dcsimg
Linux Today: Linux News On Internet Time.




More on LinuxToday


Trustix Security Advisory #2001-0003 - kernel

Apr 05, 2001, 22:38 (0 Talkback[s])

WEBINAR:
On-Demand

Desktop-as-a-Service Designed for Any Cloud ? Nutanix Frame


Trustix Security Advisory #2001-0003 - kernel

- --------------------------------------------------------------------------
Trustix Secure Linux Security Advisory #2001-0003

Package name:      kernel
Severity:          Local root exploit
Date:              2001-04-05
Affected versions: TSL 1.01, 1.1, 1.2

- --------------------------------------------------------------------------

Problem description:
        Some time ago, a vulnerability was discovered that allowed for root
        access through ptrace call in the linux kernel.  This was
        originally considered fixed in a previous patch, but as it turns
        out, it wasn't. This is fixed in kernel version 2.2.19.

Action:
  We recommend all systems which has this package installed to be upgraded.
  Please see the Kernel Upgrade Howto, available from
  <URL:http://www.trustix.net/doc/kernel-upgrade/kernel-upgrade.html>
  for more information on how to upgrade your TSL kernel.

Location:
  All TSL updates are available from
  <URL:http://www.trustix.net/pub/Trustix/updates/>
  <URL:ftp://ftp.trustix.net/pub/Trustix/updates/>

Users of the SWUP tool, can enjoy having the security updates
automatically installed using 'swup --upgrade'.

Get SWUP from:
ftp://ftp.trustix.net/pub/Trustix/software/swup/

Note that you may not want to use SWUP to do unattended kernel upgrades,
and it does not do so by default.

Questions?
Check out our mailinglists:
http://www.trustix.net/support/


Verification:
This advisory is signed with the TSL sign key.  It is available from:
http://www.trustix.net/TSL-GPG-KEY


Trustix Security Team
 
-- 
Trustix Secure Linux Advisor
Homepage:           http://www.trustix.net/
Errata:             http://www.trustix.net/errata/
Automatic updates:  http://www.trustix.net/pub/Trustix/software/swup/