---

Advisories, April 19, 2006


Fedora Update Notification
FEDORA-2006-338
2006-04-19


Product : Fedora Core 5
Name : gdm
Version : 2.14.1
Release : 1.fc5.2
Summary : The GNOME Display Manager.

Description :
Gdm (the GNOME Display Manager) is a highly configurable
reimplementation of xdm, the X Display Manager. Gdm allows you to
log into your system with the X Window System running and supports
running several different X sessions on your local machine at the
same time.


Update Information:

(Notes taken from upstream release mail)

  • The sockets connection between the slaves and the GDM daemon is
    now better managed to better ensure that sockets are never left
    open. (Brian Cameron)
  • Corrected bug that causes a core dump when you click on
    gdmgreeter fields that have an id. (Brian Cameron)
  • Add new GdmXserverTimeout configuration setting so that the
    length of time GDM waits for the Xserver to start can be tuned, so
    GDM better works with Xservers that require more than 10 seconds to
    start. (Emilie)
  • The happygnome and happygnome-list gdmgreeter themes now use
    the official logo. (Brian Cameron)
  • Now GDM configure supports –with-sysconfsubdir so that GDM’s
    configuration directory can be configured to not have “/gdm”
    appended to the end.
  • Fix for ensuring .ICEauthority file has proper
    ownership/permissions. Addresses CVE-2006-1057. (Hans Petter
    Jansson)
  • Fix “Show Actions Menu” section in gdmsetup so it appears when
    both “Plain” and “Themed” style is chosen. (Brian Cameron, Dennis
    Cranston)
  • Now use LINGUAS procedure for defining languages. (Michiel
    Sikkes)
  • Now Xsession script uses “[email protected]” instead of “$1” so it is possible
    to pass arguments with the command to run. (Brian Cameron)
  • Add Trusted Solraris support. (Niall Power)
  • One line fix to Solaris auditing logic that fixes a bug causing
    authentication to fail when auditing is turned on. (Brian
    Cameron)
  • Fixes to compile with C99 and fixes to compile under NetBSD.
    Remove EXPANDED_* variables from the configure. (Julio M. Merino
    Vidal)
  • Translation updates (Zygimantas BeruaÂka, Benoit Dejean,
    Laurent Dhima, Maxim Dziumanenko, Alessio Frusciante, Rhys Jones,
    Raphael Higino, Theppitak Karoonboonyanan, Gabor Kelmen, Priit
    Laes, Jordi Mallach, Kjartan Maraas, Daniel Nylander, Kostas
    Papdimas, Guilherme de S. Pastore, Ankit Patel, Ignacio Casal
    Quinteiro, Hendrik Richter, Jens Seidel, Francisco Javier F.
    Serrador, Alexander Shopov, Clytie Siddall, Ilkka Tuohela, Vincent
    van Adrighem, Tommi Vainikaninen)


    • Wed Apr 12 2006 Ray Strode <[email protected]> –
      1:2.14.1-1.fc5.2

      • Fix libexecdir substitution bug in config file
    • Tue Apr 11 2006 Ray Strode <[email protected]> –
      1:2.14.1-1.fc5.1

      • Update to 2.14.1
      • fixes CVE-2006-1057 (bug 188303)

    This update can be downloaded from:

    http://download.fedora.redhat.com/pub/fedora/linux/core/updates/5/

    0ebda9e260de136776490e7329204d222700b731
    SRPMS/gdm-2.14.1-1.fc5.2.src.rpm
    c0cb0667d4f3ce76b387df2bccc06a8f10d8c624
    ppc/gdm-2.14.1-1.fc5.2.ppc.rpm
    a8394d72031986e54b3187604e83d3fb8924c4f4
    ppc/debug/gdm-debuginfo-2.14.1-1.fc5.2.ppc.rpm
    dfd12cf35030f1838eb6ae463e75b40aab78b833
    x86_64/gdm-2.14.1-1.fc5.2.x86_64.rpm
    db378ae0092e3d5fcdad09a1e7e0e0872be9ca29
    x86_64/debug/gdm-debuginfo-2.14.1-1.fc5.2.x86_64.rpm
    b2ad23383aeda17aeb197c7d7e27b084ea8b82c1
    i386/gdm-2.14.1-1.fc5.2.i386.rpm
    e1451cd706df668f08d1db19888d287a40144327
    i386/debug/gdm-debuginfo-2.14.1-1.fc5.2.i386.rpm

    This update can be installed with the ‘yum’ update program. Use
    ‘yum update package-name’ at the command line. For more
    information, refer to ‘Managing Software with yum,’ available at
    http://fedora.redhat.com/docs/yum/.


    Fedora Update Notification
    FEDORA-2006-421
    2006-04-19


    Product : Fedora Core 5
    Name : kernel
    Version : 2.6.16
    Release : 1.2096_FC5
    Summary : The Linux kernel (the core of the Linux operating
    system)

    Description :
    The kernel package contains the Linux kernel (vmlinuz), the core of
    any Linux operating system. The kernel handles the basic functions
    of the operating system: memory allocation, process allocation,
    device input and output, etc.


    Update Information:

    This update includes a number of security issues that have been
    fixed upstream over the last week or so.

    i386/x86-64: Fix x87 information leak between processes
    (CVE-2006-1056)
    ip_route_input panic fix (CVE-2006-1525)
    fix MADV_REMOVE vulnerability (CVE-2006-1524)
    shmat: stop mprotect from giving write permission to a readonly
    attachment (CVE-2006-1524)
    Fix MPBL0010 driver insecure sysfs permissions
    x86_64: When user could have changed RIP always force IRET
    (CVE-2006-0744)
    Fix RCU signal handling
    Keys: Fix oops when adding key to non-keyring (CVE-2006-1522)
    sysfs: zero terminate sysfs write buffers (CVE-2006-1055)

    It also includes various other fixes from the -stable tree. Full
    changelogs are available from:

    http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.16.9

    http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.16.8

    http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.16.7

    http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.16.6

    http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.16.5

    http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.16.4

    http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.16.3

    http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.16.2


  • Mon Apr 17 2006 Dave Jones <[email protected]>
    • 2.6.16.6
    • Disable the SMP alternatives patch for now.
    • Revive Xen.
  • Mon Apr 17 2006 David Woodhouse <[email protected]>
    • Add include/{mtd,rdma,keys} directories to kernel-devel
      package
  • Sun Apr 16 2006 Dave Jones <[email protected]>
    • 2.6.16.5
  • Fri Apr 7 2006 Dave Jones <[email protected]>
    • 2.6.16.2
  • Tue Apr 4 2006 Dave Jones <[email protected]>
    • Reenable non-standard serial ports. (#187466)
    • Reenable snd-es18xx for x86-32 (#187733)
  • Sun Apr 2 2006 David Woodhouse <[email protected]>
    • Alternative (and optional) disable for R300 DRI.
  • Fri Mar 31 2006 David Woodhouse <[email protected]>
    • Send standard WEXT events on softmac assoc/disassociation.
  • Mon Mar 27 2006 Dave Jones <[email protected]>
    • Enable SMP alternatives for x86/x86-64
    • Temporarily disable Xen.
    • Re-add kernel-smp-586

This update can be downloaded from:

http://download.fedora.redhat.com/pub/fedora/linux/core/updates/5/

1b154600afd2a807861f4c345c9a0ba91fbf5989
SRPMS/kernel-2.6.16-1.2096_FC5.src.rpm
1906067ca5433c7761c6a76a39c11e32a5b46b20
ppc/kernel-2.6.16-1.2096_FC5.ppc.rpm
3c8d8545d0495e65e9c00b516dddebf06ef2a0b5
ppc/kernel-devel-2.6.16-1.2096_FC5.ppc.rpm
64ae6db0caf5775a3e11436df8e5b5c4e7815777
ppc/kernel-smp-2.6.16-1.2096_FC5.ppc.rpm
4de1464a2f01291ce5e2b484290f7b10b6efecf6
ppc/kernel-smp-devel-2.6.16-1.2096_FC5.ppc.rpm
9f2d4c3a4621fe100a877eb042c9fe20d278fbc4
ppc/debug/kernel-debuginfo-2.6.16-1.2096_FC5.ppc.rpm
4db11e08971a9811a8c44a620525fb5adefc35a7
ppc/kernel-doc-2.6.16-1.2096_FC5.noarch.rpm
8c965c4c24d66cfc44fccb9a6ee01228765bde46
x86_64/kernel-2.6.16-1.2096_FC5.x86_64.rpm
02e10a26f452e0e23d1a40675366d9ad913498af
x86_64/kernel-devel-2.6.16-1.2096_FC5.x86_64.rpm
f355aa8afad6ac16d8d6e8c3327f4000ee1b64c8
x86_64/kernel-xen0-2.6.16-1.2096_FC5.x86_64.rpm
cbb322ec528eb7ec6993cdf30479fffb98ecd85e
x86_64/kernel-xen0-devel-2.6.16-1.2096_FC5.x86_64.rpm
b053231f89ecbf26478b60c605631d87bed41f25
x86_64/kernel-xenU-2.6.16-1.2096_FC5.x86_64.rpm
c6a74c4bca9685f0891d27a0577cb668bb5a4432
x86_64/kernel-xenU-devel-2.6.16-1.2096_FC5.x86_64.rpm
17b8772c65f05dd5fb41266a83fed31cc25549ee
x86_64/kernel-kdump-2.6.16-1.2096_FC5.x86_64.rpm
99083e54cd03824b7be0b6b978547166ab9abd4b
x86_64/kernel-kdump-devel-2.6.16-1.2096_FC5.x86_64.rpm
07f7e8f40fbf27e5266f74cff7628ebca0fbe493
x86_64/debug/kernel-debuginfo-2.6.16-1.2096_FC5.x86_64.rpm
4db11e08971a9811a8c44a620525fb5adefc35a7
x86_64/kernel-doc-2.6.16-1.2096_FC5.noarch.rpm
d8f1175d9a9810352ba9cca993d1a82dec945631
i386/kernel-2.6.16-1.2096_FC5.i586.rpm
9f01c5a2b65cf99d041195a82158d052bd751a96
i386/kernel-devel-2.6.16-1.2096_FC5.i586.rpm
43f54d92da6e2335f4e8f8b3aa989eccd8d37fb6
i386/kernel-smp-2.6.16-1.2096_FC5.i586.rpm
715cdc3a54439423bcad241e538c35b68de2a024
i386/kernel-smp-devel-2.6.16-1.2096_FC5.i586.rpm
8ba1e12fd323b2d260db430b20824ce0d3f98eae
i386/debug/kernel-debuginfo-2.6.16-1.2096_FC5.i586.rpm
c882dc2ed404175bd302d157385475ddc5bd5c6d
i386/kernel-2.6.16-1.2096_FC5.i686.rpm
9a587bdf25a17749d05681fdf4de98c744868224
i386/kernel-devel-2.6.16-1.2096_FC5.i686.rpm
1b088bc589b96cf64eb76315d0594682484e49ad
i386/kernel-smp-2.6.16-1.2096_FC5.i686.rpm
a3eea3d7e27ac25626943f53b71efbc116c54a31
i386/kernel-smp-devel-2.6.16-1.2096_FC5.i686.rpm
971ff3b72428b8271ee7209e729e0c9aab6732a3
i386/kernel-xen0-2.6.16-1.2096_FC5.i686.rpm
020b2cf22b5f07da7814e87ef486704e2ca5b79a
i386/kernel-xen0-devel-2.6.16-1.2096_FC5.i686.rpm
40addfb96fbcbf0057143c0924540e3c2202893c
i386/kernel-xenU-2.6.16-1.2096_FC5.i686.rpm
8d1aecc8b068b3af03588bda31571ef7e01e7ec6
i386/kernel-xenU-devel-2.6.16-1.2096_FC5.i686.rpm
254fd25a9bff3ff70672e522977b65fe320055af
i386/kernel-kdump-2.6.16-1.2096_FC5.i686.rpm
3c079c0bfaa0c986976805de62d808f19b6d5de9
i386/kernel-kdump-devel-2.6.16-1.2096_FC5.i686.rpm
fa18115b142013c488d317c0e72f66ece2de8ee8
i386/debug/kernel-debuginfo-2.6.16-1.2096_FC5.i686.rpm
4db11e08971a9811a8c44a620525fb5adefc35a7
i386/kernel-doc-2.6.16-1.2096_FC5.noarch.rpm

This update can be installed with the ‘yum’ update program. Use
‘yum update package-name’ at the command line. For more
information, refer to ‘Managing Software with yum,’ available at
http://fedora.redhat.com/docs/yum/.