dcsimg
Linux Today: Linux News On Internet Time.





More on LinuxToday


Advisories: March 24, 2005

Mar 25, 2005, 04:45 (0 Talkback[s])

Fedora Core


Fedora Update Notification
FEDORA-2005-244
2005-03-23

Product : Fedora Core 2
Name : kdelibs
Version : 3.2.2
Release : 14.FC2
Summary : K Desktop Environment - Libraries

Description :
Libraries for the K Desktop Environment: KDE Libraries included: kdecore (KDE core library), kdeui (user interface), kfm (file manager), khtmlw (HTML widget), kio (Input/Output, networking), kspell (spelling checker), jscript (javascript), kab (addressbook), kimgio (image manipulation).


  • Wed Mar 2 2005 Than Ngo <than@redhat.com> 6:3.2.2-14.FC2
    • Applied patch to fix DCOP DoS, CAN-2005-0396, #150090 thanks KDE security team
  • Wed Feb 16 2005 Than Ngo <than@redhat.com> 3.2.2-13.FC2
    • Applied patch to fix dcopidlng insecure temporary file usage, CAN-2005-0365, #148823

This update can be downloaded from:
http://download.fedora.redhat.com/pub/fedora/linux/core/updates/2/

aaa0cb8e445fa90e1847892e256282d5 SRPMS/kdelibs-3.2.2-14.FC2.src.rpm
1dadffe3da3ea39e8c5916101d46aee3 x86_64/kdelibs-3.2.2-14.FC2.x86_64.rpm
73d5e1ed8ce19204593df1a0c8434713 x86_64/kdelibs-devel-3.2.2-14.FC2.x86_64.rpm
72b1a5439fc9f8f270dbe220f1e8c15b x86_64/debug/kdelibs-debuginfo-3.2.2-14.FC2.x86_64.rpm
1df0c931f51840cdf5079a08606f4a55 i386/kdelibs-3.2.2-14.FC2.i386.rpm
e2846a3d48ed4f68f286af01c591a6da i386/kdelibs-devel-3.2.2-14.FC2.i386.rpm
8e14d65d02656ee73dc1850d80c96e2c i386/debug/kdelibs-debuginfo-3.2.2-14.FC2.i386.rpm

This update can also be installed with the Update Agent; you can launch the Update Agent with the 'up2date' command.



Fedora Update Notification
FEDORA-2005-245
2005-03-23

Product : Fedora Core 3
Name : kdelibs
Version : 3.3.1
Release : 2.9.FC3
Summary : K Desktop Environment - Libraries

Description :
Libraries for the K Desktop Environment: KDE Libraries included: kdecore (KDE core library), kdeui (user interface), kfm (file manager), khtmlw (HTML widget), kio (Input/Output, networking), kspell (spelling checker), jscript (javascript), kab (addressbook), kimgio (image manipulation).


  • Wed Mar 23 2005 Than Ngo <than@redhat.com> 6:3.3.1-2.9.FC3
    • Applied patch to fix konqueror international domain name spoofing, CAN-2005-0237, #147405
    • get rid of broken AltiVec instructions on ppc
  • Wed Mar 2 2005 Than Ngo <than@redhat.com> 6:3.3.1-2.8.FC3
    • Applied patch to fix DCOP DoS, CAN-2005-0396, #150092 thanks KDE security team
  • Wed Feb 16 2005 Than Ngo <than@redhat.com> 6:3.3.1-2.7.FC3
    • Applied patch to fix dcopidlng insecure temporary file usage, CAN-2005-0365, #148823

This update can be downloaded from:
http://download.fedora.redhat.com/pub/fedora/linux/core/updates/3/

c28ef6077f606f12a42cc9353b44dbfb SRPMS/kdelibs-3.3.1-2.9.FC3.src.rpm
27aa0f9c550e57fecd378e5e7c5aff97 x86_64/kdelibs-3.3.1-2.9.FC3.x86_64.rpm
f2801218b5ff4be23df191f5de57fa42 x86_64/kdelibs-devel-3.3.1-2.9.FC3.x86_64.rpm
add5d7c4324e4790ee84441237225e88 x86_64/debug/kdelibs-debuginfo-3.3.1-2.9.FC3.x86_64.rpm
4ef5aaa433f4108d56110118c35e3f7f x86_64/kdelibs-3.3.1-2.9.FC3.i386.rpm
4ef5aaa433f4108d56110118c35e3f7f i386/kdelibs-3.3.1-2.9.FC3.i386.rpm
5aca755d133987148fb5885b08daad24 i386/kdelibs-devel-3.3.1-2.9.FC3.i386.rpm
f79bcea56792848db679d141f9bd903b i386/debug/kdelibs-debuginfo-3.3.1-2.9.FC3.i386.rpm

This update can also be installed with the Update Agent; you can launch the Update Agent with the 'up2date' command.



Fedora Update Notification
FEDORA-2005-246
2005-03-23

Product : Fedora Core 3
Name : firefox
Version : 1.0.2
Release : 1.3.1
Summary : Mozilla Firefox Web browser.

Description :
Mozilla Firefox is an open-source web browser, designed for standards compliance, performance and portability.


Update Information:

A buffer overflow bug was found in the way Firefox processes GIF images. It is possible for an attacker to create a specially crafted GIF image, which when viewed by a victim will execute arbitrary code as the victim. The Common Vulnerabilities and Exposures project (cve.mitre.org/) has assigned the name CAN-2005-0399 to this issue.

A bug was found in the way Firefox processes XUL content. If a malicious web page can trick a user into dragging an object, it is possible to load malicious XUL content. The Common Vulnerabilities and Exposures project (cve.mitre.org/) has assigned the name CAN-2005-0401 to this issue.

A bug was found in the way Firefox bookmarks content to the sidebar. If a user can be tricked into bookmarking a malicious web page into the sidebar panel, that page could execute arbitrary programs. The Common Vulnerabilities and Exposures project (cve.mitre.org/) has assigned the name CAN-2005-0402 to this issue.

Users of Firefox are advised to upgrade to this updated package which contains Firefox version 1.0.2 and is not vulnerable to these issues.

Additionally, there was a bug found in the way Firefox rendered some fonts, notably the Tahoma font while italicized. This issue has been filed as Bug 150041 (bugzilla.redhat.com/). This updated package contains a fix for this issue.


  • Wed Mar 23 2005 Christopher Aillon <caillon@redhat.com> 0:1.0.2-1.3.1
    • Firefox 1.0.2
    • Fix issues with italic rendering using certain fonts (e.g. Tahoma)
    • Add upstream fix to reduce round trips to xserver during remote control
    • Add upstream fix to call g_set_application_name

This update can be downloaded from:

http://download.fedora.redhat.com/pub/fedora/linux/core/updates/3/

a461bc4e69e10779b3a46944f6b3fd23 SRPMS/firefox-1.0.2-1.3.1.src.rpm
1951b68e390da2f45177df9c016240a0 x86_64/firefox-1.0.2-1.3.1.x86_64.rpm
a81f4837b641ae78f3f6559cbf05715c x86_64/debug/firefox-debuginfo-1.0.2-1.3.1.x86_64.rpm
9b19361c8a3dc98edaa07eb1043c11b3 i386/firefox-1.0.2-1.3.1.i386.rpm
a97e425d13c5abb994520829b16b8063 i386/debug/firefox-debuginfo-1.0.2-1.3.1.i386.rpm

This update can also be installed with the Update Agent; you can launch the Update Agent with the 'up2date' command.



Fedora Update Notification
FEDORA-2005-247
2005-03-23

Product : Fedora Core 3
Name : thunderbird
Version : 1.0.2
Release : 1.3.1
Summary : Mozilla Thunderbird mail/newsgroup client

Description :
Mozilla Thunderbird is a standalone mail and newsgroup client.


Update Information:

A buffer overflow bug was found in the way Thunderbird processes GIF images. It is possible for an attacker to create a specially crafted GIF image, which when viewed by a victim will execute arbitrary code as the victim. The Common Vulnerabilities and Exposures project (cve.mitre.org/) has assigned the name CAN-2005-0399 to this issue.

A bug was found in the Thunderbird string handling functions. If a malicious website is able to exhaust a system's memory, it becomes possible to execute arbitrary code. The Common Vulnerabilities and Exposures project (cve.mitre.org/) has assigned the name CAN-2005-0255 to this issue.

Users of Thunderbird are advised to upgrade to this updated package which contains Thunderbird version 1.0.2 and is not vulnerable to these issues.

This update enables pango rendering by default.


  • Wed Mar 23 2005 Christopher Aillon <caillon@redhat.com> 1.0.2-1.3.1
    • Thunderbird 1.0.2
    • Enable pango rendering
  • Tue Mar 8 2005 Christopher Aillon <caillon@redhat.com> 1.0-5
    • Add patch to compile against new fortified glibc macros
  • Sat Mar 5 2005 Christopher Aillon <caillon@redhat.com> 1.0-4
    • Rebuild against GCC 4.0
    • Add execshield patches
    • Minor specfile cleanup
  • Mon Dec 20 2004 Christopher Aillon <caillon@redhat.com> 1.0-3
    • Rebuild
  • Thu Dec 16 2004 Christopher Aillon <caillon@redhat.com> 1.0-2
    • Add RPM version to useragent
  • Thu Dec 16 2004 Christopher Blizzard <blizzard@redhat.com>
    • Port over pango patches from firefox
  • Wed Dec 8 2004 Christopher Aillon <caillon@redhat.com> 1.0-1.3.1
    • Thunderbird 1.0
  • Mon Dec 6 2004 Christopher Aillon <caillon@redhat.com> 1.0-0.rc1.1
    • Fix advanced prefs
  • Fri Dec 3 2004 Christopher Aillon <caillon@redhat.com>
    • Make this run on s390(x) now for real
  • Wed Dec 1 2004 Christopher Aillon <caillon@redhat.com> 1.0-0.rc1.0
    • Update to 1.0 rc1

This update can be downloaded from:

http://download.fedora.redhat.com/pub/fedora/linux/core/updates/3/

a7764787e90a38e1a7d121b5393c946c SRPMS/thunderbird-1.0.2-1.3.1.src.rpm
642aec4401a1e924bc1569a8a28d2f18 x86_64/thunderbird-1.0.2-1.3.1.x86_64.rpm
b1c171a3a1ec24d996e36f8e3efec462 x86_64/debug/thunderbird-debuginfo-1.0.2-1.3.1.x86_64.rpm
f8872d466515e23b7eb4e49564a24f9f i386/thunderbird-1.0.2-1.3.1.i386.rpm
90eb655353de9280aa8595becc07496c i386/debug/thunderbird-debuginfo-1.0.2-1.3.1.i386.rpm

This update can also be installed with the Update Agent; you can launch the Update Agent with the 'up2date' command.



Fedora Update Notification
FEDORA-2005-249
2005-03-23

Product : Fedora Core 3
Name : mozilla
Version : 1.7.6
Release : 1.3.2
Summary : Web browser and mail reader

Description :
Mozilla is an open-source web browser, designed for standards compliance, performance and portability.


Update Information:

A buffer overflow bug was found in the way Mozilla processes GIF images. It is possible for an attacker to create a specially crafted GIF image, which when viewed by a victim will execute arbitrary code as the victim. The Common Vulnerabilities and Exposures project (cve.mitre.org/) has assigned the name CAN-2005-0399 to this issue.

A bug was found in the way Mozilla responds to proxy auth requests. It is possible for a malicious webserver to steal credentials from a victims browser by issuing a 407 proxy authentication request. (CAN-2005-0147)

A bug was found in the way Mozilla displays dialog windows. It is possible that a malicious web page which is being displayed in a background tab could present the user with a dialog window appearing to come from the active page. (CAN-2004-1380)

A bug was found in the way Mozilla Mail handles cookies when loading content over HTTP regardless of the user's preference. It is possible that a particular user could be tracked through the use of malicious mail messages which load content over HTTP. (CAN-2005-0149)

A flaw was found in the way Mozilla displays international domain names. It is possible for an attacker to display a valid URL, tricking the user into thinking they are viewing a legitimate webpage when they are not. (CAN-2005-0233)

A bug was found in the way Mozilla handles pop-up windows. It is possible for a malicious website to control the content in an unrelated site's pop-up window. (CAN-2004-1156)

A bug was found in the way Mozilla saves temporary files. Temporary files are saved with world readable permissions, which could allow a local malicious user to view potentially sensitive data. (CAN-2005-0142)

A bug was found in the way Mozilla handles synthetic middle click events. It is possible for a malicious web page to steal the contents of a victims clipboard. (CAN-2005-0146)

A bug was found in the way Mozilla processes XUL content. If a malicious web page can trick a user into dragging an object, it is possible to load malicious XUL content. (CAN-2005-0401)

A bug was found in the way Mozilla loads links in a new tab which are middle clicked. A malicious web page could read local files or modify privileged chrom settings. (CAN-2005-0141)

A bug was found in the way Mozilla displays the secure site icon. A malicious web page can use a view-source URL targetted at a secure page, while loading an insecure page, yet the secure site icon shows the previous secure state. (CAN-2005-0144)

A bug was found in the way Mozilla displays the secure site icon. A malicious web page can display the secure site icon by loading a binary file from a secured site. (CAN-2005-0143)

A bug was found in the way Mozilla displays the download dialog window. A malicious site can obfuscate the content displayed in the source field, tricking a user into thinking they are downloading content from a trusted source. (CAN-2005-0585)

Users of Mozilla are advised to upgrade to this updated package which contains Mozilla version 1.7.6 to correct these issues.


  • Wed Mar 22 2005 Christopher Aillon <caillon@redhat.com> 37:1.7.6-1.3.2
    • Install all-redhat.js pref files
  • Tue Mar 22 2005 Christopher Aillon <caillon@redhat.com> 37:1.7.6-1.3.1
    • Update to 1.7.6
    • Add RPM version to useragent
    • Enable smooth scrolling and system colors by default.
    • Backport pango fixes from the firefox package, and now enabled by default.
    • Add upstream fix to reduce round trips to xserver during remote control
    • Add upstream fix to call g_set_application_name

This update can be downloaded from:

http://download.fedora.redhat.com/pub/fedora/linux/core/updates/3/

02669640d96d1cc1bb50966bcaca5a4e SRPMS/mozilla-1.7.6-1.3.2.src.rpm
086140fa80837e4395bd23863d1cd3bc x86_64/mozilla-1.7.6-1.3.2.x86_64.rpm
399367ebf6f9d4f9498473984634c0ce x86_64/mozilla-nspr-1.7.6-1.3.2.x86_64.rpm
dabf52db59410c637ae33902009136ab x86_64/mozilla-nspr-devel-1.7.6-1.3.2.x86_64.rpm
5172afe0363245d1172488021b3ad9bf x86_64/mozilla-nss-1.7.6-1.3.2.x86_64.rpm
678f8d13728810ee930350440c706947 x86_64/mozilla-nss-devel-1.7.6-1.3.2.x86_64.rpm
7ff378a5d83625991fc0c51729a788f9 x86_64/mozilla-devel-1.7.6-1.3.2.x86_64.rpm
0107bce1bc3fe6e102aa8da01bb85ab7 x86_64/mozilla-mail-1.7.6-1.3.2.x86_64.rpm
3213705339c737d8bcc29616874a7d5c x86_64/mozilla-chat-1.7.6-1.3.2.x86_64.rpm
765be3f54ee532d841ffeaeede8101e0 x86_64/mozilla-js-debugger-1.7.6-1.3.2.x86_64.rpm
61fb797c0664a3583066d744b2aa9581 x86_64/mozilla-dom-inspector-1.7.6-1.3.2.x86_64.rpm
5a19978771f9d234ba77bb150e93438a x86_64/debug/mozilla-debuginfo-1.7.6-1.3.2.x86_64.rpm
a4b85d9372781b5f68395fa4ac8d7340 x86_64/mozilla-nspr-1.7.6-1.3.2.i386.rpm
d35ce4037dafb1ec40c2cec9304b61ba x86_64/mozilla-nss-1.7.6-1.3.2.i386.rpm
98aa9de7049b5343e39a2e26040672fa i386/mozilla-1.7.6-1.3.2.i386.rpm
a4b85d9372781b5f68395fa4ac8d7340 i386/mozilla-nspr-1.7.6-1.3.2.i386.rpm
65a61de5c98a9e0b2843aa928b00228b i386/mozilla-nspr-devel-1.7.6-1.3.2.i386.rpm
d35ce4037dafb1ec40c2cec9304b61ba i386/mozilla-nss-1.7.6-1.3.2.i386.rpm
24d648cc13985e7bcedb8df625a59359 i386/mozilla-nss-devel-1.7.6-1.3.2.i386.rpm
92fd43a847dfccba9ea7dcc0473d18f7 i386/mozilla-devel-1.7.6-1.3.2.i386.rpm
783772ada6aefc80993931a46c7650cf i386/mozilla-mail-1.7.6-1.3.2.i386.rpm
f49ca97eeffc2355fdbe4de8ad32db1b i386/mozilla-chat-1.7.6-1.3.2.i386.rpm
c63029efea76cbe664b46db3a881386a i386/mozilla-js-debugger-1.7.6-1.3.2.i386.rpm
9564486586776c0e3b40f5b6e56cbe5e i386/mozilla-dom-inspector-1.7.6-1.3.2.i386.rpm
9a2fa3f14fbb6af45d3bb43bd00b2974 i386/debug/mozilla-debuginfo-1.7.6-1.3.2.i386.rpm

This update can also be installed with the Update Agent; you can launch the Update Agent with the 'up2date' command.



Fedora Update Notification
FEDORA-2005-252
2005-03-23

Product : Fedora Core 3
Name : devhelp
Version : 0.9.2
Release : 2.3.1
Summary : API document browser

Description :
A API document browser for GNOME 2.


Update Information:

There were several security flaws found in the mozilla package, which devhelp depends on. Users of devhelp are advised to upgrade to this updated package which has been rebuilt against a later version of mozilla which is not vulnerable to these flaws.


  • Wed Mar 23 2005 Christopher Aillon <caillon@redhat.com> 0.9.2-2.3.1
    • Build against mozilla 1.7.6

This update can be downloaded from:

http://download.fedora.redhat.com/pub/fedora/linux/core/updates/3/

6c151fff55a839f25ec6badfa532d56c SRPMS/devhelp-0.9.2-2.3.1.src.rpm
d0e75caaaa0e6c3e07e2033f8848137b x86_64/devhelp-0.9.2-2.3.1.x86_64.rpm
1d014b859ea02e697133725b4a68cda3 x86_64/devhelp-devel-0.9.2-2.3.1.x86_64.rpm
5daa38a6f9a18d3f3e81ceef03243331 x86_64/debug/devhelp-debuginfo-0.9.2-2.3.1.x86_64.rpm
304625c2d7548ab99399566b9c5184e0 i386/devhelp-0.9.2-2.3.1.i386.rpm
95daa11b364e50c340b13950e4fb0115 i386/devhelp-devel-0.9.2-2.3.1.i386.rpm
80f5c322ca9789d25b0bd5cfe855c827 i386/debug/devhelp-debuginfo-0.9.2-2.3.1.i386.rpm

This update can also be installed with the Update Agent; you can launch the Update Agent with the 'up2date' command.



Fedora Update Notification
FEDORA-2005-254
2005-03-23

Product : Fedora Core 3
Name : epiphany
Version : 1.4.4
Release : 4.3.1
Summary : GNOME web browser based on the Mozilla rendering engine

Description :
epiphany is a simple GNOME web browser based on the Mozilla rendering engine


Update Information:

There were several security flaws found in the mozilla package, which epiphany depends on. Users of epiphany are advised to upgrade to this updated package which has been rebuilt against a later version of mozilla which is not vulnerable to these flaws.


  • Wed Mar 23 2005 Christopher Aillon <caillon@redhat.com> 1.4.4-4.3.1
    • Build against 1.7.6

This update can be downloaded from:

http://download.fedora.redhat.com/pub/fedora/linux/core/updates/3/

ee392eccf5da0006b3cf7d15fc5b3827 SRPMS/epiphany-1.4.4-4.3.1.src.rpm
2ff6cfeb569e92932c726c3be0c6ca6b x86_64/epiphany-1.4.4-4.3.1.x86_64.rpm
d8e15cd2a4b75f1583ef8cdf8c02be7a x86_64/epiphany-devel-1.4.4-4.3.1.x86_64.rpm
e036ff59e6cdfe79b1ec2143b487a20f x86_64/debug/epiphany-debuginfo-1.4.4-4.3.1.x86_64.rpm
a2b5e1b52dc3e7dd748184b1434d60cb i386/epiphany-1.4.4-4.3.1.i386.rpm
caee256a486e64bc37f47b2246929d1c i386/epiphany-devel-1.4.4-4.3.1.i386.rpm
b264f825744b5a29d0e646c47eda0c3d i386/debug/epiphany-debuginfo-1.4.4-4.3.1.i386.rpm

This update can also be installed with the Update Agent; you can launch the Update Agent with the 'up2date' command.



Fedora Update Notification
FEDORA-2005-255
2005-03-23

Product : Fedora Core 3
Name : evolution
Version : 2.0.4
Release : 2
Summary : GNOME's next-generation groupware suite

Description :
Evolution is the GNOME mailer, calendar, contact manager and communications tool. The tools which make up Evolution will be tightly integrated with one another and act as a seamless personal information-management tool.


Update Information:

There were several security flaws found in the mozilla package, which evolution depends on. Users of evolution are advised to upgrade to this updated package which has been rebuilt against a later version of mozilla which is not vulnerable to these flaws.


  • Wed Mar 23 2005 David Malcolm <dmalcolm@redhat.com> - 2.0.4-2
    • Removed explicit run-time spec-file requirement on mozilla. The Mozilla NSS API/ABI stabilised by version 1.7.3 The libraries are always located in the libdir However, the headers are in /usr/include/mozilla-1.7.6 and so they move each time the mozilla version changes. So we no longer have an explicit mozilla run-time requirement in the specfile; a requirement on the appropriate NSS and NSPR .so files is automagically generated on build.

      We have an explicit, exact build-time version, so that we can find the headers (without invoking an RPM query from the spec file; to do so is considered bad practice)

    • Introduced mozilla_build_version, to replace mozilla_version (now 1.7.6)

This update can be downloaded from:

http://download.fedora.redhat.com/pub/fedora/linux/core/updates/3/

7631fea197a1ccd056b1823be75a023c SRPMS/evolution-2.0.4-2.src.rpm
14c411da1ca80dff7aa6a625cc2c5365 x86_64/evolution-2.0.4-2.x86_64.rpm
4fc5867087714e7a59f5e1da1cc71e1d x86_64/evolution-devel-2.0.4-2.x86_64.rpm
0a17830e4f2b39aed9e7883c51421085 x86_64/debug/evolution-debuginfo-2.0.4-2.x86_64.rpm
35f623a4203d3ca943e423c6607e69b8 i386/evolution-2.0.4-2.i386.rpm
a940f9dd3baf9f54f91110e3488695f5 i386/evolution-devel-2.0.4-2.i386.rpm
fe42b6729dd452612e70bc941cba7226 i386/debug/evolution-debuginfo-2.0.4-2.i386.rpm

This update can also be installed with the Update Agent; you can launch the Update Agent with the 'up2date' command.


Gentoo Linux


Gentoo Linux Security Advisory GLSA 200503-28

http://security.gentoo.org/


Severity: Normal
Title: Sun Java: Web Start argument injection vulnerability
Date: March 24, 2005
Bugs: #85804
ID: 200503-28


Synopsis

Java Web Start JNLP files can be abused to evade sandbox restriction and execute arbitrary code.

Background

Sun provides implementations of Java Development Kits (JDK) and Java Runtime Environments (JRE). These implementations provide the Java Web Start technology that can be used for easy client-side deployment of Java applications.

Affected packages


     Package               /  Vulnerable  /                 Unaffected


1 dev-java/sun-jdk < 1.4.2.07 >= 1.4.2.07 < 1.4.2 2 dev-java/sun-jre-bin < 1.4.2.07 >=1.4.2.07 < 1.4.2 ------------------------------------------------------------------- 2 affected packages on all of their supported architectures.

Description

Jouko Pynnonen discovered that Java Web Start contains a vulnerability in the way it handles property tags in JNLP files.

Impact

By enticing a user to open a malicious JNLP file, a remote attacker could pass command line arguments to the Java Virtual machine, which can be used to bypass the Java "sandbox" and to execute arbitrary code with the permissions of the user running the application.

Workaround

There is no known workaround at this time.

Resolution

All Sun JDK users should upgrade to the latest version:

    # emerge --sync
    # emerge --ask --oneshot --verbose ">=dev-java/sun-jdk-1.4.2.07"

All Sun JRE users should upgrade to the latest version:

    # emerge --sync
    # emerge --ask --oneshot --verbose ">=dev-java/sun-jre-bin-1.4.2.07"

References

[ 1 ] Jouko Pynnonen advisory

http://jouko.iki.fi/adv/ws.html

[ 2 ] Sun Microsystems Alert Notification

http://sunsolve.sun.com/search/document.do?assetkey=1-26-57740-1

Availability

This GLSA and any updates to it are available for viewing at the Gentoo Security Website:

http://security.gentoo.org/glsa/glsa-200503-28.xml

Concerns?

Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at http://bugs.gentoo.org.

License

Copyright 2005 Gentoo Foundation, Inc; referenced text belongs to its owner(s).

The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.

http://creativecommons.org/licenses/by-sa/2.0


Gentoo Linux Security Advisory GLSA 200503-29

http://security.gentoo.org/


Severity: Low
Title: GnuPG: OpenPGP protocol attack
Date: March 24, 2005
Bugs: #85547
ID: 200503-29


Synopsis

Automated systems using GnuPG may leak plaintext portions of an encrypted message.

Background

GnuPG is complete and free replacement for PGP, a tool for secure communication and data storage.

Affected packages


     Package          /  Vulnerable  /                      Unaffected

  1  app-crypt/gnupg       < 1.4.1                            >= 1.4.1

Description

A flaw has been identified in an integrity checking mechanism of the OpenPGP protocol.

Impact

An automated system using GnuPG that allows an attacker to repeatedly discover the outcome of an integrity check (perhaps by observing the time required to return a response, or via overly verbose error messages) could theoretically reveal a small portion of plaintext.

Workaround

There is no known workaround at this time.

Resolution

All GnuPG users should upgrade to the latest version:

    # emerge --sync
    # emerge --ask --oneshot --verbose ">=app-crypt/gnupg-1.4.1"

References

[ 1 ] CERT VU#303094

http://www.kb.cert.org/vuls/id/303094

[ 2 ] CAN-2005-0366

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0366

Availability

This GLSA and any updates to it are available for viewing at the Gentoo Security Website:

http://security.gentoo.org/glsa/glsa-200503-29.xml

Concerns?

Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at http://bugs.gentoo.org.

License

Copyright 2005 Gentoo Foundation, Inc; referenced text belongs to its owner(s).

The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.

http://creativecommons.org/licenses/by-sa/2.0

SUSE Linux


SUSE Security Announcement

Package: kernel
Announcement-ID: SUSE-SA:2005:018
Date: Thu, 24 Mar 2005 15:00:00 +0000
Affected products: 8.2, 9.0, 9.1, 9.2 SUSE Linux Desktop 1.0 SUSE Linux Enterprise Server 8, 9 Novell Linux Desktop 9
Vulnerability Type: remote denial of service
Severity (1-10): 9
SUSE default package: yes
Cross References: CAN-2005-0449 CAN-2005-0209 CAN-2005-0529 CAN-2005-0530 CAN-2005-0532 CAN-2005-0384 CAN-2005-0210 CAN-2005-0504 CAN-2004-0814 CAN-2004-1333 CAN-2005-0003

Content of this advisory:

  1. security vulnerability resolved: several kernel security problems problem description
  2. solution/workaround
  3. special instructions and notes
  4. package location and checksums
  5. pending vulnerabilities, solutions, workarounds: See SUSE Security Summary Report (next one due after Easter).
  6. standard appendix (further information)

1) problem description, brief discussion

The Linux kernel is the core component of the Linux system.

Several vulnerabilities were reported in the last few weeks which are fixed by this update.

Not all kernels are affected by all the problems, each of the problems has an affected note attached to it.

The CAN-XXXX-XXX IDs are Mitre CVE Candidate IDs, please see
http://www.mitre.org for more information.

Following security vulnerabilities are fixed:

  • CAN-2005-0449: The netfilter/iptables module in Linux before 2.6.8.1 allows remote attackers to cause a denial of service (kernel crash) or bypass firewall rules via crafted packets, which are not properly handled by the skb_checksum_help function.

    A remote attacker could crash a SUSE Linux system when this system is used as a router/firewall.

    Only SUSE Linux versions using the 2.6 kernels are affected.

  • CAN-2005-0209: When forwarding fragmented packets, we can only use hardware assisted checksum once.

    This could lead to a denial of service attack / crash potentially trigger able by remote users.

    Only SUSE Linux versions using the 2.6 kernels are affected.

  • CAN-2005-0529: Linux kernels before 2.6.11 use different size types for offset arguments to the proc_file_read and locks_read_proc functions, which leads to a heap-based buffer overflow when a signed comparison causes negative integers to be used in a positive context.

    Only SUSE Linux versions using the 2.6 kernels are affected.

  • CAN-2005-0530: Signedness error in the copy_from_read_buf function in n_tty.c before Linux kernel 2.6.11 allows local users to read kernel memory via a negative argument.

    Only SUSE Linux versions using the 2.6 kernels are affected.

  • Missing checking in the epoll system calls allowed overwriting of a small range of kernel memory. This allows a local attacker to gain root privileges.

    All SUSE Linux versions except SUSE Linux 8.2 are affected.

  • A integer overflow was possible when writing to a sysfs file, allowing an attacker to overwrite kernel memory.

    Only SUSE Linux versions using the 2.6 kernels are affected.

  • CAN-2005-0532: The reiserfs_copy_from_user_to_file_region function in reiserfs/file.c before Linux kernel 2.6.11, when running on 64-bit architectures, may allow local users to trigger a buffer overflow as a result of casting discrepancies between size_t and int data types.

    This allows a remote attacker to overwrite kernel memory, crash the machine or potential get root access.

    Only SUSE Linux versions using the 2.6 kernels running on 64 bit machines are affected.

  • CAN-2005-0384: Fixed a local denial of service attack in the kernel PPP code. This allows a local attacker to hang the system.

    All SUSE Linux versions are affected.

  • CAN-2005-0210: A dst leak problem in the ip_conntrack module of the iptables firewall was fixed.

    Only SUSE Linux versions using the 2.6 kernels are affected.

  • CAN-2005-0504: Buffer overflow in the MoxaDriverIoctl function for the moxa serial driver (moxa.c) in Linux 2.2.x, 2.4.x, and 2.6.x allows local users to execute arbitrary code via a certain modified length value.

    Only SUSE Linux versions using the 2.6 kernels are fixed, this was considered too minor for our 2.4 line.

  • Only root should be able to set the N_MOUSE line discipline, this is a partial fix for CAN-2004-0814.
  • Due to an xattr sharing bug in the ext2 and ext3 file systems, default ACLs could disappear.

    Only SUSE Linux versions using the 2.6 kernels are affected.

  • CAN-2005-0003: Fixed a potential problem with overlapping VMAs also on 2.4 kernels.

    Only SUSE Linux versions using the 2.4 kernels are affected.

  • CAN-2004-1333: Fixed a local denial of service problem with the VC_RESIZE ioctl. A local user logged in to a text console can crash the machine.

    Only SUSE Linux versions using the 2.4 kernels are affected.

Additional kernel module had bugs fixed:

  • antivir / dazuko.ko: The capability handling of this module was broken and was fixed by a version upgrade.
  • drbd: A slow memory leak in drbd was fixed.
  • Bugs fixed after the SUSE Linux Enterprise Server 8 SP4 release (for the SLES 8 and United Linux 1 updates).
  • Bugs fixed after the SUSE Linux Enterprise Server 9 SP1 release (for the SLES 9 and NLD 9 updates).
2) solution/workaround

None. Please install the updated packages.

3) special instructions and notes

SPECIAL INSTALL INSTRUCTIONS:

The following paragraphs will guide you through the installation process in a step-by-step fashion. The character sequence "****" marks the beginning of a new paragraph. In some cases, the steps outlined in a particular paragraph may or may not be applicable to your situation.
Therefore, please make sure to read through all of the steps below before attempting any of these procedures. All of the commands that need to be executed are required to be run as the superuser (root). Each step relies on the steps before it to complete successfully.
  • Step 1: Determine the needed kernel type

    Please use the following command to find the kernel type that is installed on your system:

    rpm -qf /boot/vmlinuz

    Following are the possible kernel types (disregard the version and build number following the name separated by the "-" character)

    k_deflt # default kernel, good for most systems.
    k_i386 # kernel for older processors and chip sets
    k_athlon # kernel made specifically for AMD Athlon(tm) family processors
    k_psmp # kernel for Pentium-I dual processor systems
    k_smp # kernel for SMP systems (Pentium-II and above)
    k_smp4G # kernel for SMP systems which supports a maximum of 4G of RAM
    kernel-64k-pagesize
    kernel-bigsmp
    kernel-default
    kernel-smp

  • Step 2: Download the package for your system

    Please download the kernel RPM package for your distribution with the name as indicated by Step 1. The list of all kernel rpm packages is appended below. Note: The kernel-source package does not contain a binary kernel in bootable form. Instead, it contains the sources that the binary kernel rpm packages are created from. It can be used by administrators who have decided to build their own kernel. Since the kernel-source.rpm is an installable (compiled) package that contains sources for the linux kernel, it is not the source RPM for the kernel RPM binary packages.

    The kernel RPM binary packages for the distributions can be found at the locations below ftp://ftp.suse.com/pub/suse/i386/update/.

    8.2/rpm/i586
    9.0/rpm/i586
    9.1/rpm/i586
    9.2/rpm/i586

    After downloading the kernel RPM package for your system, you should verify the authenticity of the kernel rpm package using the methods as listed in section 3) of each SUSE Security Announcement.

  • Step 3: Installing your kernel rpm package

    Install the rpm package that you have downloaded in Steps 3 or 4 with the command

    rpm -Uhv --nodeps --force <K_FILE.RPM>
    where <K_FILE.RPM> is the name of the rpm package that you downloaded.

    Warning: After performing this step, your system will likely not be able to boot if the following steps have not been fully followed.

  • Step 4: configuring and creating the initrd

    The initrd is a ramdisk that is loaded into the memory of your system together with the kernel boot image by the bootloader. The kernel uses the content of this ramdisk to execute commands that must be run before the kernel can mount its actual root filesystem. It is usually used to initialize SCSI drivers or NIC drivers for diskless operation.

    The variable INITRD_MODULES in /etc/sysconfig/kernel determines which kernel modules will be loaded in the initrd before the kernel has mounted its actual root filesystem. The variable should contain your SCSI adapter (if any) or filesystem driver modules.

    With the installation of the new kernel, the initrd has to be re-packed with the update kernel modules. Please run the command

    mk_initrd

    as root to create a new init ramdisk (initrd) for your system. On SuSE Linux 8.1 and later, this is done automatically when the RPM is installed.

  • Step 5: bootloader

    If you run a SUSE LINUX 8.x, SLES8, or SUSE LINUX 9.x system, there are two options:
    Depending on your software configuration, you have either the lilo bootloader or the grub bootloader installed and initialized on your system.
    The grub bootloader does not require any further actions to be performed after the new kernel images have been moved in place by the rpm Update command.
    If you have a lilo bootloader installed and initialized, then the lilo program must be run as root. Use the command

    grep LOADER_TYPE /etc/sysconfig/bootloader

    to find out which boot loader is configured. If it is lilo, then you must run the lilo command as root. If grub is listed, then your system does not require any bootloader initialization.

    Warning: An improperly installed bootloader may render your system

    unbootable.

  • Step 6: reboot

    If all of the steps above have been successfully completed on your system, then the new kernel including the kernel modules and the initrd should be ready to boot. The system needs to be rebooted for the changes to become active. Please make sure that all steps have completed, then reboot using the command

    shutdown -r now
    or

    init 6

    Your system should now shut down and reboot with the new kernel.

4) package location and checksums

Please download the update package for your distribution and verify its integrity by the methods listed in section 3) of this announcement. Then, install the package using the command "rpm -Fhv file.rpm" to apply the update.
Our maintenance customers are being notified individually. The packages are being offered to install from the maintenance web.

x86 Platform:

SUSE Linux 9.2:
ftp://ftp.suse.com/pub/suse/i386/update/9.2/rpm/i586/Intel-536ep-4.69-5.6.i586.rpm a3e7ae43ed40beb4e6a91c12173a6208
ftp://ftp.suse.com/pub/suse/i386/update/9.2/rpm/i586/kernel-bigsmp-2.6.8-24.13.i586.rpm d6f629086c8021c31579bfab6f966a80
ftp://ftp.suse.com/pub/suse/i386/update/9.2/rpm/i586/kernel-bigsmp-nongpl-2.6.8-24.13.i586.rpm c677ef5d3738fd3d9fa660a2eb5e6c9d
ftp://ftp.suse.com/pub/suse/i386/update/9.2/rpm/i586/kernel-default-2.6.8-24.13.i586.rpm 856a9ef25235c42782e6de073523b975
ftp://ftp.suse.com/pub/suse/i386/update/9.2/rpm/i586/kernel-default-nongpl-2.6.8-24.13.i586.rpm 29279144bdf0ba5884b98b764851dd34
ftp://ftp.suse.com/pub/suse/i386/update/9.2/rpm/i586/kernel-smp-2.6.8-24.13.i586.rpm 57090bf8316f5c44ce6a66011bae0db2
ftp://ftp.suse.com/pub/suse/i386/update/9.2/rpm/i586/kernel-smp-nongpl-2.6.8-24.13.i586.rpm 14714e1bb4f1b6395a0ed7d92499628e
ftp://ftp.suse.com/pub/suse/i386/update/9.2/rpm/i586/kernel-source-2.6.8-24.13.i586.rpm 07601eb3f22def95f2f77222db6c74c8
ftp://ftp.suse.com/pub/suse/i386/update/9.2/rpm/i586/kernel-syms-2.6.8-24.13.i586.rpm 00e4a56bc7a009399b0f7536e20d6a0e
ftp://ftp.suse.com/pub/suse/i386/update/9.2/rpm/i586/kernel-um-2.6.8-24.13.i586.rpm c9f5e9965ace4fe7019a8dec74b5b898
ftp://ftp.suse.com/pub/suse/i386/update/9.2/rpm/i586/kernel-um-nongpl-2.6.8-24.13.i586.rpm 2a62d57e412f4e10d156734906face7c
ftp://ftp.suse.com/pub/suse/i386/update/9.2/rpm/i586/ltmodem-8.31a8-6.6.i586.rpm ebd3ea3dca91dda23b5b008f34cb2635
ftp://ftp.suse.com/pub/suse/i386/update/9.2/rpm/i586/um-host-install-initrd-1.0-48.6.i586.rpm bbecc9e23da79030b213f2fa0dc45b44
ftp://ftp.suse.com/pub/suse/i386/update/9.2/rpm/i586/um-host-kernel-2.6.8-24.13.i586.rpm efb8ff7a0680e983579c7319f8068b1a
ftp://ftp.suse.com/pub/suse/i386/update/9.2/rpm/noarch/kernel-docs-2.6.8-24.13.noarch.rpm 12793882c2100201dd76de65c5ed26f9

SUSE Linux 9.1:
ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/i586/kernel-bigsmp-2.6.5-7.151.i586.rpm d801daf8beed0792c84316e2e7713f41
ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/i586/kernel-default-2.6.5-7.151.i586.rpm 332f1a58948d88e85e755238ea3096b6
ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/i586/kernel-smp-2.6.5-7.151.i586.rpm 568b83f27bbae07274bd165bff4630cf
ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/i586/kernel-source-2.6.5-7.151.i586.rpm 03f54f3a2fb9508747be5fca11cabe9f
ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/i586/kernel-syms-2.6.5-7.151.i586.rpm faff02a2390bfc99215afe0724823d9e
ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/i586/ltmodem-2.6.2-38.14.i586.rpm 940a9aa4170b14d19077915512dcbecd
ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/noarch/kernel-docs-2.6.5-7.151.noarch.rpm 5fc9640689ba9abc1199e016b96e5df7
source rpm(s):
ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/src/kernel-bigsmp-2.6.5-7.151.nosrc.rpm 600a651760dc303fdc24417e6f28457f
ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/src/kernel-default-2.6.5-7.151.nosrc.rpm 1ca101fe4bc7a0565bdfe95ec50e575b
ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/src/kernel-docs-2.6.5-7.151.src.rpm 73853c8f22b1dc0ad3c8f2cfb3fa7bcc
ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/src/kernel-smp-2.6.5-7.151.nosrc.rpm 8956a79089e858d53833729514b4ecb4
ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/src/kernel-source-2.6.5-7.151.src.rpm 9fc52075c3d76aae66698dafe2a34ef4
ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/src/kernel-syms-2.6.5-7.151.src.rpm cfeb547283923ec6bb7ecde68e87959e
ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/src/ltmodem-2.6.2-38.14.src.rpm 1b72810d556f330f0387b0f3f0e74279

SUSE Linux 9.0:
ftp://ftp.suse.com/pub/suse/i386/update/9.0/rpm/i586/Intel-536ep-4.62-23.i586.rpm 642d10aff71b590d3bcddfabca8f08da
ftp://ftp.suse.com/pub/suse/i386/update/9.0/rpm/i586/Intel-v92ham-4.53-23.i586.rpm 12daaa6a39215f6e121bc73b259c2f89
ftp://ftp.suse.com/pub/suse/i386/update/9.0/rpm/i586/k_athlon-2.4.21-280.i586.rpm 3dd964eac3f9d9e7464c1ea54778a759
ftp://ftp.suse.com/pub/suse/i386/update/9.0/rpm/i586/k_deflt-2.4.21-280.i586.rpm 095d7247628617edede02dd7fb70b5a4
ftp://ftp.suse.com/pub/suse/i386/update/9.0/rpm/i586/k_smp-2.4.21-280.i586.rpm 3723ff0f79d44ebc2cc99fb7b57bdc5d
ftp://ftp.suse.com/pub/suse/i386/update/9.0/rpm/i586/k_smp4G-2.4.21-280.i586.rpm 2930b366a93fba8eb8330b12a5e40caa
ftp://ftp.suse.com/pub/suse/i386/update/9.0/rpm/i586/k_um-2.4.21-280.i586.rpm 349e1d2949cc14ba8d0cad5c21cdfe7b
ftp://ftp.suse.com/pub/suse/i386/update/9.0/rpm/i586/kernel-source-2.4.21-280.i586.rpm 9395b0db44137f9bf2a5317db8cde4cf
ftp://ftp.suse.com/pub/suse/i386/update/9.0/rpm/i586/ltmodem-8.26a-212.i586.rpm 1ef3564ca4af69b09add35fcc1c45d6c
source rpm(s):
ftp://ftp.suse.com/pub/suse/i386/update/9.0/rpm/src/Intel-536ep-4.62-23.src.rpm 5d19d98ffde19ed08f017aed5f764568
ftp://ftp.suse.com/pub/suse/i386/update/9.0/rpm/src/Intel-v92ham-4.53-23.src.rpm 296b905a65ceb9301dc3a596d4dc6a32
ftp://ftp.suse.com/pub/suse/i386/update/9.0/rpm/src/k_athlon-2.4.21-280.src.rpm d5cac11c24e3519d90cac12bf1f088d0
ftp://ftp.suse.com/pub/suse/i386/update/9.0/rpm/src/k_deflt-2.4.21-280.src.rpm e08d8762e628110b4d6f4ad03030e68a
ftp://ftp.suse.com/pub/suse/i386/update/9.0/rpm/src/k_smp-2.4.21-280.src.rpm 072fad1ee699d8a621da2c6eac7a8d24
ftp://ftp.suse.com/pub/suse/i386/update/9.0/rpm/src/k_smp4G-2.4.21-280.src.rpm 88fba9a0d5adc6580ddca48834fecefe
ftp://ftp.suse.com/pub/suse/i386/update/9.0/rpm/src/k_um-2.4.21-280.src.rpm 8baf03af3bb72840ce2f9da7f89fb92f
ftp://ftp.suse.com/pub/suse/i386/update/9.0/rpm/src/kernel-source-2.4.21-280.src.rpm 71053f5317ab1bc7fec545126e840ccf
ftp://ftp.suse.com/pub/suse/i386/update/9.0/rpm/src/ltmodem-8.26a-212.src.rpm c0033f8e34944c7ce03eed94b70cf918

SUSE Linux 8.2:
ftp://ftp.suse.com/pub/suse/i386/update/8.2/rpm/i586/k_athlon-2.4.20-131.i586.rpm 89313ab4063e37d971d31356b9c56980
ftp://ftp.suse.com/pub/suse/i386/update/8.2/rpm/i586/k_deflt-2.4.20-131.i586.rpm ec0b7ad6970af84a249040733179f83d
ftp://ftp.suse.com/pub/suse/i386/update/8.2/rpm/i586/k_psmp-2.4.20-131.i586.rpm e7e2a0db12da34d29ae8a868096c664c
ftp://ftp.suse.com/pub/suse/i386/update/8.2/rpm/i586/k_smp-2.4.20-131.i586.rpm 70c75029b29d5d0683bb1602304bac6e
ftp://ftp.suse.com/pub/suse/i386/update/8.2/rpm/i586/kernel-source-2.4.20.SuSE-131.i586.rpm 2dd77f5c8c66f2395de227c265b80631
source rpm(s):
ftp://ftp.suse.com/pub/suse/i386/update/8.2/rpm/src/k_athlon-2.4.20-131.src.rpm 87ead9ecc8ab30422cc0999ba8993c97
ftp://ftp.suse.com/pub/suse/i386/update/8.2/rpm/src/k_deflt-2.4.20-131.src.rpm c154007e11d1203bb52402f300d4e2ee
ftp://ftp.suse.com/pub/suse/i386/update/8.2/rpm/src/k_psmp-2.4.20-131.src.rpm 57ce340d5ef4c167ae8e0a506bcc0648
ftp://ftp.suse.com/pub/suse/i386/update/8.2/rpm/src/k_smp-2.4.20-131.src.rpm fbb8f6f6d3d79e3597fe9ce39bda2169
ftp://ftp.suse.com/pub/suse/i386/update/8.2/rpm/src/kernel-source-2.4.20.SuSE-131.src.rpm c12c9e264115a760a7a8e30ce3ea67c7

x86-64 Platform:

SUSE Linux 9.2:
ftp://ftp.suse.com/pub/suse/i386/update/9.2/rpm/x86_64/kernel-default-2.6.8-24.13.x86_64.rpm 24ea3cb00cceba43c5bed19b897bb1b8
ftp://ftp.suse.com/pub/suse/i386/update/9.2/rpm/x86_64/kernel-default-nongpl-2.6.8-24.13.x86_64.rpm 668e6786f937eda584f74a231adfa2a1
ftp://ftp.suse.com/pub/suse/i386/update/9.2/rpm/x86_64/kernel-smp-2.6.8-24.13.x86_64.rpm 26091c7fd2be2714a187477d658e8318
ftp://ftp.suse.com/pub/suse/i386/update/9.2/rpm/x86_64/kernel-smp-nongpl-2.6.8-24.13.x86_64.rpm e516f01b4a263239ef30b713fb755feb
ftp://ftp.suse.com/pub/suse/i386/update/9.2/rpm/x86_64/kernel-source-2.6.8-24.13.x86_64.rpm 423dcb129d2111f7c17387d4b36fcabb
ftp://ftp.suse.com/pub/suse/i386/update/9.2/rpm/x86_64/kernel-syms-2.6.8-24.13.x86_64.rpm 840a17c71109bd07224ad6ae12e8be75
source rpm(s):
ftp://ftp.suse.com/pub/suse/i386/update/9.2/rpm/src/kernel-default-2.6.8-24.13.nosrc.rpm 8a90f26cb375a89035e3ef90566aa95a
ftp://ftp.suse.com/pub/suse/i386/update/9.2/rpm/src/kernel-smp-2.6.8-24.13.nosrc.rpm 681402af4423507b1e73d82beb0507c7
ftp://ftp.suse.com/pub/suse/i386/update/9.2/rpm/src/kernel-source-2.6.8-24.13.src.rpm 3ffd0c15edad64abe53947f6b647f373
ftp://ftp.suse.com/pub/suse/i386/update/9.2/rpm/src/kernel-syms-2.6.8-24.13.src.rpm 520ad02e64ac8ce376ba8cfaf65e6efd

SUSE Linux 9.1:
ftp://ftp.suse.com/pub/suse/x86_64/update/9.1/rpm/noarch/kernel-docs-2.6.5-7.151.noarch.rpm 49c8b1ed045cc0a760d09d7d6d4da690
ftp://ftp.suse.com/pub/suse/x86_64/update/9.1/rpm/x86_64/kernel-default-2.6.5-7.151.x86_64.rpm af7a4838080ad1272951879d2e802ba6
ftp://ftp.suse.com/pub/suse/x86_64/update/9.1/rpm/x86_64/kernel-smp-2.6.5-7.151.x86_64.rpm d7391560609a9b0125b5e79680e56f83