Linux Today: Linux News On Internet Time.
Search Linux Today
Linux News Sections:  Developer -  High Performance -  Infrastructure -  IT Management -  Security -  Storage -
Linux Today Navigation
LT Home
Contribute
Contribute
Link to Us
Linux Jobs


Top White Papers

More on LinuxToday


Mandrake Linux Security Update Advisory: kernel 2.4 update

Aug 29, 2001, 07:20 (4 Talkback[s])
Date: Tue, 28 Aug 2001 10:39:10 -0600
From: Linux Mandrake Security Team <security@linux-mandrake.com>
Subject: MDKSA-2001:071 - kernel 2.4 update

______________________________________________________________________

                Mandrake Linux Security Update Advisory
______________________________________________________________________

Package name:           kernel
Date:                   August 28th, 2001
Advisory ID:            MDKSA-2001:071

Affected versions:      8.0
______________________________________________________________________

Problem Description:

 A security hole was found in the earlier Linux 2.4 kernels dealing with
 iptables RELATED connection tracking.  The iptables ip_conntrack_ftp
 module, which is used for stateful inspection of FTP traffic, 
 does not validate parameters passed to it in an FTP PORT command.  Due
 to this flaw, carefully constructed PORT commands could open arbitrary
 holes in the firewall.  This hole has been fixed, as well as a number
 of other bugs for the 2.4 kernel shipped with Mandrake Linux 8.0

 NOTE: This update is not meant to be done via MandrakeUpdate!  You
 must download the necessary RPMs and upgrade manually by following
 these steps:

   1. Type: rpm -ivh kernel-2.4.7-12.3mdk.i586.rpm
   2. Type: mv kernel-2.4.7-12.3mdk.i586.rpm
   3. Type: rpm -Fvh *.rpm
   4. You may wish to edit /etc/lilo.conf to ensure a new entry is in
      place.  The new kernel will be the last entry.  Change any options
      you need to change.
   5. Type: /sbin/lilo -v

 You may then reboot and use the nwe kernel and remove the older kernel
 when you are comfortable using the upgraded one.
______________________________________________________________________

References:

  http://www.tempest.com.br/advisories/01-2001.html
______________________________________________________________________

Please verify the update prior to upgrading to ensure the integrity of
the downloaded package.  You can do this with the command:
  rpm --checksig package.rpm
You can get the GPG public key of the Mandrake Linux Security Team at
  http://www.linux-mandrake.com/en/security/RPM-GPG-KEYS
If you use MandrakeUpdate, the verification of md5 checksum and GPG
signature is performed automatically for you.

Mandrake Linux 8.0:
3470b59e9912d02e118acb89ac593fa9  8.0/RPMS/kernel-2.4.7-12.3mdk.i586.rpm
e9bde85b807e2cbaf528691dfdf7178e  8.0/RPMS/kernel-doc-2.4.7-12.3mdk.i586.rpm
6dc51e2681acf96a6f4379ce54cfc4be  8.0/RPMS/kernel-enterprise-2.4.7-12.3mdk.i586.rpm
2c6ad3ce5bc0f15c7f50e7bef5a4354f  8.0/RPMS/kernel-headers-2.4.7-12.3mdk.i586.rpm
7f1397224ea6e9057e4fea3ebe71272c  8.0/RPMS/kernel-pcmcia-cs-2.4.7-12.3mdk.i586.rpm
ce3ffe981f89dc0cee63578afb5bd0ed  8.0/RPMS/kernel-smp-2.4.7-12.3mdk.i586.rpm
388fe5f66c4ff1436619eaf1cf7f0044  8.0/RPMS/kernel-source-2.4.7-12.3mdk.i586.rpm
7c8d94b419292a19be53e24f850ad18b  8.0/RPMS/lm_utils-2.4.7_2.6.0-12.3mdk.i586.rpm
b23c2208ed7b7f13b3bf81dc9e64e8f5  8.0/RPMS/lm_utils-devel-2.4.7_2.6.0-12.3mdk.i586.rpm
2840a05e40c1f006716bf6d586386d47  8.0/RPMS/iptables-1.2.2-3.1mdk.i586.rpm
d9b13f5e779d6636cb193b5aecc25655  8.0/RPMS/iptables-ipv6-1.2.2-3.1mdk.i586.rpm
0a5f552da7f4d1a56b2b6eb3dcffd773  8.0/SRPMS/kernel-2.4.7-12.3mdk.src.rpm
dabf5f147c7c578bf994571125a31938  8.0/SRPMS/iptables-1.2.2-3.1mdk.src.rpm
______________________________________________________________________

Bug IDs fixed (see https://qa.mandrakesoft.com for more information):

______________________________________________________________________

If you want to upgrade manually, download the updated package from one
of our FTP server mirrors and upgrade with "rpm -Fvh *.rpm".

You can download the updates directly from one of the mirror sites
listed at:

  http://www.linux-mandrake.com/en/ftp.php3.

Updated packages are available in the "updates/[ver]/RPMS/" directory.
For example, if you are looking for an updated RPM package for
Mandrake Linux 8.0, look for it in "updates/8.0/RPMS/".  Updated source
RPMs are available as well, but you generally do not need to download
them.

Please be aware that sometimes it takes the mirrors a few hours to
update.

You can view other security advisories for Mandrake Linux at:

  http://www.linux-mandrake.com/en/security/

If you want to report vulnerabilities, please contact

  security@linux-mandrake.com
______________________________________________________________________

Mandrake Linux has two security-related mailing list services that
anyone can subscribe to:

security-announce@linux-mandrake.com

  Mandrake Linux's security announcements mailing list.  Only
  announcements are sent to this list and it is read-only.

security-discuss@linux-mandrake.com

  Mandrake Linux's security discussion mailing list.  This list is open
  to anyone to discuss Mandrake Linux security specifically and Linux
  security in general.

To subscribe to either list, send a message to
  sympa@linux-mandrake.com
with "subscribe [listname]" in the body of the message.

To remove yourself from either list, send a message to
  sympa@linux-mandrake.com
with "unsubscribe [listname]" in the body of the message.

To get more information on either list, send a message to
  sympa@linux-mandrake.com
with "info [listname]" in the body of the message.

Optionally, you can use the web interface to subscribe to or unsubscribe
from either list:

  http://www.linux-mandrake.com/en/flists.php3#security