Linux Today: Linux News On Internet Time.
Search Linux Today
Linux News Sections:  Developer -  High Performance -  Infrastructure -  IT Management -  Security -  Storage -
Linux Today Navigation
LT Home
Contribute
Contribute
Link to Us
Linux Jobs


More on LinuxToday


Advisories: May 2, 2005

May 03, 2005, 04:45 (0 Talkback[s])

Conectiva Linux


CONECTIVA LINUX SECURITY ANNOUNCEMENT

PACKAGE : kernel
SUMMARY : Kernel update
DATE : 2005-05-02 17:48:00
ID : CLA-2005:952
RELEVANT RELEASES : 10


DESCRIPTION
The Linux kernel is responsible for handling the basic functions of the GNU/Linux operating system.

The following security vulnerabilities are being fixed via this update:

  1. Integer overflow (CAN-2005-0736)[1]
    Georgi Guninski reported[2] an integer overflow in sys_epoll_wait in eventpoll.c which allows local users to overwrite kernel memory via a large number of events.
  2. PPP DoS (CAN-2005-0384)[3]
    Ben Martel and Stephen Blackheath have discovered a denial-of-service attack where a pppd client can cause a DoS condition on the server.
  3. ISO9660 range checking flaws (CAN-2005-0815)[4]
    Michal Zalewski reported[5] multiple "range checking flaws" in the ISO9660 filesystem handler which may allow attackers to cause a denial of service or corrupt memory via a crafted filesystem.
  4. Bluetooth vulnerability (CAN-2005-0750)[6]
    The suresec team reported[7] a vulnerability in the bluez_sock_create function in the Bluetooth stack which allows allows local users to gain privileges via a socket or socketpair call with a negative protocol value.
  5. Information leak in the ext2 filesystem (CAN-2005-0400)[8]
    The Arkoon Security Team reported[9] an information leak vulnerability in the ext2_make_empty function call. It does not properly initialize memory when creating a block for a new directory entry, which allows local users to obtain potentially sensitive information by reading the block.
  6. Local DoS (CAN-2005-0749)[10]
    The load_elf_library function in the Linux kernel allows local users to cause a denial of service condition via a crafted ELF library or executable, which causes a free of an invalid pointer.

The following additional fixes have also been made:

  • the NVidia driver has been updated to version 7174
  • the slmodem driver received a patch[12] to work with kernel versions 2.6.10 and higher

SOLUTION
It is recommended that all Conectiva Linux users perform the upgrade.

IMPORTANT: exercise caution and preparation when upgrading the kernel, since it will require a reboot after the new packages are installed. More detailed instructions are available in Portuguese at our Q&A page[11].

REFERENCES
1.http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0736
2.http://lists.grok.org.uk/pipermail/full-disclosure/2005-March/032314.html
3.http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0384
4.http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0815
5.http://marc.theaimsgroup.com/?l=bugtraq&m=111110067304783&w=2
6.http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0750
7.http://marc.theaimsgroup.com/?l=bugtraq&m=111204562102633&w=2
8.http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0400
9.http://arkoon.net/advisories/ext2-make-empty-leak.txt
10.http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0749
11.http://www.conectiva.com.br/suporte/pr/sistema.kernel.atualizar.html
12.http://www.datiku.com/documents/2610_migration.php

UPDATED PACKAGES
ftp://atualizacoes.conectiva.com.br/10/SRPMS/kernel26-2.6.11-72032U10_17cl.src.rpm
ftp://atualizacoes.conectiva.com.br/10/SRPMS/kernel26-module-drbd-2.6.11.72032U10_17cl.0.7.10-71801U10_6cl.src.rpm
ftp://atualizacoes.conectiva.com.br/10/SRPMS/kernel26-module-hsfmodem-2.6.11.72032U10_17cl.7.18.00.03full-63167U10_6cl.src.rpm
ftp://atualizacoes.conectiva.com.br/10/SRPMS/kernel26-module-madwifi-2.6.11.72032U10_17cl.20041216-63166U10_6cl.src.rpm
ftp://atualizacoes.conectiva.com.br/10/SRPMS/kernel26-module-ndiswrapper-2.6.11.72032U10_17cl.1.1-72907U10_4cl.src.rpm
ftp://atualizacoes.conectiva.com.br/10/SRPMS/kernel26-module-nvidia-2.6.11.72032U10_17cl.1.0.7174-71023U10_7cl.src.rpm
ftp://atualizacoes.conectiva.com.br/10/SRPMS/kernel26-module-slmodem-2.6.11.72032U10_17cl.2.9.10-63168U10_7cl.src.rpm
ftp://atualizacoes.conectiva.com.br/10/SRPMS/xfree86-driver-nvidia-1.0.7174-71010U10_2cl.src.rpm
ftp://atualizacoes.conectiva.com.br/10/RPMS/hsfmodem-progs-2.6.11.72032U10_17cl.7.18.00.03full-63167U10_6cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/10/RPMS/kernel26-2.6.11-72032U10_17cl.athlon.rpm
ftp://atualizacoes.conectiva.com.br/10/RPMS/kernel26-2.6.11-72032U10_17cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/10/RPMS/kernel26-2.6.11-72032U10_17cl.i586.rpm
ftp://atualizacoes.conectiva.com.br/10/RPMS/kernel26-2.6.11-72032U10_17cl.i686.rpm
ftp://atualizacoes.conectiva.com.br/10/RPMS/kernel26-2.6.11-72032U10_17cl.pentium4.rpm
ftp://atualizacoes.conectiva.com.br/10/RPMS/kernel26-BOOT-2.6.11-72032U10_17cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/10/RPMS/kernel26-BOOT-module-drbd-2.6.11.72032U10_17cl.0.7.10-71801U10_6cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/10/RPMS/kernel26-BOOT-module-hsfmodem-2.6.11.72032U10_17cl.7.18.00.03full-63167U10_6cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/10/RPMS/kernel26-BOOT-module-madwifi-2.6.11.72032U10_17cl.20041216-63166U10_6cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/10/RPMS/kernel26-BOOT-module-ndiswrapper-2.6.11.72032U10_17cl.1.1-72907U10_4cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/10/RPMS/kernel26-BOOT-module-nvidia-2.6.11.72032U10_17cl.1.0.7174-71023U10_7cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/10/RPMS/kernel26-BOOT-module-slmodem-2.6.11.72032U10_17cl.2.9.10-63168U10_7cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/10/RPMS/kernel26-doc-2.6.11-72032U10_17cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/10/RPMS/kernel26-enterprise-2.6.11-72032U10_17cl.athlon.rpm
ftp://atualizacoes.conectiva.com.br/10/RPMS/kernel26-enterprise-2.6.11-72032U10_17cl.i686.rpm
ftp://atualizacoes.conectiva.com.br/10/RPMS/kernel26-enterprise-2.6.11-72032U10_17cl.pentium4.rpm
ftp://atualizacoes.conectiva.com.br/10/RPMS/kernel26-enterprise-module-drbd-2.6.11.72032U10_17cl.0.7.10-71801U10_6cl.athlon.rpm
ftp://atualizacoes.conectiva.com.br/10/RPMS/kernel26-enterprise-module-drbd-2.6.11.72032U10_17cl.0.7.10-71801U10_6cl.i686.rpm
ftp://atualizacoes.conectiva.com.br/10/RPMS/kernel26-enterprise-module-drbd-2.6.11.72032U10_17cl.0.7.10-71801U10_6cl.pentium4.rpm
ftp://atualizacoes.conectiva.com.br/10/RPMS/kernel26-enterprise-module-hsfmodem-2.6.11.72032U10_17cl.7.18.00.03full-63167U10_6cl.athlon.rpm
ftp://atualizacoes.conectiva.com.br/10/RPMS/kernel26-enterprise-module-hsfmodem-2.6.11.72032U10_17cl.7.18.00.03full-63167U10_6cl.i686.rpm
ftp://atualizacoes.conectiva.com.br/10/RPMS/kernel26-enterprise-module-hsfmodem-2.6.11.72032U10_17cl.7.18.00.03full-63167U10_6cl.pentium4.rpm
ftp://atualizacoes.conectiva.com.br/10/RPMS/kernel26-enterprise-module-madwifi-2.6.11.72032U10_17cl.20041216-63166U10_6cl.athlon.rpm
ftp://atualizacoes.conectiva.com.br/10/RPMS/kernel26-enterprise-module-madwifi-2.6.11.72032U10_17cl.20041216-63166U10_6cl.i686.rpm
ftp://atualizacoes.conectiva.com.br/10/RPMS/kernel26-enterprise-module-madwifi-2.6.11.72032U10_17cl.20041216-63166U10_6cl.pentium4.rpm
ftp://atualizacoes.conectiva.com.br/10/RPMS/kernel26-enterprise-module-ndiswrapper-2.6.11.72032U10_17cl.1.1-72907U10_4cl.athlon.rpm
ftp://atualizacoes.conectiva.com.br/10/RPMS/kernel26-enterprise-module-ndiswrapper-2.6.11.72032U10_17cl.1.1-72907U10_4cl.i686.rpm
ftp://atualizacoes.conectiva.com.br/10/RPMS/kernel26-enterprise-module-ndiswrapper-2.6.11.72032U10_17cl.1.1-72907U10_4cl.pentium4.rpm
ftp://atualizacoes.conectiva.com.br/10/RPMS/kernel26-enterprise-module-nvidia-2.6.11.72032U10_17cl.1.0.7174-71023U10_7cl.athlon.rpm
ftp://atualizacoes.conectiva.com.br/10/RPMS/kernel26-enterprise-module-nvidia-2.6.11.72032U10_17cl.1.0.7174-71023U10_7cl.i686.rpm
ftp://atualizacoes.conectiva.com.br/10/RPMS/kernel26-enterprise-module-nvidia-2.6.11.72032U10_17cl.1.0.7174-71023U10_7cl.pentium4.rpm
ftp://atualizacoes.conectiva.com.br/10/RPMS/kernel26-enterprise-module-slmodem-2.6.11.72032U10_17cl.2.9.10-63168U10_7cl.athlon.rpm
ftp://atualizacoes.conectiva.com.br/10/RPMS/kernel26-enterprise-module-slmodem-2.6.11.72032U10_17cl.2.9.10-63168U10_7cl.i686.rpm
ftp://atualizacoes.conectiva.com.br/10/RPMS/kernel26-enterprise-module-slmodem-2.6.11.72032U10_17cl.2.9.10-63168U10_7cl.pentium4.rpm
ftp://atualizacoes.conectiva.com.br/10/RPMS/kernel26-highmem-2.6.11-72032U10_17cl.athlon.rpm
ftp://atualizacoes.conectiva.com.br/10/RPMS/kernel26-highmem-2.6.11-72032U10_17cl.i686.rpm
ftp://atualizacoes.conectiva.com.br/10/RPMS/kernel26-highmem-2.6.11-72032U10_17cl.pentium4.rpm
ftp://atualizacoes.conectiva.com.br/10/RPMS/kernel26-highmem-module-drbd-2.6.11.72032U10_17cl.0.7.10-71801U10_6cl.athlon.rpm
ftp://atualizacoes.conectiva.com.br/10/RPMS/kernel26-highmem-module-drbd-2.6.11.72032U10_17cl.0.7.10-71801U10_6cl.i686.rpm
ftp://atualizacoes.conectiva.com.br/10/RPMS/kernel26-highmem-module-drbd-2.6.11.72032U10_17cl.0.7.10-71801U10_6cl.pentium4.rpm
ftp://atualizacoes.conectiva.com.br/10/RPMS/kernel26-highmem-module-hsfmodem-2.6.11.72032U10_17cl.7.18.00.03full-63167U10_6cl.athlon.rpm
ftp://atualizacoes.conectiva.com.br/10/RPMS/kernel26-highmem-module-hsfmodem-2.6.11.72032U10_17cl.7.18.00.03full-63167U10_6cl.i686.rpm
ftp://atualizacoes.conectiva.com.br/10/RPMS/kernel26-highmem-module-hsfmodem-2.6.11.72032U10_17cl.7.18.00.03full-63167U10_6cl.pentium4.rpm
ftp://atualizacoes.conectiva.com.br/10/RPMS/kernel26-highmem-module-madwifi-2.6.11.72032U10_17cl.20041216-63166U10_6cl.athlon.rpm
ftp://atualizacoes.conectiva.com.br/10/RPMS/kernel26-highmem-module-madwifi-2.6.11.72032U10_17cl.20041216-63166U10_6cl.i686.rpm
ftp://atualizacoes.conectiva.com.br/10/RPMS/kernel26-highmem-module-madwifi-2.6.11.72032U10_17cl.20041216-63166U10_6cl.pentium4.rpm
ftp://atualizacoes.conectiva.com.br/10/RPMS/kernel26-highmem-module-ndiswrapper-2.6.11.72032U10_17cl.1.1-72907U10_4cl.athlon.rpm
ftp://atualizacoes.conectiva.com.br/10/RPMS/kernel26-smp-2.6.11-72032U10_17cl.athlon.rpm
ftp://atualizacoes.conectiva.com.br/10/RPMS/kernel26-highmem-module-ndiswrapper-2.6.11.72032U10_17cl.1.1-72907U10_4cl.i686.rpm
ftp://atualizacoes.conectiva.com.br/10/RPMS/kernel26-highmem-module-ndiswrapper-2.6.11.72032U10_17cl.1.1-72907U10_4cl.pentium4.rpm
ftp://atualizacoes.conectiva.com.br/10/RPMS/kernel26-highmem-module-nvidia-2.6.11.72032U10_17cl.1.0.7174-71023U10_7cl.athlon.rpm
ftp://atualizacoes.conectiva.com.br/10/RPMS/kernel26-highmem-module-nvidia-2.6.11.72032U10_17cl.1.0.7174-71023U10_7cl.i686.rpm
ftp://atualizacoes.conectiva.com.br/10/RPMS/kernel26-highmem-module-nvidia-2.6.11.72032U10_17cl.1.0.7174-71023U10_7cl.pentium4.rpm
ftp://atualizacoes.conectiva.com.br/10/RPMS/kernel26-highmem-module-slmodem-2.6.11.72032U10_17cl.2.9.10-63168U10_7cl.athlon.rpm
ftp://atualizacoes.conectiva.com.br/10/RPMS/kernel26-highmem-module-slmodem-2.6.11.72032U10_17cl.2.9.10-63168U10_7cl.i686.rpm
ftp://atualizacoes.conectiva.com.br/10/RPMS/kernel26-highmem-module-slmodem-2.6.11.72032U10_17cl.2.9.10-63168U10_7cl.pentium4.rpm
ftp://atualizacoes.conectiva.com.br/10/RPMS/kernel26-highmem-smp-2.6.11-72032U10_17cl.athlon.rpm
ftp://atualizacoes.conectiva.com.br/10/RPMS/kernel26-highmem-smp-2.6.11-72032U10_17cl.i686.rpm
ftp://atualizacoes.conectiva.com.br/10/RPMS/kernel26-highmem-smp-2.6.11-72032U10_17cl.pentium4.rpm
ftp://atualizacoes.conectiva.com.br/10/RPMS/kernel26-highmem-smp-module-drbd-2.6.11.72032U10_17cl.0.7.10-71801U10_6cl.athlon.rpm
ftp://atualizacoes.conectiva.com.br/10/RPMS/kernel26-highmem-smp-module-drbd-2.6.11.72032U10_17cl.0.7.10-71801U10_6cl.i686.rpm
ftp://atualizacoes.conectiva.com.br/10/RPMS/kernel26-highmem-smp-module-drbd-2.6.11.72032U10_17cl.0.7.10-71801U10_6cl.pentium4.rpm
ftp://atualizacoes.conectiva.com.br/10/RPMS/kernel26-highmem-smp-module-hsfmodem-2.6.11.72032U10_17cl.7.18.00.03full-63167U10_6cl.athlon.rpm
ftp://atualizacoes.conectiva.com.br/10/RPMS/kernel26-highmem-smp-module-hsfmodem-2.6.11.72032U10_17cl.7.18.00.03full-63167U10_6cl.i686.rpm
ftp://atualizacoes.conectiva.com.br/10/RPMS/kernel26-highmem-smp-module-hsfmodem-2.6.11.72032U10_17cl.7.18.00.03full-63167U10_6cl.pentium4.rpm
ftp://atualizacoes.conectiva.com.br/10/RPMS/kernel26-highmem-smp-module-madwifi-2.6.11.72032U10_17cl.20041216-63166U10_6cl.athlon.rpm
ftp://atualizacoes.conectiva.com.br/10/RPMS/kernel26-highmem-smp-module-madwifi-2.6.11.72032U10_17cl.20041216-63166U10_6cl.i686.rpm
ftp://atualizacoes.conectiva.com.br/10/RPMS/kernel26-highmem-smp-module-madwifi-2.6.11.72032U10_17cl.20041216-63166U10_6cl.pentium4.rpm
ftp://atualizacoes.conectiva.com.br/10/RPMS/kernel26-highmem-smp-module-ndiswrapper-2.6.11.72032U10_17cl.1.1-72907U10_4cl.athlon.rpm
ftp://atualizacoes.conectiva.com.br/10/RPMS/kernel26-highmem-smp-module-ndiswrapper-2.6.11.72032U10_17cl.1.1-72907U10_4cl.i686.rpm
ftp://atualizacoes.conectiva.com.br/10/RPMS/kernel26-highmem-smp-module-ndiswrapper-2.6.11.72032U10_17cl.1.1-72907U10_4cl.pentium4.rpm
ftp://atualizacoes.conectiva.com.br/10/RPMS/kernel26-highmem-smp-module-nvidia-2.6.11.72032U10_17cl.1.0.7174-71023U10_7cl.athlon.rpm
ftp://atualizacoes.conectiva.com.br/10/RPMS/kernel26-highmem-smp-module-nvidia-2.6.11.72032U10_17cl.1.0.7174-71023U10_7cl.i686.rpm
ftp://atualizacoes.conectiva.com.br/10/RPMS/kernel26-highmem-smp-module-nvidia-2.6.11.72032U10_17cl.1.0.7174-71023U10_7cl.pentium4.rpm
ftp://atualizacoes.conectiva.com.br/10/RPMS/kernel26-highmem-smp-module-slmodem-2.6.11.72032U10_17cl.2.9.10-63168U10_7cl.athlon.rpm
ftp://atualizacoes.conectiva.com.br/10/RPMS/kernel26-highmem-smp-module-slmodem-2.6.11.72032U10_17cl.2.9.10-63168U10_7cl.i686.rpm
ftp://atualizacoes.conectiva.com.br/10/RPMS/kernel26-highmem-smp-module-slmodem-2.6.11.72032U10_17cl.2.9.10-63168U10_7cl.pentium4.rpm
ftp://atualizacoes.conectiva.com.br/10/RPMS/kernel26-module-drbd-2.6.11.72032U10_17cl.0.7.10-71801U10_6cl.athlon.rpm
ftp://atualizacoes.conectiva.com.br/10/RPMS/kernel26-module-drbd-2.6.11.72032U10_17cl.0.7.10-71801U10_6cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/10/RPMS/kernel26-module-drbd-2.6.11.72032U10_17cl.0.7.10-71801U10_6cl.i586.rpm
ftp://atualizacoes.conectiva.com.br/10/RPMS/kernel26-module-drbd-2.6.11.72032U10_17cl.0.7.10-71801U10_6cl.i686.rpm
ftp://atualizacoes.conectiva.com.br/10/RPMS/kernel26-module-drbd-2.6.11.72032U10_17cl.0.7.10-71801U10_6cl.pentium4.rpm
ftp://atualizacoes.conectiva.com.br/10/RPMS/kernel26-module-hsfmodem-2.6.11.72032U10_17cl.7.18.00.03full-63167U10_6cl.athlon.rpm
ftp://atualizacoes.conectiva.com.br/10/RPMS/kernel26-module-hsfmodem-2.6.11.72032U10_17cl.7.18.00.03full-63167U10_6cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/10/RPMS/kernel26-module-hsfmodem-2.6.11.72032U10_17cl.7.18.00.03full-63167U10_6cl.i586.rpm
ftp://atualizacoes.conectiva.com.br/10/RPMS/kernel26-module-hsfmodem-2.6.11.72032U10_17cl.7.18.00.03full-63167U10_6cl.i686.rpm
ftp://atualizacoes.conectiva.com.br/10/RPMS/kernel26-module-hsfmodem-2.6.11.72032U10_17cl.7.18.00.03full-63167U10_6cl.pentium4.rpm
ftp://atualizacoes.conectiva.com.br/10/RPMS/kernel26-module-madwifi-2.6.11.72032U10_17cl.20041216-63166U10_6cl.athlon.rpm
ftp://atualizacoes.conectiva.com.br/10/RPMS/kernel26-module-madwifi-2.6.11.72032U10_17cl.20041216-63166U10_6cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/10/RPMS/kernel26-module-madwifi-2.6.11.72032U10_17cl.20041216-63166U10_6cl.i586.rpm
ftp://atualizacoes.conectiva.com.br/10/RPMS/kernel26-module-madwifi-2.6.11.72032U10_17cl.20041216-63166U10_6cl.i686.rpm
ftp://atualizacoes.conectiva.com.br/10/RPMS/kernel26-module-madwifi-2.6.11.72032U10_17cl.20041216-63166U10_6cl.pentium4.rpm
ftp://atualizacoes.conectiva.com.br/10/RPMS/kernel26-module-ndiswrapper-2.6.11.72032U10_17cl.1.1-72907U10_4cl.athlon.rpm
ftp://atualizacoes.conectiva.com.br/10/RPMS/kernel26-module-ndiswrapper-2.6.11.72032U10_17cl.1.1-72907U10_4cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/10/RPMS/kernel26-module-ndiswrapper-2.6.11.72032U10_17cl.1.1-72907U10_4cl.i586.rpm
ftp://atualizacoes.conectiva.com.br/10/RPMS/kernel26-module-ndiswrapper-2.6.11.72032U10_17cl.1.1-72907U10_4cl.i686.rpm
ftp://atualizacoes.conectiva.com.br/10/RPMS/kernel26-module-ndiswrapper-2.6.11.72032U10_17cl.1.1-72907U10_4cl.pentium4.rpm
ftp://atualizacoes.conectiva.com.br/10/RPMS/kernel26-module-nvidia-2.6.11.72032U10_17cl.1.0.7174-71023U10_7cl.athlon.rpm
ftp://atualizacoes.conectiva.com.br/10/RPMS/kernel26-module-nvidia-2.6.11.72032U10_17cl.1.0.7174-71023U10_7cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/10/RPMS/kernel26-module-nvidia-2.6.11.72032U10_17cl.1.0.7174-71023U10_7cl.i586.rpm
ftp://atualizacoes.conectiva.com.br/10/RPMS/kernel26-module-nvidia-2.6.11.72032U10_17cl.1.0.7174-71023U10_7cl.i686.rpm
ftp://atualizacoes.conectiva.com.br/10/RPMS/kernel26-module-nvidia-2.6.11.72032U10_17cl.1.0.7174-71023U10_7cl.pentium4.rpm
ftp://atualizacoes.conectiva.com.br/10/RPMS/kernel26-module-slmodem-2.6.11.72032U10_17cl.2.9.10-63168U10_7cl.athlon.rpm
ftp://atualizacoes.conectiva.com.br/10/RPMS/kernel26-module-slmodem-2.6.11.72032U10_17cl.2.9.10-63168U10_7cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/10/RPMS/kernel26-module-slmodem-2.6.11.72032U10_17cl.2.9.10-63168U10_7cl.i586.rpm
ftp://atualizacoes.conectiva.com.br/10/RPMS/kernel26-module-slmodem-2.6.11.72032U10_17cl.2.9.10-63168U10_7cl.i686.rpm
ftp://atualizacoes.conectiva.com.br/10/RPMS/kernel26-module-slmodem-2.6.11.72032U10_17cl.2.9.10-63168U10_7cl.pentium4.rpm
ftp://atualizacoes.conectiva.com.br/10/RPMS/kernel26-smp-2.6.11-72032U10_17cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/10/RPMS/kernel26-smp-2.6.11-72032U10_17cl.i586.rpm
ftp://atualizacoes.conectiva.com.br/10/RPMS/kernel26-smp-2.6.11-72032U10_17cl.i686.rpm
ftp://atualizacoes.conectiva.com.br/10/RPMS/kernel26-smp-2.6.11-72032U10_17cl.pentium4.rpm
ftp://atualizacoes.conectiva.com.br/10/RPMS/kernel26-smp-module-drbd-2.6.11.72032U10_17cl.0.7.10-71801U10_6cl.athlon.rpm
ftp://atualizacoes.conectiva.com.br/10/RPMS/kernel26-smp-module-drbd-2.6.11.72032U10_17cl.0.7.10-71801U10_6cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/10/RPMS/kernel26-smp-module-drbd-2.6.11.72032U10_17cl.0.7.10-71801U10_6cl.i586.rpm
ftp://atualizacoes.conectiva.com.br/10/RPMS/kernel26-smp-module-drbd-2.6.11.72032U10_17cl.0.7.10-71801U10_6cl.i686.rpm
ftp://atualizacoes.conectiva.com.br/10/RPMS/kernel26-smp-module-drbd-2.6.11.72032U10_17cl.0.7.10-71801U10_6cl.pentium4.rpm
ftp://atualizacoes.conectiva.com.br/10/RPMS/kernel26-smp-module-hsfmodem-2.6.11.72032U10_17cl.7.18.00.03full-63167U10_6cl.athlon.rpm
ftp://atualizacoes.conectiva.com.br/10/RPMS/kernel26-smp-module-hsfmodem-2.6.11.72032U10_17cl.7.18.00.03full-63167U10_6cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/10/RPMS/kernel26-smp-module-hsfmodem-2.6.11.72032U10_17cl.7.18.00.03full-63167U10_6cl.i586.rpm
ftp://atualizacoes.conectiva.com.br/10/RPMS/kernel26-smp-module-hsfmodem-2.6.11.72032U10_17cl.7.18.00.03full-63167U10_6cl.i686.rpm
ftp://atualizacoes.conectiva.com.br/10/RPMS/kernel26-smp-module-hsfmodem-2.6.11.72032U10_17cl.7.18.00.03full-63167U10_6cl.pentium4.rpm
ftp://atualizacoes.conectiva.com.br/10/RPMS/kernel26-smp-module-madwifi-2.6.11.72032U10_17cl.20041216-63166U10_6cl.athlon.rpm
ftp://atualizacoes.conectiva.com.br/10/RPMS/kernel26-smp-module-madwifi-2.6.11.72032U10_17cl.20041216-63166U10_6cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/10/RPMS/kernel26-smp-module-madwifi-2.6.11.72032U10_17cl.20041216-63166U10_6cl.i586.rpm
ftp://atualizacoes.conectiva.com.br/10/RPMS/kernel26-smp-module-madwifi-2.6.11.72032U10_17cl.20041216-63166U10_6cl.i686.rpm
ftp://atualizacoes.conectiva.com.br/10/RPMS/kernel26-smp-module-madwifi-2.6.11.72032U10_17cl.20041216-63166U10_6cl.pentium4.rpm
ftp://atualizacoes.conectiva.com.br/10/RPMS/kernel26-smp-module-ndiswrapper-2.6.11.72032U10_17cl.1.1-72907U10_4cl.athlon.rpm
ftp://atualizacoes.conectiva.com.br/10/RPMS/kernel26-smp-module-ndiswrapper-2.6.11.72032U10_17cl.1.1-72907U10_4cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/10/RPMS/kernel26-smp-module-ndiswrapper-2.6.11.72032U10_17cl.1.1-72907U10_4cl.i586.rpm
ftp://atualizacoes.conectiva.com.br/10/RPMS/kernel26-smp-module-ndiswrapper-2.6.11.72032U10_17cl.1.1-72907U10_4cl.i686.rpm
ftp://atualizacoes.conectiva.com.br/10/RPMS/kernel26-smp-module-ndiswrapper-2.6.11.72032U10_17cl.1.1-72907U10_4cl.pentium4.rpm
ftp://atualizacoes.conectiva.com.br/10/RPMS/kernel26-smp-module-nvidia-2.6.11.72032U10_17cl.1.0.7174-71023U10_7cl.athlon.rpm
ftp://atualizacoes.conectiva.com.br/10/RPMS/kernel26-smp-module-nvidia-2.6.11.72032U10_17cl.1.0.7174-71023U10_7cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/10/RPMS/kernel26-smp-module-nvidia-2.6.11.72032U10_17cl.1.0.7174-71023U10_7cl.i586.rpm
ftp://atualizacoes.conectiva.com.br/10/RPMS/kernel26-smp-module-nvidia-2.6.11.72032U10_17cl.1.0.7174-71023U10_7cl.i686.rpm
ftp://atualizacoes.conectiva.com.br/10/RPMS/kernel26-smp-module-nvidia-2.6.11.72032U10_17cl.1.0.7174-71023U10_7cl.pentium4.rpm
ftp://atualizacoes.conectiva.com.br/10/RPMS/kernel26-smp-module-slmodem-2.6.11.72032U10_17cl.2.9.10-63168U10_7cl.athlon.rpm
ftp://atualizacoes.conectiva.com.br/10/RPMS/kernel26-smp-module-slmodem-2.6.11.72032U10_17cl.2.9.10-63168U10_7cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/10/RPMS/kernel26-smp-module-slmodem-2.6.11.72032U10_17cl.2.9.10-63168U10_7cl.i586.rpm
ftp://atualizacoes.conectiva.com.br/10/RPMS/kernel26-smp-module-slmodem-2.6.11.72032U10_17cl.2.9.10-63168U10_7cl.i686.rpm
ftp://atualizacoes.conectiva.com.br/10/RPMS/kernel26-smp-module-slmodem-2.6.11.72032U10_17cl.2.9.10-63168U10_7cl.pentium4.rpm
ftp://atualizacoes.conectiva.com.br/10/RPMS/kernel26-source-2.6.11-72032U10_17cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/10/RPMS/libgl1-nvidia-1.0.7174-71010U10_2cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/10/RPMS/ndiswrapper-utils-2.6.11.72032U10_17cl.1.1-72907U10_4cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/10/RPMS/slmodemd-2.6.11.72032U10_17cl.2.9.10-63168U10_7cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/10/RPMS/xfree86-driver-nvidia-1.0.7174-71010U10_2cl.i386.rpm

ADDITIONAL INSTRUCTIONS
The apt tool can be used to perform RPM packages upgrades:

  • run: apt-get update
  • after that, execute: apt-get upgrade

Detailed instructions regarding the use of apt and upgrade examples can be found at http://distro.conectiva.com.br/atualizacoes/#apt?idioma=en


All packages are signed with Conectiva's GPG key. The key and instructions on how to import it can be found at
http://distro.conectiva.com.br/seguranca/chave/?idioma=en Instructions on how to check the signatures of the RPM packages can be found at http://distro.conectiva.com.br/seguranca/politica/?idioma=en
All our advisories and generic update instructions can be viewed at http://distro.conectiva.com.br/atualizacoes/?idioma=en
Copyright (c) 2004 Conectiva Inc.
http://www.conectiva.com

Fedora Core


Fedora Update Notification
FEDORA-2005-350
2005-05-02

Product : Fedora Core 3
Name : kdelibs
Version : 3.3.1
Release : 2.12.FC3
Summary : K Desktop Environment - Libraries

Description :
Libraries for the K Desktop Environment: KDE Libraries included: kdecore (KDE core library), kdeui (user interface), kfm (file manager), khtmlw (HTML widget), kio (Input/Output, networking), kspell (spelling checker), jscript (javascript), kab (addressbook), kimgio (image manipulation).


Update Information:

A buffer overflow was found in the kimgio library for KDE 3.3.1. An attacker could create a carefully crafted PCX image in such a way that it would cause kimgio to execute arbitrary code when processing the image. The Common Vulnerabilities and Exposures project (cve.mitre.org/) has assigned the name CAN-2005-1046 to this issue.

All users of kdelibs should upgrade to these updated packages, which contain a backported security patch to correct these issues.


  • Tue Apr 19 2005 Than Ngo <than@redhat.com> 6:3.3.1-2.12.FC3
    • apply patch to fix gcc warning #117938
  • Tue Apr 19 2005 Than Ngo <than@redhat.com> 6:3.3.1-2.11.FC3
    • add missing kde documents #152307
    • apply patch to fix kimgio input validation vulnerabilities, CAN-2005-1046
    • add hack for loading of *.so shared object files #142244
  • Mon Apr 18 2005 Than Ngo <than@redhat.com> 6:3.3.1-2.10.FC3
    • backport the patch to fix kimgio input validation vulnerabilities, CAN-2005-1046, #152093, thanks to KDE security team

This update can be downloaded from:
http://download.fedora.redhat.com/pub/fedora/linux/core/updates/3/

1023f08e9573cd579ed4d978b8f7a7fb SRPMS/kdelibs-3.3.1-2.12.FC3.src.rpm
be28a562a1d99f4530ac1866ab332199 x86_64/kdelibs-3.3.1-2.12.FC3.x86_64.rpm
784b411818c9a1a3d28811e814b9880a x86_64/kdelibs-devel-3.3.1-2.12.FC3.x86_64.rpm
c81fb52aa13551ffb233f9ecc9ea72df x86_64/debug/kdelibs-debuginfo-3.3.1-2.12.FC3.x86_64.rpm
0e6fdd04807160ee7571bcfb098d4c79 x86_64/kdelibs-3.3.1-2.12.FC3.i386.rpm
0e6fdd04807160ee7571bcfb098d4c79 i386/kdelibs-3.3.1-2.12.FC3.i386.rpm
f14c330fcc3f2c9618dc88550d4dd307 i386/kdelibs-devel-3.3.1-2.12.FC3.i386.rpm
bf6808e504ace10edb9da8b6f71efc5f i386/debug/kdelibs-debuginfo-3.3.1-2.12.FC3.i386.rpm

This update can also be installed with the Update Agent; you can launch the Update Agent with the 'up2date' command.



Fedora Update Notification
FEDORA-2005-351
2005-05-02

Product : Fedora Core 3
Name : tcpdump
Version : 3.8.2
Release : 8.FC3
Summary : A network traffic monitoring tool.

Description :
Tcpdump is a command-line tool for monitoring network traffic. Tcpdump can capture and display the packet headers on a particular network interface or on all interfaces. Tcpdump can display all of the packet headers, or just the ones that match particular criteria.

Install tcpdump if you need a program to monitor network traffic.


  • Fri Apr 29 2005 Martin Stransky <stransky@redhat.com> - 14:3.8.2-8.FC3
    • fix for CAN-2005-1280 Multiple DoS issues in tcpdump (CAN-2005-1279 CAN-2005-1278), #156040

This update can be downloaded from:

http://download.fedora.redhat.com/pub/fedora/linux/core/updates/3/

4b740bfe93581978552145842e23898d SRPMS/tcpdump-3.8.2-8.FC3.src.rpm
380ab25ad5a4908c2b8bf8461c29317a x86_64/tcpdump-3.8.2-8.FC3.x86_64.rpm
e25dadaa9ab7e602ab6c9b4aee51b536 x86_64/libpcap-0.8.3-8.FC3.x86_64.rpm
f0bcba7f52b8a0c10a5b11488313cb3e x86_64/arpwatch-2.1a13-8.FC3.x86_64.rpm
0f7d020a9e50561b9fbb41ccc135ab24 x86_64/debug/tcpdump-debuginfo-3.8.2-8.FC3.x86_64.rpm
a50375f8e7edf7a88dea70dcb5df98c4 x86_64/libpcap-0.8.3-8.FC3.i386.rpm
031f3ec5c206b4616f2b30f4949ad345 i386/tcpdump-3.8.2-8.FC3.i386.rpm
a50375f8e7edf7a88dea70dcb5df98c4 i386/libpcap-0.8.3-8.FC3.i386.rpm
7fcb261a49f062939946d84a7816b864 i386/arpwatch-2.1a13-8.FC3.i386.rpm
c5006240d5c4c6e4f9c892c882a1ca7b i386/debug/tcpdump-debuginfo-3.8.2-8.FC3.i386.rpm

This update can also be installed with the Update Agent; you can launch the Update Agent with the 'up2date' command.



Fedora Update Notification
FEDORA-2005-353
2005-05-02

Product : Fedora Core 3
Name : perl
Version : 5.8.5
Release : 12.FC3
Summary : The Perl programming language.

Description :
Perl is a high-level programming language with roots in C, sed, awk and shell scripting. Perl is good at handling processes and files, and is especially good at handling text. Perl's hallmarks are practicality and efficiency. While it is used to do a lot of different things, Perl's most common applications are system administration utilities and web programming. A large proportion of the CGI scripts on the web are written in Perl. You need the perl package installed on your system so that your system can handle Perl scripts.

Install this package if you want to program in Perl or enable your system to handle Perl scripts.


Update Information:

Security and packaging fixes.


  • Thu Apr 28 2005 Ville Skyttäville.skytta at iki.fi> - 3:5.8.5-12.FC3
    • Apply fix for CAN-2004-0452 (#156128, #146774).
    • Drop incorrect provides from the main package and release tag munging from the suidperl subpackage (#148847, Jos&eactute; Pedro Oliveira).
  • Fri Apr 1 2005 Petr Rockai <prockai@redhat.com> - 3:5.8.5-11.FC3
    • Do not link with libbind... (backported patch from devel).
  • Wed Mar 31 2005 Petr Rockai <prockai@redhat.com> - 3:5.8.5-10.FC3
    • Fix for CAN-2005-0155, CAN-2005-0156.
    • Work around a FTBFS (fails to build from source) in fc3 buildroots.

This update can be downloaded from:

http://download.fedora.redhat.com/pub/fedora/linux/core/updates/3/

1509fe0fadb22b69b5f878341b34d767 SRPMS/perl-5.8.5-12.FC3.src.rpm
c90f95a4aacf003d94d2420dd6629650 x86_64/perl-5.8.5-12.FC3.x86_64.rpm
c46fe5d5db1ca845e67b39f21ea37d99 x86_64/perl-suidperl-5.8.5-12.FC3.x86_64.rpm
32a2972a6d1d56a60a213249e70ac7ff x86_64/debug/perl-debuginfo-5.8.5-12.FC3.x86_64.rpm
fb672eecfac3216363fae01b52cb1fd8 i386/perl-5.8.5-12.FC3.i386.rpm
c54d4bb985501c643eb7be1309543779 i386/perl-suidperl-5.8.5-12.FC3.i386.rpm
dbbc18ba952c8df14788658dcf13d014 i386/debug/perl-debuginfo-5.8.5-12.FC3.i386.rpm

This update can also be installed with the Update Agent; you can launch the Update Agent with the 'up2date' command.

Gentoo Linux


Gentoo Linux Security Advisory GLSA 200504-30

http://security.gentoo.org/


Severity: Normal
Title: phpMyAdmin: Insecure SQL script installation
Date: April 30, 2005
Bugs: #88831
ID: 200504-30


Synopsis

phpMyAdmin leaves the SQL install script with insecure permissions, potentially leading to a database compromise.

Background

phpMyAdmin is a tool written in PHP intended to handle the administration of MySQL databases from a web-browser. phpMyAdmin uses a pma MySQL user to control the linked-tables infrastructure. The SQL install script sets the initial password for the pma user.

Affected packages


     Package            /  Vulnerable  /                    Unaffected

  1  dev-db/phpmyadmin     < 2.6.2-r1                      >= 2.6.2-r1

Description

The phpMyAdmin installation process leaves the SQL install script with insecure permissions.

Impact

A local attacker could exploit this vulnerability to obtain the initial phpMyAdmin password and from there obtain information about databases accessible by phpMyAdmin.

Workaround

Change the password for the phpMyAdmin MySQL user (pma):

    mysql -u root -p
    SET PASSWORD FOR 'pma'@'localhost' = PASSWORD('MyNewPassword');

Update your phpMyAdmin config.inc.php/:

    $cfg['Servers'][$i]['controlpass']   = 'MyNewPassword';

Resolution

All phpMyAdmin users should change password for the pma user as described above and upgrade to the latest version:

    # emerge --sync
    # emerge --ask --oneshot --verbose ">=dev-db/phpmyadmin-2.6.2-r1"

Availability

This GLSA and any updates to it are available for viewing at the Gentoo Security Website:

http://security.gentoo.org/glsa/glsa-200504-30.xml

Concerns?

Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at http://bugs.gentoo.org.

License

Copyright 2005 Gentoo Foundation, Inc; referenced text belongs to its owner(s).

The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.

http://creativecommons.org/licenses/by-sa/2.0


Gentoo Linux Security Advisory GLSA 200505-01

http://security.gentoo.org/


Severity: Low
Title: Horde Framework: Multiple XSS vulnerabilities
Date: May 01, 2005
Bugs: #90365
ID: 200505-01


Synopsis

Various modules of the Horde Framework are vulnerable to multiple cross-site scripting (XSS) vulnerabilities.

Background

The Horde Framework is a PHP based framework for building web applications. It provides many modules including calendar, address book, CVS viewer and Internet Messaging Program.

Affected packages


     Package                   /  Vulnerable  /             Unaffected


1 www-apps/horde-vacation < 2.2.2 >= 2.2.2 2 www-apps/horde-turba < 1.2.5 >= 1.2.5 3 www-apps/horde-passwd < 2.2.2 >= 2.2.2 4 www-apps/horde-nag < 1.1.3 >= 1.1.3 5 www-apps/horde-mnemo < 1.1.4 >= 1.1.4 6 www-apps/horde-kronolith < 1.1.4 >= 1.1.4 7 www-apps/horde-imp < 3.2.8 >= 3.2.8 8 www-apps/horde-accounts < 2.1.2 >= 2.1.2 9 www-apps/horde-forwards < 2.2.2 >= 2.2.2 10 www-apps/horde-chora < 1.2.3 >= 1.2.3 11 www-apps/horde < 2.2.8 >= 2.2.8 ------------------------------------------------------------------- 11 affected packages on all of their supported architectures.

Description

Cross-site scripting vulnerabilities have been discovered in various modules of the Horde Framework.

Impact

These vulnerabilities could be exploited by an attacker to execute arbitrary HTML and script code in context of the victim's browser.

Workaround

There is no known workaround at this time.

Resolution

All Horde users should upgrade to the latest version:

    # emerge --sync
    # emerge --ask --oneshot --verbose ">=www-apps/horde-2.2.8"

All Horde Vacation users should upgrade to the latest version:

    # emerge --sync
    # emerge --ask --oneshot --verbose ">=www-apps/horde-vacation-2.2.2"

All Horde Turba users should upgrade to the latest version:

    # emerge --sync
    # emerge --ask --oneshot --verbose ">=www-apps/horde-turba-1.2.5"

All Horde Passwd users should upgrade to the latest version:

    # emerge --sync
    # emerge --ask --oneshot --verbose ">=www-apps/horde-passwd-2.2.2"

All Horde Nag users should upgrade to the latest version:

    # emerge --sync
    # emerge --ask --oneshot --verbose ">=www-apps/horde-nag-1.1.3"

All Horde Mnemo users should upgrade to the latest version:

    # emerge --sync
    # emerge --ask --oneshot --verbose ">=www-apps/horde-mnemo-1.1.4"

All Horde Kronolith users should upgrade to the latest version:

    # emerge --sync
    # emerge --ask --oneshot --verbose
    # ">=www-apps/horde-kronolith-1.1.4"

All Horde IMP users should upgrade to the latest version:

    # emerge --sync
    # emerge --ask --oneshot --verbose ">=www-apps/horde-imp-3.2.8"

All Horde Accounts users should upgrade to the latest version:

    # emerge --sync
    # emerge --ask --oneshot --verbose ">=www-apps/horde-accounts-2.1.2"

All Horde Forwards users should upgrade to the latest version:

    # emerge --sync
    # emerge --ask --oneshot --verbose ">=www-apps/horde-forwards-2.2.2"

All Horde Chora users should upgrade to the latest version:

    # emerge --sync
    # emerge --ask --oneshot --verbose ">=www-apps/horde-chora-1.2.3"

References

[ 1 ] Horde Announcement

http://marc.theaimsgroup.com/?l=horde-announce&r=1&b=200504&w=2

Availability

This GLSA and any updates to it are available for viewing at the Gentoo Security Website:

http://security.gentoo.org/glsa/glsa-200505-01.xml

Concerns?

Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at http://bugs.gentoo.org.

License

Copyright 2005 Gentoo Foundation, Inc; referenced text belongs to its owner(s).

The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.

http://creativecommons.org/licenses/by-sa/2.0

Slackware Linux

[slackware-security] infozip (SSA:2005-121-01)