@ATHENA.MIT.EDU (bugzilla@redhat.com)
Sun Oct 21 08:59:06 2001
