|
|
| Top White Papers
Current Newswire:
Red Hat Linux Advisories: kernel, net-snmpDec 02, 2003, 20:13 (0 Talkback[s])Red Hat Security Advisory
1. Topic: Updated kernel packages are now available that fix a security vulnerability leading to a possible privilege escalation. 2. Relevant releases/architectures: Red Hat Linux 7.1 - athlon, i386, i586, i686 3. Problem description: The Linux kernel handles the basic functions of the operating system. A flaw in bounds checking in the do_brk() function in the Linux kernel versions 2.4.22 and previous can allow a local attacker to gain root privileges. This issue is known to be exploitable; an exploit has been seen in the wild that takes advantage of this vulnerability. The Common Vulnerabilities and Exposures project (cve.mitre.org/) has assigned the name CAN-2003-0961 to this issue. All users are advised to upgrade to these errata packages, which contain a backported security patch that corrects this vulnerability. Important: If you use Red Hat Linux 7.1, you must have installed quota-3.06-9.71 from RHSA-2003:187, and if you use Red Hat Linux 7.2 or 7.3, you must have installed quota-3.06-9.7 from RHSA-2003:187 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. To use Red Hat Network to upgrade the kernel, launch the Red Hat Update Agent with the following command: up2date This will start an interactive process that will result in the appropriate RPMs being upgraded on your system. Note that you need to select the kernel explicitly if you are using the default configuration of up2date. To install kernel packages manually, use "rpm -ivh <package>" and modify system settings to boot the kernel you have installed. To do this, edit /boot/grub/grub.conf and change the default entry to "default=0" (or, if you have chosen to use LILO as your boot loader, edit /etc/lilo.conf and run lilo) Do not use "rpm -Uvh" as that will remove your running kernel binaries from your system. You may use "rpm -e" to remove old kernels after determining that the new kernel functions properly on your system. 5. RPMs required: Red Hat Linux 7.1: SRPMS: athlon: i386: i586: i686: Red Hat Linux 7.2: SRPMS: athlon: i386: i586: i686: Red Hat Linux 7.3: SRPMS: athlon: i386: i586: i686: Red Hat Linux 8.0: SRPMS: athlon: i386: i586: i686: Red Hat Linux 9: SRPMS: athlon: i386: i586: i686: 6. Verification: MD5 sum Package Name d820f37c791df3f59e22e0f2f4aee4a8 7.1/en/os/SRPMS/kernel-2.4.20-24.7.src.rpm 172f574aa6055e4ed706abf395b4a9ab 7.1/en/os/athlon/kernel-2.4.20-24.7.athlon.rpm f7b7f5e5eafc31b541fe3a27bd48f408 7.1/en/os/athlon/kernel-smp-2.4.20-24.7.athlon.rpm 3ae94919218a7edce005c955f6b22776 7.1/en/os/i386/kernel-2.4.20-24.7.i386.rpm 6a4ab4889332208b048f4ef2fb7a190d 7.1/en/os/i386/kernel-BOOT-2.4.20-24.7.i386.rpm b10a9aff5af4ce2cf36252fd4b0f21a0 7.1/en/os/i386/kernel-doc-2.4.20-24.7.i386.rpm 5a88fec16c237e778518df03e62af071 7.1/en/os/i386/kernel-source-2.4.20-24.7.i386.rpm bacae6a71188c7e5e54c4a91434c67c4 7.1/en/os/i586/kernel-2.4.20-24.7.i586.rpm 945b720803753d1f60f6d4492b54ca6b 7.1/en/os/i586/kernel-smp-2.4.20-24.7.i586.rpm a6351fcc1a61054adf492f66da65f2d9 7.1/en/os/i686/kernel-2.4.20-24.7.i686.rpm fe052b2b749aa3d1abe449d3ea392cf9 7.1/en/os/i686/kernel-bigmem-2.4.20-24.7.i686.rpm 31128ef6e28b75ce451b4c3c00a0b1b7 7.1/en/os/i686/kernel-smp-2.4.20-24.7.i686.rpm d820f37c791df3f59e22e0f2f4aee4a8 7.2/en/os/SRPMS/kernel-2.4.20-24.7.src.rpm 172f574aa6055e4ed706abf395b4a9ab 7.2/en/os/athlon/kernel-2.4.20-24.7.athlon.rpm f7b7f5e5eafc31b541fe3a27bd48f408 7.2/en/os/athlon/kernel-smp-2.4.20-24.7.athlon.rpm 3ae94919218a7edce005c955f6b22776 7.2/en/os/i386/kernel-2.4.20-24.7.i386.rpm 6a4ab4889332208b048f4ef2fb7a190d 7.2/en/os/i386/kernel-BOOT-2.4.20-24.7.i386.rpm b10a9aff5af4ce2cf36252fd4b0f21a0 7.2/en/os/i386/kernel-doc-2.4.20-24.7.i386.rpm 5a88fec16c237e778518df03e62af071 7.2/en/os/i386/kernel-source-2.4.20-24.7.i386.rpm bacae6a71188c7e5e54c4a91434c67c4 7.2/en/os/i586/kernel-2.4.20-24.7.i586.rpm 945b720803753d1f60f6d4492b54ca6b 7.2/en/os/i586/kernel-smp-2.4.20-24.7.i586.rpm a6351fcc1a61054adf492f66da65f2d9 7.2/en/os/i686/kernel-2.4.20-24.7.i686.rpm fe052b2b749aa3d1abe449d3ea392cf9 7.2/en/os/i686/kernel-bigmem-2.4.20-24.7.i686.rpm 31128ef6e28b75ce451b4c3c00a0b1b7 7.2/en/os/i686/kernel-smp-2.4.20-24.7.i686.rpm d820f37c791df3f59e22e0f2f4aee4a8 7.3/en/os/SRPMS/kernel-2.4.20-24.7.src.rpm 172f574aa6055e4ed706abf395b4a9ab 7.3/en/os/athlon/kernel-2.4.20-24.7.athlon.rpm f7b7f5e5eafc31b541fe3a27bd48f408 7.3/en/os/athlon/kernel-smp-2.4.20-24.7.athlon.rpm 3ae94919218a7edce005c955f6b22776 7.3/en/os/i386/kernel-2.4.20-24.7.i386.rpm 6a4ab4889332208b048f4ef2fb7a190d 7.3/en/os/i386/kernel-BOOT-2.4.20-24.7.i386.rpm b10a9aff5af4ce2cf36252fd4b0f21a0 7.3/en/os/i386/kernel-doc-2.4.20-24.7.i386.rpm 5a88fec16c237e778518df03e62af071 7.3/en/os/i386/kernel-source-2.4.20-24.7.i386.rpm bacae6a71188c7e5e54c4a91434c67c4 7.3/en/os/i586/kernel-2.4.20-24.7.i586.rpm 945b720803753d1f60f6d4492b54ca6b 7.3/en/os/i586/kernel-smp-2.4.20-24.7.i586.rpm a6351fcc1a61054adf492f66da65f2d9 7.3/en/os/i686/kernel-2.4.20-24.7.i686.rpm fe052b2b749aa3d1abe449d3ea392cf9 7.3/en/os/i686/kernel-bigmem-2.4.20-24.7.i686.rpm 31128ef6e28b75ce451b4c3c00a0b1b7 7.3/en/os/i686/kernel-smp-2.4.20-24.7.i686.rpm f6f49ba606d4ef1a586f99c564b2499d 8.0/en/os/SRPMS/kernel-2.4.20-24.8.src.rpm 2244d511620477db15996ac6ac586ce6 8.0/en/os/athlon/kernel-2.4.20-24.8.athlon.rpm f73a9ab55bbf9cd43d83c16546a9a07a 8.0/en/os/athlon/kernel-smp-2.4.20-24.8.athlon.rpm 6c25fc68334cde596e183532d8b3483a 8.0/en/os/i386/kernel-2.4.20-24.8.i386.rpm c79ea815774a3cf3c00c89f36b34aacb 8.0/en/os/i386/kernel-BOOT-2.4.20-24.8.i386.rpm 3b9cf1a0a8db7fd4503a56d498a23878 8.0/en/os/i386/kernel-doc-2.4.20-24.8.i386.rpm c21153374e1847f47d29ecf99805c064 8.0/en/os/i386/kernel-source-2.4.20-24.8.i386.rpm 35da48234c032663cd5765a15cab8169 8.0/en/os/i586/kernel-2.4.20-24.8.i586.rpm 4dcbad37430e402267a991e1e8586586 8.0/en/os/i586/kernel-smp-2.4.20-24.8.i586.rpm 000e2b216d17a64b15a81dc27c21b453 8.0/en/os/i686/kernel-2.4.20-24.8.i686.rpm 062a3810a475c2dacb06c03234652e76 8.0/en/os/i686/kernel-bigmem-2.4.20-24.8.i686.rpm a66bd9c6f6da80b26a353a99f33b5f25 8.0/en/os/i686/kernel-smp-2.4.20-24.8.i686.rpm e68dc0c95aab8a27fbdd911925e7be0b 9/en/os/SRPMS/kernel-2.4.20-24.9.src.rpm cd422af233db0164be1a66f69278fb0e 9/en/os/athlon/kernel-2.4.20-24.9.athlon.rpm 60e111499188473b79aa7fe4dfc4f553 9/en/os/athlon/kernel-smp-2.4.20-24.9.athlon.rpm e732e2ea47e5b07ad3ccebcdb9f96743 9/en/os/i386/kernel-2.4.20-24.9.i386.rpm f00e2c660038c2689c23d28b20da63d7 9/en/os/i386/kernel-BOOT-2.4.20-24.9.i386.rpm 5f14574fc6248d02ea346adbf304a881 9/en/os/i386/kernel-doc-2.4.20-24.9.i386.rpm 536db3f62fb66ef96f6171c6f4788db4 9/en/os/i386/kernel-source-2.4.20-24.9.i386.rpm 423f4ef61689574ce915d9c393e50987 9/en/os/i586/kernel-2.4.20-24.9.i586.rpm 4121d90dfacd06d266d6b920c8b3b898 9/en/os/i586/kernel-smp-2.4.20-24.9.i586.rpm 84b5ebcabf19ed929120ecd70b3d09dc 9/en/os/i686/kernel-2.4.20-24.9.i686.rpm c95ab7333115db5be3a21c5d144db04b 9/en/os/i686/kernel-bigmem-2.4.20-24.9.i686.rpm 58a563ee017283fc7a2843d2a5888986 9/en/os/i686/kernel-smp-2.4.20-24.9.i686.rpm These packages are GPG signed by Red Hat for security. Our key is available from https://www.redhat.com/security/keys.html You can verify each package with the following command: rpm --checksig -v <filename> If you only wish to verify that each package has not been corrupted or tampered with, examine only the md5sum with the following command: md5sum <filename> 7. References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0961 8. Contact: The Red Hat security contact is <secalert@redhat.com>. More contact details at https://www.redhat.com/solutions/security/news/contact.html Copyright 2003 Red Hat, Inc. Red Hat Security Advisory
1. Topic: Updated Net-SNMP packages are available to correct a security vulnerability and other bugs. 2. Relevant releases/architectures: Red Hat Linux 8.0 - i386 3. Problem description: The Net-SNMP project includes various Simple Network Management Protocol (SNMP) tools. A security issue in Net-SNMP versions before 5.0.9 could allow an existing user/community to gain access to data in MIB objects that were explicitly excluded from their view. The Common Vulnerabilities and Exposures project (cve.mitre.org/) has assigned the name CAN-2003-0935 to this issue. Users of Net-SNMP are advised upgrade to these errata packages containing Net-SNMP 5.0.9 which is not vulnerable to this issue. In addition, Net-SNMP 5.0.9 fixes a number of other minor bugs. 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. To update all RPMs for your particular architecture, run: rpm -Fvh [filenames] where [filenames] is a list of the RPMs you wish to upgrade. Only those RPMs which are currently installed will be updated. Those RPMs which are not installed but included in the list will not be updated. Note that you can also use wildcards (*.rpm) if your current directory only contains the desired RPMs. Please note that this update is also available via Red Hat Network. Many people find this an easier way to apply updates. To use Red Hat Network, launch the Red Hat Update Agent with the following command: up2date This will start an interactive process that will result in the appropriate RPMs being upgraded on your system. 5. RPMs required: Red Hat Linux 8.0: SRPMS: i386: Red Hat Linux 9: SRPMS: i386: 6. Verification: MD5 sum Package Name 67d440e6f8a4c80f8a784b9379b0a729 8.0/en/os/SRPMS/net-snmp-5.0.9-2.80.1.src.rpm 8010acf4d3288e4fcb4aa27a969d5a80 8.0/en/os/i386/net-snmp-5.0.9-2.80.1.i386.rpm 4076d0807c65958adae8d9817f368214 8.0/en/os/i386/net-snmp-devel-5.0.9-2.80.1.i386.rpm 521cf4af9fecdbf5000262c9493a085e 8.0/en/os/i386/net-snmp-perl-5.0.9-2.80.1.i386.rpm 2346cea65b945ffae9f1f9f51596af51 8.0/en/os/i386/net-snmp-utils-5.0.9-2.80.1.i386.rpm 94392aa55c263bdcbb6449c1d3a11f64 9/en/os/SRPMS/net-snmp-5.0.9-2.90.1.src.rpm 919a0e6b483c3c2d535d9882c98d3dde 9/en/os/i386/net-snmp-5.0.9-2.90.1.i386.rpm 944e33a996abef958f336c23adc04c9a 9/en/os/i386/net-snmp-devel-5.0.9-2.90.1.i386.rpm 13a537163ee51961f014c87652ebc95c 9/en/os/i386/net-snmp-perl-5.0.9-2.90.1.i386.rpm e006694219c4e02ab63b7759bfeda409 9/en/os/i386/net-snmp-utils-5.0.9-2.90.1.i386.rpm These packages are GPG signed by Red Hat for security. Our key is available from https://www.redhat.com/security/keys.html You can verify each package with the following command: rpm --checksig -v <filename> If you only wish to verify that each package has not been corrupted or tampered with, examine only the md5sum with the following command: md5sum <filename> 7. References: http://sourceforge.net/forum/forum.php?forum_id=308015 8. Contact: The Red Hat security contact is <secalert@redhat.com>. More contact details at https://www.redhat.com/solutions/security/news/contact.html Copyright 2003 Red Hat, Inc.
0 Talkback[s]
(click to add your comment)
|
