Subject: | |
From: | |
Reply To: | |
Date: | Mon, 25 Mar 2013 09:04:50 -0500 |
Content-Type: | text/plain |
Parts/Attachments: |
|
|
To address an issue with OpenIPMI not working with the new kernel, the
following packages were added to the sl-security repo:
i386:
OpenIPMI-2.0.16-14.el6.i686.rpm
OpenIPMI-devel-2.0.16-14.el6.i686.rpm
OpenIPMI-libs-2.0.16-14.el6.i686.rpm
OpenIPMI-perl-2.0.16-14.el6.i686.rpm
OpenIPMI-python-2.0.16-14.el6.i686.rpm
x86_64:
OpenIPMI-2.0.16-14.el6.x86_64.rpm
OpenIPMI-devel-2.0.16-14.el6.i686.rpm
OpenIPMI-devel-2.0.16-14.el6.x86_64.rpm
OpenIPMI-libs-2.0.16-14.el6.i686.rpm
OpenIPMI-libs-2.0.16-14.el6.x86_64.rpm
OpenIPMI-perl-2.0.16-14.el6.x86_64.rpm
OpenIPMI-python-2.0.16-14.el6.x86_64.rpm
On 03/14/2013 09:39 AM, Pat Riehecky wrote:
> Synopsis: Important: kernel security and bug fix update
> Issue Date: 2013-03-12
> CVE Numbers: CVE-2013-0228
> CVE-2013-0268
> --
>
> This update fixes the following security issues:
>
> * A flaw was found in the way the xen_iret() function in the Linux kernel
> used the DS (the CPU's Data Segment) register. A local, unprivileged user
> in a 32-bit, para-virtualized Xen hypervisor guest could use this flaw to
> crash the guest or, potentially, escalate their privileges.
> (CVE-2013-0228, Important)
>
> * A flaw was found in the way file permission checks for the
> "/dev/cpu/[x]/msr" files were performed in restricted root environments
> (for example, when using a capability-based security model). A local user
> with the ability to write to these files could use this flaw to escalate
> their privileges to kernel level, for example, by writing to the
> SYSENTER_EIP_MSR register. (CVE-2013-0268, Important)
>
> The system must be rebooted for this update to take effect.
> --
>
> SL6
> x86_64
> kernel-2.6.32-358.2.1.el6.x86_64.rpm
> kernel-debug-2.6.32-358.2.1.el6.x86_64.rpm
> kernel-debug-debuginfo-2.6.32-358.2.1.el6.x86_64.rpm
> kernel-debug-devel-2.6.32-358.2.1.el6.x86_64.rpm
> kernel-debuginfo-2.6.32-358.2.1.el6.x86_64.rpm
> kernel-debuginfo-common-x86_64-2.6.32-358.2.1.el6.x86_64.rpm
> kernel-devel-2.6.32-358.2.1.el6.x86_64.rpm
> kernel-headers-2.6.32-358.2.1.el6.x86_64.rpm
> perf-2.6.32-358.2.1.el6.x86_64.rpm
> perf-debuginfo-2.6.32-358.2.1.el6.x86_64.rpm
> python-perf-debuginfo-2.6.32-358.2.1.el6.x86_64.rpm
> python-perf-2.6.32-358.2.1.el6.x86_64.rpm
> i386
> kernel-2.6.32-358.2.1.el6.i686.rpm
> kernel-debug-2.6.32-358.2.1.el6.i686.rpm
> kernel-debug-debuginfo-2.6.32-358.2.1.el6.i686.rpm
> kernel-debug-devel-2.6.32-358.2.1.el6.i686.rpm
> kernel-debuginfo-2.6.32-358.2.1.el6.i686.rpm
> kernel-debuginfo-common-i686-2.6.32-358.2.1.el6.i686.rpm
> kernel-devel-2.6.32-358.2.1.el6.i686.rpm
> kernel-headers-2.6.32-358.2.1.el6.i686.rpm
> perf-2.6.32-358.2.1.el6.i686.rpm
> perf-debuginfo-2.6.32-358.2.1.el6.i686.rpm
> python-perf-debuginfo-2.6.32-358.2.1.el6.i686.rpm
> python-perf-2.6.32-358.2.1.el6.i686.rpm
> noarch
> kernel-doc-2.6.32-358.2.1.el6.noarch.rpm
> kernel-firmware-2.6.32-358.2.1.el6.noarch.rpm
>
> - Scientific Linux Development Team
--
Pat Riehecky
Scientific Linux developer
http://www.scientificlinux.org/
|
|
|