SCIENTIFIC-LINUX-ERRATA Archives

September 2007

SCIENTIFIC-LINUX-ERRATA@LISTSERV.FNAL.GOV
Options: Use Monospaced Font
Show Text Part by Default
Show All Mail Headers

Message: [<< First] [< Prev] [Next >] [Last >>]
Topic: [<< First] [< Prev] [Next >] [Last >>]
Author: [<< First] [< Prev] [Next >] [Last >>]

Print Reply
Subject:
Re: Security ERRATA for kernel on SL5.x i386/x86_64
From:
Troy Dawson <[log in to unmask]>
Reply To:
Troy Dawson <[log in to unmask]>
Date:
Tue, 18 Sep 2007 15:35:29 -0500
Content-Type:
text/plain
Parts/Attachments:
text/plain (119 lines) 
The upstream vendor has released the GFS modules for this kernel.  They are now 
in the errata area.

i386
   Dependencies:
	kmod-gfs-0.1.16-5.2.6.18_8.1.10.el5.i686.rpm
	kmod-gfs-PAE-0.1.16-5.2.6.18_8.1.10.el5.i686.rpm
	kmod-gfs-xen-0.1.16-5.2.6.18_8.1.10.el5.i686.rpm
	kmod-gnbd-0.1.3-4.2.6.18_8.1.10.el5.i686.rpm
	kmod-gnbd-PAE-0.1.3-4.2.6.18_8.1.10.el5.i686.rpm
	kmod-gnbd-xen-0.1.3-4.2.6.18_8.1.10.el5.i686.rpm
x86_64
   Dependencies:
	kmod-gfs-0.1.16-5.2.6.18_8.1.10.el5.x86_64.rpm
	kmod-gfs-xen-0.1.16-5.2.6.18_8.1.10.el5.x86_64.rpm
	kmod-gnbd-0.1.3-4.2.6.18_8.1.10.el5.x86_64.rpm
	kmod-gnbd-xen-0.1.3-4.2.6.18_8.1.10.el5.x86_64.rpm

Troy

Troy Dawson wrote:
> Synopsis:    Moderate: kernel security and bugfix update
> Issue date:    2007-09-04
> CVE Names:    CVE-2006-0558 CVE-2007-1217
> 
> * a flaw in the ISDN CAPI subsystem that allowed a remote user to cause a
> denial of service or potential remote access. Exploitation would require
> the attacker to be able to send arbitrary frames over the ISDN network to
> the victim's machine. (CVE-2007-1217, Moderate)
> 
> * a flaw in the perfmon subsystem on ia64 platforms that allowed a local
> user to cause a denial of service. (CVE-2006-0558, Moderate)
> 
> In addition, the following bugs were addressed:
> 
> * a panic after reloading of the LSI Fusion driver.
> 
> * a vm performance problem was corrected by balancing inactive page lists.
> 
> * added a nodirplus option to address NFSv3 performance issues with large
> directories.
> 
> * changed the personality handling to disallow personality changes of
> setuid and setgid binaries. This ensures they keep any randomization and
> Exec-shield protection.
> 
> SL 5.x
> 
>   SRPMS:
> 
>   i386:
>     kernel-2.6.18-8.1.10.el5.i686.rpm
>     kernel-devel-2.6.18-8.1.10.el5.i686.rpm
>     kernel-doc-2.6.18-8.1.10.el5.noarch.rpm
>     kernel-PAE-2.6.18-8.1.10.el5.i686.rpm
>     kernel-PAE-devel-2.6.18-8.1.10.el5.i686.rpm
>     kernel-xen-2.6.18-8.1.10.el5.i686.rpm
>     kernel-xen-devel-2.6.18-8.1.10.el5.i686.rpm
>   Dependancies:
> kernel-module-fuse-2.6.18-8.1.10.el5-2.6.3-1.el5.i686.rpm
> kernel-module-fuse-2.6.18-8.1.10.el5PAE-2.6.3-1.el5.i686.rpm
> kernel-module-fuse-2.6.18-8.1.10.el5xen-2.6.3-1.el5.i686.rpm
> kernel-module-ipw3945-2.6.18-8.1.10.el5-1.2.0-1.sl5.i686.rpm
> kernel-module-ipw3945-2.6.18-8.1.10.el5PAE-1.2.0-1.sl5.i686.rpm
> kernel-module-ipw3945-2.6.18-8.1.10.el5xen-1.2.0-1.sl5.i686.rpm
> kernel-module-madwifi-2.6.18-8.1.10.el5-0.9.3.1-11.sl5.i686.rpm
> kernel-module-madwifi-2.6.18-8.1.10.el5PAE-0.9.3.1-11.sl5.i686.rpm
> kernel-module-madwifi-2.6.18-8.1.10.el5xen-0.9.3.1-11.sl5.i686.rpm
> kernel-module-madwifi-hal-2.6.18-8.1.10.el5-0.9.3.1-11.sl5.i686.rpm
> kernel-module-madwifi-hal-2.6.18-8.1.10.el5PAE-0.9.3.1-11.sl5.i686.rpm
> kernel-module-madwifi-hal-2.6.18-8.1.10.el5xen-0.9.3.1-11.sl5.i686.rpm
> kernel-module-ndiswrapper-2.6.18-8.1.10.el5-1.41-1.SL.i686.rpm
> kernel-module-ndiswrapper-2.6.18-8.1.10.el5PAE-1.41-1.SL.i686.rpm
> kernel-module-ndiswrapper-2.6.18-8.1.10.el5xen-1.41-1.SL.i686.rpm
> kernel-module-openafs-2.6.18-8.1.10.el5-1.4.4-42.SL5.i686.rpm
> kernel-module-openafs-2.6.18-8.1.10.el5PAE-1.4.4-42.SL5.i686.rpm
> kernel-module-openafs-2.6.18-8.1.10.el5xen-1.4.4-42.SL5.i686.rpm
> kernel-module-r1000-2.6.18-8.1.10.el5-1.05-1.sl.i686.rpm
> kernel-module-r1000-2.6.18-8.1.10.el5PAE-1.05-1.sl.i686.rpm
> kernel-module-r1000-2.6.18-8.1.10.el5xen-1.05-1.sl.i686.rpm
> 
>   x86_64:
>     kernel-2.6.18-8.1.10.el5.x86_64.rpm
>     kernel-devel-2.6.18-8.1.10.el5.x86_64.rpm
>     kernel-headers-2.6.18-8.1.10.el5.x86_64.rpm
>     kernel-xen-2.6.18-8.1.10.el5.x86_64.rpm
>     kernel-xen-devel-2.6.18-8.1.10.el5.x86_64.rpm
>   Dependancies:
> kernel-module-fuse-2.6.18-8.1.10.el5-2.6.3-1.SL.x86_64.rpm
> kernel-module-fuse-2.6.18-8.1.10.el5xen-2.6.3-1.SL.x86_64.rpm
> kernel-module-ipw3945-2.6.18-8.1.10.el5-1.2.0-1.sl5.x86_64.rpm
> kernel-module-ipw3945-2.6.18-8.1.10.el5xen-1.2.0-1.sl5.x86_64.rpm
> kernel-module-madwifi-2.6.18-8.1.10.el5-0.9.3.1-11.sl5.x86_64.rpm
> kernel-module-madwifi-2.6.18-8.1.10.el5xen-0.9.3.1-11.sl5.x86_64.rpm
> kernel-module-madwifi-hal-2.6.18-8.1.10.el5-0.9.3.1-11.sl5.x86_64.rpm
> kernel-module-madwifi-hal-2.6.18-8.1.10.el5xen-0.9.3.1-11.sl5.x86_64.rpm
> kernel-module-ndiswrapper-2.6.18-8.1.10.el5-1.41-1.SL.x86_64.rpm
> kernel-module-ndiswrapper-2.6.18-8.1.10.el5xen-1.41-1.SL.x86_64.rpm
> kernel-module-openafs-2.6.18-8.1.10.el5-1.4.4-42.SL5.x86_64.rpm
> kernel-module-openafs-2.6.18-8.1.10.el5xen-1.4.4-42.SL5.x86_64.rpm
> kernel-module-r1000-2.6.18-8.1.10.el5-1.05-1.sl.x86_64.rpm
> kernel-module-r1000-2.6.18-8.1.10.el5xen-1.05-1.sl.x86_64.rpm
> 
> 
> Note: Source code for the updated GFS kernel modules has not been 
> released at this time.  We will get these out whenever they are released.
> 
> -Connie Sieh
> -Troy Dawson
> 
> 


-- 
__________________________________________________
Troy Dawson  [log in to unmask]  (630)840-6468
Fermilab  ComputingDivision/LCSI/CSI DSS Group
__________________________________________________

ATOM RSS1 RSS2