Linux Today: Linux News On Internet Time.

More on LinuxToday

Advisories: March 31, 2005

Apr 01, 2005, 04:45 (0 Talkback[s])

WEBINAR: On-demand Event

Replace Oracle with the NoSQL Engagement Database: Why and how leading companies are making the switch REGISTER >

Conectiva Linux


PACKAGE : kernel
SUMMARY : Kernel fixes
DATE : 2005-03-31 12:24:00
ID : CLA-2005:945

The Linux kernel is responsible for handling the basic functions of the GNU/Linux operating system.

The following vulnerabilities are being fixed in this update:

  1. CAN-2005-0767[1][2]
    Race condition in the Radeon DRI driver for Linux kernel allows local users with DRI privileges to execute arbitrary code as root.
  2. CAN-2005-0209[3][4]
    Netfilter in Linux kernel allows remote attackers to cause a denial of service (kernel crash) via crafted IP packet fragments.
  3. CAN-2005-0449[5][6]
    The netfilter/iptables module in Linux before allows remote attackers to cause a denial of service (kernel crash) or bypass firewall rules via crafted packets, which are not properly handled by the skb_checksum_help function.
  4. CAN-2005-0210[7][8][9]
    Netfilter in the Linux kernel allows local users to cause a denial of service (memory consumption) via certain packet fragments that are reassembled twice, which causes a data structure to be allocated twice.

These other changes have also been made:

  • the base kernel has been upgraded to version 2.6.11.
  • the NVidia driver has been upgraded to version 7167
  • DRBD has been upgraded to version 0.7.10
  • the hsfmodem driver has been upgraded to version full
  • the slmodem driver has been upgraded to version 2.9.10
  • the ndiswrapper driver has been upgraded to version 1.1
  • lm_sensors has been upgraded to version 2.9.0[11]

It is recommended that all Conectiva Linux users perform the upgrade.

IMPORTANT: exercise caution and preparation when upgrading the kernel, since it will require a reboot after the new packages are installed. More detailed instructions are available in Portuguese at our Q&A page[10].



The apt tool can be used to perform RPM packages upgrades:

  • run: apt-get update
  • after that, execute: apt-get upgrade

Detailed instructions regarding the use of apt and upgrade examples can be found at

All packages are signed with Conectiva's GPG key. The key and instructions on how to import it can be found at Instructions on how to check the signatures of the RPM packages can be found at
All our advisories and generic update instructions can be viewed at
Copyright (c) 2004 Conectiva Inc.

Debian GNU/Linux

Debian Security Advisory DSA 701-1 Martin Schulze
March 31st, 2005

Package : samba
Vulnerability : integer overflows
Problem-Type : remote
Debian-specific: no
CVE ID : CAN-2004-1154
CERT advisory : VU#226184

Greg MacManus discovered an integer overflow in the smb daemon from Samba, a LanManager like file and printer server for GNU/Linux and Unix-like systems. Requesting a very large number of access control descriptors from the server could exploit the integer overflow, which may result in a buffer overflow which could lead to the execution of arbitrary code with root privileges. Upstream developers have discovered more possible integer overflows that are fixed with this update as well.

For the stable distribution (woody) these problems have been fixed in version 2.2.3a-14.2.

For the unstable distribution (sid) these problems have been fixed in version 3.0.10-1.

We recommend that you upgrade your samba packages.

Upgrade Instructions

wget url

will fetch the file for you
dpkg -i file.deb

will install the referenced file.

If you are using the apt-get package manager, use the line for sources.list as given below:

apt-get update

will update the internal database apt-get upgrade

will install corrected packages

You may use an automated update by adding the resources from the footer to the proper configuration.

Debian GNU/Linux 3.0 alias woody

Source archives:
Size/MD5 checksum: 775 ed6d755e8e623a887796b1f483c09769
Size/MD5 checksum: 130208 cc39bb74c7553dda203d51f6d8c14aa3
Size/MD5 checksum: 5460531 b6ec2f076af69331535a82b586f55254

Architecture independent components:
Size/MD5 checksum: 2447006 abf6acd83baeb484d105c8eb1101543b

Alpha architecture:
Size/MD5 checksum: 416676 a860eb37f223fd04606640f40b9a6f0d
Size/MD5 checksum: 490074 e6946b652f61379f406bc9685f765a11
Size/MD5 checksum: 601880 bae5a3ac952faa460d8ca4952a8cd401
Size/MD5 checksum: 2963048 6860982e4f08926c032d28b2614de9eb
Size/MD5 checksum: 1132586 f422f96231a49f8798e23799773b1913
Size/MD5 checksum: 1159098 2974f164602da70553a48bb5f33c453f
Size/MD5 checksum: 952040 108b244edced3569e81ceac4cca464d8
Size/MD5 checksum: 624342 cfa17afeef989729921d2054ff35e2d0
Size/MD5 checksum: 1108844 012f203692a25c6ffe3c22f823283423

ARM architecture:
Size/MD5 checksum: 397606 e3e807c7cf17368ce1b8dd42ec7d6164
Size/MD5 checksum: 462146 b715f738b9317243e4fc12cd62fd2396
Size/MD5 checksum: 548352 5e2a59f8dbb9b9a89416711ef8f7668a
Size/MD5 checksum: 2557662 3f53c5016e17d7f88e18b8e71b104aa9
Size/MD5 checksum: 1024318 14d245cf77b2f09f8568b3111f45bb53
Size/MD5 checksum: 1004756 71f0152421a3ae144c4c1d954a8e968a
Size/MD5 checksum: 833412 6174eb2e44fad3021e741c18cf400d79
Size/MD5 checksum: 558488 d991ee85af61b00eba644c1066f25d84
Size/MD5 checksum: 976166 b0707e5ce8801cd072ebac9c991e9997

Intel IA-32 architecture:
Size/MD5 checksum: 389290 889828ac5a057bf25dc3cb7113a9380d
Size/MD5 checksum: 446478 ed692d3f99e5d7dc2c7e7410c8130c64
Size/MD5 checksum: 500178 9a79ce62bafb3406d3e72d7ddde7fb86
Size/MD5 checksum: 2421974 6c6b944883a8fbee61f7408ff37ba8d1
Size/MD5 checksum: 993612 62aab90749ffb236184542883c55e725
Size/MD5 checksum: 955560 906eaca395641f209b0fe337217db70b
Size/MD5 checksum: 794860 163e9b00151866c4b810b7c9e4438e52
Size/MD5 checksum: 535812 3aa901020246a2485e62e0ede3c6634a
Size/MD5 checksum: 932022 20cd8457fdfbf90108b15369a31d837f

Intel IA-64 architecture:
Size/MD5 checksum: 462676 540dace1a60b0e5cfba97e8866c23a7f
Size/MD5 checksum: 554712 bd471871155707af98c5b464520a5210
Size/MD5 checksum: 626242 5d3b0f59069be1e3802a4f43e76cf6f5
Size/MD5 checksum: 3495238 b45f2ce637e094b1017027df16d00616
Size/MD5 checksum: 1250614 80d39f2455e74a45b11c854739c08776
Size/MD5 checksum: 1332568 f52feeb16a80fb9a7919245f3c1356eb
Size/MD5 checksum: 1100422 157d2efbf4cbb2c8b1b9e1582159be7d
Size/MD5 checksum: 696270 d03bd295dbfefd9d01510482f92f6e41
Size/MD5 checksum: 1283854 7b50b300c3613c5ba444c2f24e1ac292

HP Precision architecture:
Size/MD5 checksum: 420536 2d65dcc7d03aa1a543e2502a84d786cc
Size/MD5 checksum: 491894 dc029fc8dd9e0064f4df562eba62e562
Size/MD5 checksum: 590552 810af1ee8bfe5f6b1ac5587bdceb6b7d
Size/MD5 checksum: 2798038 cdb68b3c7e2d6729dddb8700cc433690
Size/MD5 checksum: 1082366 cfc5500a166c1f4e230442fd280b5c04
Size/MD5 checksum: 1087188 7ba92ad1f99751f1c9f90a9dbd19bd01
Size/MD5 checksum: 903314 8cc3d7d91b09cffe2ff51476839db369
Size/MD5 checksum: 590724 e3ad49e185067df013a4fef46a3ee828
Size/MD5 checksum: 1062004 26531112552c087dadfd7ffc280df23b

Motorola 680x0 architecture:
Size/MD5 checksum: 399726 00f799e82545d582d860f46bf10dea70
Size/MD5 checksum: 461030 a10f03d2fe355df7e797828fe962c800