---

Home Security

Advisories, August 10, 2006

By

Debian GNU/Linux

Debian Security Advisory DSA 1147-1 security@debian.org
http://www.debian.org/security/
Moritz Muehlenhoff
August 9th, 2006 http://www.debian.org/security/faq

Package : drupal
Vulnerability : missing input sanitising Problem-Type : remote
Debian-specific: no
CVE ID : CVE-2006-4002

Ayman Hourieh discovered that Drupal, a dynamic website
platform, performs insufficient input sanitising in the user
module, which might lead to cross-site scripting.

For the stable distribution (sarge) this problem has been fixed
in version 4.5.3-6.1sarge3.

For the unstable distribution (sid) this problem has been fixed
in version 4.5.8-2.

We recommend that you upgrade your drupal package.

Upgrade Instructions

wget url

will fetch the file for you
dpkg -i file.deb

will install the referenced file.

If you are using the apt-get package manager, use the line for
sources.list as given below:

apt-get update

will update the internal database apt-get upgrade

will install corrected packages

You may use an automated update by adding the resources from the
footer to the proper configuration.

Debian GNU/Linux 3.1 alias sarge

Source archives:

    http://security.debian.org/pool/updates/main/d/drupal/drupal_4.5.3-6.1sarge3.dsc

      Size/MD5 checksum: 625
bded8b7fb39d612fea45ddefca3f29ed
    http://security.debian.org/pool/updates/main/d/drupal/drupal_4.5.3-6.1sarge3.diff.gz

      Size/MD5 checksum: 84159
9e76069818a9187b7fe393aec84d5817
    http://security.debian.org/pool/updates/main/d/drupal/drupal_4.5.3.orig.tar.gz

      Size/MD5 checksum: 471540
bf093c4c8aca7bba62833ea1df35702f

Architecture independent components:

    http://security.debian.org/pool/updates/main/d/drupal/drupal_4.5.3-6.1sarge3_all.deb

      Size/MD5 checksum: 503164
196e9b4a743836d68e2668ae96d01ed1

These files will probably be moved into the stable distribution
on its next update.

Debian Security Advisory DSA 1149-1 security@debian.org
http://www.debian.org/security/
Martin Schulze
August 10th, 2006 http://www.debian.org/security/faq

Package : ncompress
Vulnerability : buffer underflow
Problem type : local (remote)
Debian-specific: no
CVE ID : CVE-2006-1168

Tavis Ormandy from the Google Security Team discovered a missing
boundary check in ncompress, the original Lempel-Ziv compress and
uncompress programs, which allows a specially crafted datastream to
underflow a buffer with attacker controlled data.

For the stable distribution (sarge) this problem has been fixed
in version 4.2.4-15sarge2.

For the unstable distribution (sid) this problem has been fixed
in version 4.2.4-15sarge2.

We recommend that you upgrade your ncompress package.

Upgrade Instructions

wget url

will fetch the file for you
dpkg -i file.deb

will install the referenced file.

If you are using the apt-get package manager, use the line for
sources.list as given at the end of this advisory:

apt-get update

will update the internal database apt-get upgrade

will install corrected packages

You may use an automated update by adding the resources from the
footer to the proper configuration.

Debian GNU/Linux 3.1 alias sarge

Source archives:

    http://security.debian.org/pool/updates/main/n/ncompress/ncompress_4.2.4-15sarge2.dsc

      Size/MD5 checksum: 591
8fa14e666180e8a37491dcd33114dbff
    http://security.debian.org/pool/updates/main/n/ncompress/ncompress_4.2.4-15sarge2.diff.gz

      Size/MD5 checksum: 8124
1b7aa0d3079f334202df5d1c77e0f9bf
    http://security.debian.org/pool/updates/main/n/ncompress/ncompress_4.2.4.orig.tar.gz

      Size/MD5 checksum: 31765
7ef0d51aee53b6cd5c6aefe637491281

Alpha architecture:

    http://security.debian.org/pool/updates/main/n/ncompress/ncompress_4.2.4-15sarge2_alpha.deb

      Size/MD5 checksum: 24370
72b955790079338f98afd62c49644897

AMD64 architecture:

    http://security.debian.org/pool/updates/main/n/ncompress/ncompress_4.2.4-15sarge2_amd64.deb

      Size/MD5 checksum: 22924
58d6732c316a9317171c97e74e2cbe44

ARM architecture:

    http://security.debian.org/pool/updates/main/n/ncompress/ncompress_4.2.4-15sarge2_arm.deb

      Size/MD5 checksum: 22522
3ec1cfdab5e4811ca5246a11b94b244d

Intel IA-32 architecture:

    http://security.debian.org/pool/updates/main/n/ncompress/ncompress_4.2.4-15sarge2_i386.deb

      Size/MD5 checksum: 22158
a875189b26255c72ad2ec532c23eef05

Intel IA-64 architecture:

    http://security.debian.org/pool/updates/main/n/ncompress/ncompress_4.2.4-15sarge2_ia64.deb

      Size/MD5 checksum: 26442
ef71240d1b7b4a699b5f817a46f7ead9

HP Precision architecture:

    http://security.debian.org/pool/updates/main/n/ncompress/ncompress_4.2.4-15sarge2_hppa.deb

      Size/MD5 checksum: 24484
51c63bab7d53aa3392e268aec4d271ab

Motorola 680×0 architecture:

    http://security.debian.org/pool/updates/main/n/ncompress/ncompress_4.2.4-15sarge2_m68k.deb

      Size/MD5 checksum: 21536
2cf5bbb67a3f32db857c75a2d352f47a

Big endian MIPS architecture:

    http://security.debian.org/pool/updates/main/n/ncompress/ncompress_4.2.4-15sarge2_mips.deb

      Size/MD5 checksum: 23878
a71db49787837da587552030045c73c1

Little endian MIPS architecture:

    http://security.debian.org/pool/updates/main/n/ncompress/ncompress_4.2.4-15sarge2_mipsel.deb

      Size/MD5 checksum: 23822
22ad68863b79b4bdf5302141be22deb6

PowerPC architecture:

    http://security.debian.org/pool/updates/main/n/ncompress/ncompress_4.2.4-15sarge2_powerpc.deb

      Size/MD5 checksum: 22912
bafe112da108e4b66d64342b55ac4a47

IBM S/390 architecture:

    http://security.debian.org/pool/updates/main/n/ncompress/ncompress_4.2.4-15sarge2_s390.deb

      Size/MD5 checksum: 22958
a8f180c5182ab1040746e66dfa99a6e1

Sun Sparc architecture:

    http://security.debian.org/pool/updates/main/n/ncompress/ncompress_4.2.4-15sarge2_sparc.deb

      Size/MD5 checksum: 22532
db6aed643f82c6a0c0bdfded603d97be

These files will probably be moved into the stable distribution
on its next update.

For apt-get: deb http://security.debian.org/
stable/updates main
For dpkg-ftp: ftp://security.debian.org/debian-security
dists/stable/updates/main
Mailing list: debian-security-announce@lists.debian.org

Package info: `apt-cache show <pkg>’ and http://packages.debian.org/<pkg>

Gentoo Linux

Gentoo Linux Security Advisory GLSA 200608-15

http://security.gentoo.org/

Severity: High
Title: MIT Kerberos 5: Multiple local privilege escalation
vulnerabilities
Date: August 10, 2006
Bugs: #143240
ID: 200608-15

Synopsis

Some applications shipped with MIT Kerberos 5 are vulnerable to
local privilege escalation.

Background

MIT Kerberos 5 is a suite of applications that implement the
Kerberos network protocol. It is designed to provide strong
authentication for client/server applications by using secret-key
cryptography.

Affected packages

     Package             /  Vulnerable  /                   Unaffected

  1  app-crypt/mit-krb5     < 1.4.3-r3                     >= 1.4.3-r3

Description

Unchecked calls to setuid() in krshd and v4rcp, as well as
unchecked calls to seteuid() in kftpd and in ksu, have been found
in the MIT Kerberos 5 program suite and may lead to a local root
privilege escalation.

Impact

A local attacker could exploit this vulnerability to execute
arbitrary code with elevated privileges.

Workaround

There is no known workaround at this time.

Resolution

All MIT Kerberos 5 users should upgrade to the latest
version:

    # emerge --sync
    # emerge --ask --oneshot --verbose ">=app-crypt/mit-krb5-1.4.3-r3"

References

[ 1 ] CVE-2006-3083

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3083

[ 2 ] CVE-2006-3084

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3084

Availability

This GLSA and any updates to it are available for viewing at the
Gentoo Security Website:

http://security.gentoo.org/glsa/glsa-200608-15.xml

Concerns?

Security is a primary focus of Gentoo Linux and ensuring the
confidentiality and security of our users machines is of utmost
importance to us. Any security concerns should be addressed to
security@gentoo.org or
alternatively, you may file a bug at http://bugs.gentoo.org.

License

Copyright 2006 Gentoo Foundation, Inc; referenced text belongs
to its owner(s).

The contents of this document are licensed under the Creative
Commons – Attribution / Share Alike license.

http://creativecommons.org/licenses/by-sa/2.5

Gentoo Linux Security Advisory GLSA 200608-16

http://security.gentoo.org/

Severity: High
Title: Warzone 2100 Resurrection: Multiple buffer overflows
Date: August 10, 2006
Bugs: #142389
ID: 200608-16

Synopsis

Warzone 2100 Resurrection server and client are vulnerable to
separate buffer overflows, potentially allowing remote code
execution.

Background

Warzone 2100 Resurrection is a real-time strategy game,
developed by Pumpkin Studios and published by Eidos
Interactive.

Affected packages

     Package                     /  Vulnerable  /           Unaffected

  1  games-strategy/warzone2100      <= 2.0.3              Vulnerable!



     NOTE: Certain packages are still vulnerable. Users should migrate
           to another package if one is available or wait for the
           existing packages to be marked stable by their
           architecture maintainers.

Description

Luigi Auriemma discovered two buffer overflow vulnerabilities in
Warzone 2100 Resurrection. The recvTextMessage function of the
Warzone 2100 Resurrection server and the NETrecvFile function of
the client use insufficiently sized buffers.

Impact

A remote attacker could exploit these vulnerabilities by sending
specially crafted input to the server, or enticing a user to load a
specially crafted file from a malicious server. This may result in
the execution of arbitrary code with the permissions of the user
running Warzone 2100 Resurrection.

Workaround

There is no known workaround for this issue.

Resolution

Warzone 2100 Resurrection has been masked in Portage pending the
resolution of these issues. Warzone 2100 Resurrection players are
advised to uninstall the package until further notice:

    # emerge --ask --unmerge "games-strategy/warzone2100"

References

[ 1 ] CVE-2006-3849

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3849

Availability

This GLSA and any updates to it are available for viewing at the
Gentoo Security Website:

http://security.gentoo.org/glsa/glsa-200608-16.xml

Concerns?

Security is a primary focus of Gentoo Linux and ensuring the
confidentiality and security of our users machines is of utmost
importance to us. Any security concerns should be addressed to
security@gentoo.org or
alternatively, you may file a bug at http://bugs.gentoo.org.

License

Copyright 2006 Gentoo Foundation, Inc; referenced text belongs
to its owner(s).

The contents of this document are licensed under the Creative
Commons – Attribution / Share Alike license.

http://creativecommons.org/licenses/by-sa/2.5

Gentoo Linux Security Advisory GLSA 200608-17

http://security.gentoo.org/

Severity: Normal
Title: libwmf: Buffer overflow vulnerability
Date: August 10, 2006
Bugs: #139325
ID: 200608-17

Synopsis

libwmf is vulnerable to an integer overflow potentially
resulting in the execution of arbitrary code.

Background

libwmf is a library for reading and converting vector images in
Microsoft’s native Windows Metafile Format (WMF).

Affected packages

     Package            /  Vulnerable  /                    Unaffected

  1  media-libs/libwmf      < 0.2.8.4                       >= 0.2.8.4

Description

infamous41md discovered that libwmf fails to do proper bounds
checking on the MaxRecordSize variable in the WMF file header. This
could lead to an head-based buffer overflow.

Impact

By enticing a user to open a specially crafted WMF file, a
remote attacker could cause a heap-based buffer overflow and
execute arbitrary code with the permissions of the user running the
application that uses libwmf.

Workaround

There is no known workaround for this issue.

Resolution

All libwmf users should upgrade to the latest version:

    # emerge --sync
    # emerge --ask --oneshot --verbose ">=media-libs/libwmf-0.2.8.4"

References

[ 1 ] CVE-2006-3376

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3376

Availability

This GLSA and any updates to it are available for viewing at the
Gentoo Security Website:

http://security.gentoo.org/glsa/glsa-200608-17.xml

Concerns?

Security is a primary focus of Gentoo Linux and ensuring the
confidentiality and security of our users machines is of utmost
importance to us. Any security concerns should be addressed to
security@gentoo.org or
alternatively, you may file a bug at http://bugs.gentoo.org.

License

Copyright 2006 Gentoo Foundation, Inc; referenced text belongs
to its owner(s).

The contents of this document are licensed under the Creative
Commons – Attribution / Share Alike license.

http://creativecommons.org/licenses/by-sa/2.5

Gentoo Linux Security Advisory GLSA 200608-18

http://security.gentoo.org/

Severity: Normal
Title: Net::Server: Format string vulnerability
Date: August 10, 2006
Bugs: #142386
ID: 200608-18

Synopsis

A format string vulnerability has been reported in Net::Server
which can be exploited to cause a Denial of Service.

Background

Net::Server is an extensible, generic Perl server engine. It is
used by several Perl applications like Postgrey.

Affected packages

     Package              /  Vulnerable  /                  Unaffected

  1  dev-perl/net-server       < 0.88                          >= 0.88

Description

The log function of Net::Server does not handle format string
specifiers properly before they are sent to syslog.

Impact

By sending a specially crafted datastream to an application
using Net::Server, an attacker could cause a Denial of Service.

Workaround

There is no known workaround at this time.

Resolution

All Net::Server should upgrade to the latest version:

    # emerge --sync
    # emerge --ask --oneshot --verbose ">=dev-perl/net-server-0.88"

References

[ 1 ] CVE-2005-1127

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-1127

Availability

This GLSA and any updates to it are available for viewing at the
Gentoo Security Website:

http://security.gentoo.org/glsa/glsa-200608-18.xml

Concerns?

Security is a primary focus of Gentoo Linux and ensuring the
confidentiality and security of our users machines is of utmost
importance to us. Any security concerns should be addressed to
security@gentoo.org or
alternatively, you may file a bug at http://bugs.gentoo.org.

License

Copyright 2006 Gentoo Foundation, Inc; referenced text belongs
to its owner(s).

The contents of this document are licensed under the Creative
Commons – Attribution / Share Alike license.

http://creativecommons.org/licenses/by-sa/2.5

Mandriva Linux

Mandriva Linux Security Advisory MDKSA-2006:140
http://www.mandriva.com/security/

Package : ncompress
Date : August 9, 2006
Affected: 2006.0, Corporate 3.0

Problem Description:

Tavis Ormandy, of the Google Security Team, discovered that
ncompress, when uncompressing data, performed no bounds checking,
which could allow a specially crafted datastream to underflow a
.bss buffer with attacker controlled data.

Updated packages have been patched to correct this issue.

References:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1168

Updated Packages:

Mandriva Linux 2006.0:
a1e4fe7d74a1c8e043beb83baec7b34b
2006.0/RPMS/ncompress-4.2.4-28.1.20060mdk.i586.rpm
4b87e1b5ba659ce410067b09a75d669e
2006.0/SRPMS/ncompress-4.2.4-28.1.20060mdk.src.rpm

Mandriva Linux 2006.0/X86_64:
7ce7f3a618b9c3687936145e2563733a
x86_64/2006.0/RPMS/ncompress-4.2.4-28.1.20060mdk.x86_64.rpm
4b87e1b5ba659ce410067b09a75d669e
x86_64/2006.0/SRPMS/ncompress-4.2.4-28.1.20060mdk.src.rpm

Corporate 3.0:
30ecc6154bc75783218b82961288b085
corporate/3.0/RPMS/ncompress-4.2.4-28.1.C30mdk.i586.rpm
bda272f060534aa25bebf22ed852f647
corporate/3.0/SRPMS/ncompress-4.2.4-28.1.C30mdk.src.rpm

Corporate 3.0/X86_64:
c9340a5c9bea0316f31fc61f6916f192
x86_64/corporate/3.0/RPMS/ncompress-4.2.4-28.1.C30mdk.x86_64.rpm

bda272f060534aa25bebf22ed852f647
x86_64/corporate/3.0/SRPMS/ncompress-4.2.4-28.1.C30mdk.src.rpm

To upgrade automatically use MandrivaUpdate or urpmi. The
verification of md5 checksums and GPG signatures is performed
automatically for you.

All packages are signed by Mandriva for security. You can obtain
the GPG public key of the Mandriva Security Team by executing:

gpg –recv-keys –keyserver pgp.mit.edu 0x22458A98

You can view other update advisories for Mandriva Linux at:

http://www.mandriva.com/security/advisories

If you want to report vulnerabilities, please contact

security_(at)_mandriva.com

Type Bits/KeyID Date User ID
pub 1024D/22458A98 2000-07-10 Mandriva Security Team
<security*mandriva.com>

Red Hat Linux

Red Hat Security Advisory

Synopsis: Low: elfutils security update
Advisory ID: RHSA-2006:0354-01
Advisory URL: https://rhn.redhat.com/errata/RHSA-2006-0354.html

Issue date: 2006-08-10
Updated on: 2006-08-10
Product: Red Hat Enterprise Linux
CVE Names: CVE-2005-1704

1. Summary:

Updated elfutils packages that address a minor security issue
and various other issues are now available.

This update has been rated as having low security impact by the
Red Hat Security Response Team.

2. Relevant releases/architectures:

Red Hat Enterprise Linux AS version 4 – i386, ia64, ppc, s390,
s390x, x86_64
Red Hat Enterprise Linux Desktop version 4 – i386, x86_64
Red Hat Enterprise Linux ES version 4 – i386, ia64, x86_64
Red Hat Enterprise Linux WS version 4 – i386, ia64, x86_64

3. Problem description:

The elfutils packages contain a number of utility programs and
libraries related to the creation and maintenance of executable
code.

The elfutils packages that originally shipped with Red Hat
Enterprise Linux 4 were GPL-licensed versions which lacked some
functionality. Previous updates provided fully functional versions
of elfutils only under the OSL license. This update provides a
fully functional, GPL-licensed version of elfutils.

In the OSL-licensed elfutils versions provided in previous
updates, some tools could sometimes crash when given corrupted
input files. (CVE-2005-1704)

Also, when the eu-strip tool was used to create separate
debuginfo files from relocatable objects such as kernel modules
(.ko), the resulting debuginfo files (.ko.debug) were sometimes
corrupted. Both of these problems are fixed in the new version.

Users of elfutils should upgrade to these updated packages,
which resolve these issues.

4. Solution:

Before applying this update, make sure all previously released
errata relevant to your system have been applied.

To update all RPMs for your particular architecture, run:

rpm -Fvh [filenames]

where [filenames] is a list of the RPMs you wish to upgrade.
Only those RPMs which are currently installed will be updated.
Those RPMs which are not installed but included in the list will
not be updated. Note that you can also use wildcards (*.rpm) if
your current directory only contains the desired RPMs.

Please note that this update is also available via Red Hat
Network. Many people find this an easier way to apply updates. To
use Red Hat Network, launch the Red Hat Update Agent with the
following command:

up2date

This will start an interactive process that will result in the
appropriate RPMs being upgraded on your system.

If up2date fails to connect to Red Hat Network due to SSL
Certificate Errors, you need to install a version of the up2date
client with an updated certificate. The latest version of up2date
is available from the Red Hat FTP site and may also be downloaded
directly from the RHN website:

https://rhn.redhat.com/help/latest-up2date.pxt

5. Bug IDs fixed (http://bugzilla.redhat.com/):

156342 – eu-strip mangles separate debuginfo with relocation
sections 159888 – CVE-2005-1704 Integer overflow in libelf 186992 –
Elfutils license upgrade

6. RPMs required:

Red Hat Enterprise Linux AS version 4:

SRPMS:

ftp://updates.redhat.com/enterprise/4AS/en/os/SRPMS/elfutils-0.97.1-3.src.rpm

be92076aa98203d3d1a31764e8c55fe8
elfutils-0.97.1-3.src.rpm

i386:
156158f3b94caa1b50a50bf879c17eb7 elfutils-0.97.1-3.i386.rpm
a4e9411f61be01871bbeb43cf9e48b23
elfutils-debuginfo-0.97.1-3.i386.rpm
597fab4861e21558ee5241391d94c29e
elfutils-devel-0.97.1-3.i386.rpm
68118aabeacdefcb65fb5134908e2ed0
elfutils-libelf-0.97.1-3.i386.rpm
8d395168cffc2d3d9666b6741208115a
elfutils-libelf-devel-0.97.1-3.i386.rpm

ia64:
156158f3b94caa1b50a50bf879c17eb7 elfutils-0.97.1-3.i386.rpm
75c6bb5c1105e5182e9bb5f60039a875 elfutils-0.97.1-3.ia64.rpm
a4e9411f61be01871bbeb43cf9e48b23
elfutils-debuginfo-0.97.1-3.i386.rpm
00ba981a8897e990149319d38b202198
elfutils-debuginfo-0.97.1-3.ia64.rpm
5ab55fb1b7b1fdc890beee2246ae000e
elfutils-devel-0.97.1-3.ia64.rpm
68118aabeacdefcb65fb5134908e2ed0
elfutils-libelf-0.97.1-3.i386.rpm
3452f9dc057e0b921cef882189118c61
elfutils-libelf-0.97.1-3.ia64.rpm
dfb803971bd78e169c3f22cb903daae9
elfutils-libelf-devel-0.97.1-3.ia64.rpm

ppc:
2680998fa90eb10b82018054d7523d95 elfutils-0.97.1-3.ppc.rpm
5bd8535f6dbba9548a9263349d3f78e3
elfutils-0.97.1-3.ppc64.rpm
8bf644dd1a625367539033ee3d42a576
elfutils-debuginfo-0.97.1-3.ppc.rpm
d00483b7efb0503e15d4ad239b76301c
elfutils-debuginfo-0.97.1-3.ppc64.rpm
c068b099c58942fc09b56a4bf63a4836
elfutils-devel-0.97.1-3.ppc.rpm
37c1b4884a178dcc69e58ecdbd4857ee
elfutils-libelf-0.97.1-3.ppc.rpm
91aaa5da12acc4ea47504c8e6760ee54
elfutils-libelf-0.97.1-3.ppc64.rpm
06a68c04286bf1a1167ffcaf9fe83585
elfutils-libelf-devel-0.97.1-3.ppc.rpm

s390:
77b2c7b6229c5a3f92856dbe75cbfab8 elfutils-0.97.1-3.s390.rpm
5d68e76fbe83443f5b187302ad47d787
elfutils-debuginfo-0.97.1-3.s390.rpm
86683249da3f5f1108ab2d1136fd3452
elfutils-devel-0.97.1-3.s390.rpm
d6e3f9ca8ce95cb5328cfff6bd2d5f45
elfutils-libelf-0.97.1-3.s390.rpm
0b24693676bf6e948de7172369aba13e
elfutils-libelf-devel-0.97.1-3.s390.rpm

s390x:
77b2c7b6229c5a3f92856dbe75cbfab8 elfutils-0.97.1-3.s390.rpm
6c65023b352b3e1c05667fe3e849e893
elfutils-0.97.1-3.s390x.rpm
5d68e76fbe83443f5b187302ad47d787
elfutils-debuginfo-0.97.1-3.s390.rpm
755c49447187e1a02106d954d8d25ae7
elfutils-debuginfo-0.97.1-3.s390x.rpm
2c3b1fb515c57f00417176242843bce6
elfutils-devel-0.97.1-3.s390x.rpm
d6e3f9ca8ce95cb5328cfff6bd2d5f45
elfutils-libelf-0.97.1-3.s390.rpm
cb42d361bfa5374f64623ed8a1d2c70c
elfutils-libelf-0.97.1-3.s390x.rpm
404801004e0dc22196bdb80acfa37bc1
elfutils-libelf-devel-0.97.1-3.s390x.rpm

x86_64:
156158f3b94caa1b50a50bf879c17eb7 elfutils-0.97.1-3.i386.rpm
921094a1e8f8febbacc1b24ce733fa61
elfutils-0.97.1-3.x86_64.rpm
a4e9411f61be01871bbeb43cf9e48b23
elfutils-debuginfo-0.97.1-3.i386.rpm
fd0737cf83da138e82db51ffc8fb3ffb
elfutils-debuginfo-0.97.1-3.x86_64.rpm
3f54f71891a4f96530f93c815e8169f7
elfutils-devel-0.97.1-3.x86_64.rpm
68118aabeacdefcb65fb5134908e2ed0
elfutils-libelf-0.97.1-3.i386.rpm
fd37a6cb30a57eb5a5e483cfec7506ba
elfutils-libelf-0.97.1-3.x86_64.rpm
571be987e0f3726db8309bdc99d00941
elfutils-libelf-devel-0.97.1-3.x86_64.rpm

Red Hat Enterprise Linux Desktop version 4:

SRPMS:

ftp://updates.redhat.com/enterprise/4Desktop/en/os/SRPMS/elfutils-0.97.1-3.src.rpm

be92076aa98203d3d1a31764e8c55fe8
elfutils-0.97.1-3.src.rpm

i386:
156158f3b94caa1b50a50bf879c17eb7 elfutils-0.97.1-3.i386.rpm
a4e9411f61be01871bbeb43cf9e48b23
elfutils-debuginfo-0.97.1-3.i386.rpm
597fab4861e21558ee5241391d94c29e
elfutils-devel-0.97.1-3.i386.rpm
68118aabeacdefcb65fb5134908e2ed0
elfutils-libelf-0.97.1-3.i386.rpm
8d395168cffc2d3d9666b6741208115a
elfutils-libelf-devel-0.97.1-3.i386.rpm

x86_64:
156158f3b94caa1b50a50bf879c17eb7 elfutils-0.97.1-3.i386.rpm
921094a1e8f8febbacc1b24ce733fa61
elfutils-0.97.1-3.x86_64.rpm
a4e9411f61be01871bbeb43cf9e48b23
elfutils-debuginfo-0.97.1-3.i386.rpm
fd0737cf83da138e82db51ffc8fb3ffb
elfutils-debuginfo-0.97.1-3.x86_64.rpm
3f54f71891a4f96530f93c815e8169f7
elfutils-devel-0.97.1-3.x86_64.rpm
68118aabeacdefcb65fb5134908e2ed0
elfutils-libelf-0.97.1-3.i386.rpm
fd37a6cb30a57eb5a5e483cfec7506ba
elfutils-libelf-0.97.1-3.x86_64.rpm
571be987e0f3726db8309bdc99d00941
elfutils-libelf-devel-0.97.1-3.x86_64.rpm

Red Hat Enterprise Linux ES version 4:

SRPMS:

ftp://updates.redhat.com/enterprise/4ES/en/os/SRPMS/elfutils-0.97.1-3.src.rpm

be92076aa98203d3d1a31764e8c55fe8
elfutils-0.97.1-3.src.rpm

i386:
156158f3b94caa1b50a50bf879c17eb7 elfutils-0.97.1-3.i386.rpm
a4e9411f61be01871bbeb43cf9e48b23
elfutils-debuginfo-0.97.1-3.i386.rpm
597fab4861e21558ee5241391d94c29e
elfutils-devel-0.97.1-3.i386.rpm
68118aabeacdefcb65fb5134908e2ed0
elfutils-libelf-0.97.1-3.i386.rpm
8d395168cffc2d3d9666b6741208115a
elfutils-libelf-devel-0.97.1-3.i386.rpm

ia64:
156158f3b94caa1b50a50bf879c17eb7 elfutils-0.97.1-3.i386.rpm
75c6bb5c1105e5182e9bb5f60039a875 elfutils-0.97.1-3.ia64.rpm
a4e9411f61be01871bbeb43cf9e48b23
elfutils-debuginfo-0.97.1-3.i386.rpm
00ba981a8897e990149319d38b202198
elfutils-debuginfo-0.97.1-3.ia64.rpm
5ab55fb1b7b1fdc890beee2246ae000e
elfutils-devel-0.97.1-3.ia64.rpm
68118aabeacdefcb65fb5134908e2ed0
elfutils-libelf-0.97.1-3.i386.rpm
3452f9dc057e0b921cef882189118c61
elfutils-libelf-0.97.1-3.ia64.rpm
dfb803971bd78e169c3f22cb903daae9
elfutils-libelf-devel-0.97.1-3.ia64.rpm

x86_64:
156158f3b94caa1b50a50bf879c17eb7 elfutils-0.97.1-3.i386.rpm
921094a1e8f8febbacc1b24ce733fa61
elfutils-0.97.1-3.x86_64.rpm
a4e9411f61be01871bbeb43cf9e48b23
elfutils-debuginfo-0.97.1-3.i386.rpm
fd0737cf83da138e82db51ffc8fb3ffb
elfutils-debuginfo-0.97.1-3.x86_64.rpm
3f54f71891a4f96530f93c815e8169f7
elfutils-devel-0.97.1-3.x86_64.rpm
68118aabeacdefcb65fb5134908e2ed0
elfutils-libelf-0.97.1-3.i386.rpm
fd37a6cb30a57eb5a5e483cfec7506ba
elfutils-libelf-0.97.1-3.x86_64.rpm
571be987e0f3726db8309bdc99d00941
elfutils-libelf-devel-0.97.1-3.x86_64.rpm

Red Hat Enterprise Linux WS version 4:

SRPMS:

ftp://updates.redhat.com/enterprise/4WS/en/os/SRPMS/elfutils-0.97.1-3.src.rpm

be92076aa98203d3d1a31764e8c55fe8
elfutils-0.97.1-3.src.rpm

i386:
156158f3b94caa1b50a50bf879c17eb7 elfutils-0.97.1-3.i386.rpm
a4e9411f61be01871bbeb43cf9e48b23
elfutils-debuginfo-0.97.1-3.i386.rpm
597fab4861e21558ee5241391d94c29e
elfutils-devel-0.97.1-3.i386.rpm
68118aabeacdefcb65fb5134908e2ed0
elfutils-libelf-0.97.1-3.i386.rpm
8d395168cffc2d3d9666b6741208115a
elfutils-libelf-devel-0.97.1-3.i386.rpm

ia64:
156158f3b94caa1b50a50bf879c17eb7 elfutils-0.97.1-3.i386.rpm
75c6bb5c1105e5182e9bb5f60039a875 elfutils-0.97.1-3.ia64.rpm
a4e9411f61be01871bbeb43cf9e48b23
elfutils-debuginfo-0.97.1-3.i386.rpm
00ba981a8897e990149319d38b202198
elfutils-debuginfo-0.97.1-3.ia64.rpm
5ab55fb1b7b1fdc890beee2246ae000e
elfutils-devel-0.97.1-3.ia64.rpm
68118aabeacdefcb65fb5134908e2ed0
elfutils-libelf-0.97.1-3.i386.rpm
3452f9dc057e0b921cef882189118c61
elfutils-libelf-0.97.1-3.ia64.rpm
dfb803971bd78e169c3f22cb903daae9
elfutils-libelf-devel-0.97.1-3.ia64.rpm

x86_64:
156158f3b94caa1b50a50bf879c17eb7 elfutils-0.97.1-3.i386.rpm
921094a1e8f8febbacc1b24ce733fa61
elfutils-0.97.1-3.x86_64.rpm
a4e9411f61be01871bbeb43cf9e48b23
elfutils-debuginfo-0.97.1-3.i386.rpm
fd0737cf83da138e82db51ffc8fb3ffb
elfutils-debuginfo-0.97.1-3.x86_64.rpm
3f54f71891a4f96530f93c815e8169f7
elfutils-devel-0.97.1-3.x86_64.rpm
68118aabeacdefcb65fb5134908e2ed0
elfutils-libelf-0.97.1-3.i386.rpm
fd37a6cb30a57eb5a5e483cfec7506ba
elfutils-libelf-0.97.1-3.x86_64.rpm
571be987e0f3726db8309bdc99d00941
elfutils-libelf-devel-0.97.1-3.x86_64.rpm

These packages are GPG signed by Red Hat for security. Our key
and details on how to verify the signature are available from
https://www.redhat.com/security/team/key/#package

7. References:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-1704

http://www.redhat.com/security/updates/classification/#low

8. Contact:

The Red Hat security contact is <secalert@redhat.com>. More
contact details at https://www.redhat.com/security/team/contact/

Copyright 2006 Red Hat, Inc.

Red Hat Security Advisory

Synopsis: Low: ntp security update
Advisory ID: RHSA-2006:0393-01
Advisory URL: https://rhn.redhat.com/errata/RHSA-2006-0393.html

Issue date: 2006-08-10
Updated on: 2006-08-10
Product: Red Hat Enterprise Linux
Keywords: ntp
CVE Names: CVE-2005-2496

1. Summary:

Updated ntp packages that fix several bugs are now
available.

This update has been rated as having low security impact by the
Red Hat Security Response Team.

2. Relevant releases/architectures:

Red Hat Enterprise Linux AS version 4 – i386, ia64, ppc, s390,
s390x, x86_64
Red Hat Enterprise Linux Desktop version 4 – i386, x86_64
Red Hat Enterprise Linux ES version 4 – i386, ia64, x86_64
Red Hat Enterprise Linux WS version 4 – i386, ia64, x86_64

3. Problem description:

The Network Time Protocol (NTP) is used to synchronize a
computer’s time with a reference time source.

The NTP daemon (ntpd), when run with the -u option and using a
string to specify the group, uses the group ID of the user instead
of the group, which causes ntpd to run with different privileges
than intended. (CVE-2005-2496)

The following issues have also been addressed in this
update:
– – The init script had several problems
– – The script executed on upgrade could fail
– – The man page for ntpd indicated the wrong option for specifying
a chroot directory
– – The ntp daemon could crash with the message “Exiting: No more
memory!”
– – There is a new option for syncing the hardware clock after a
successful run of ntpdate

Users of ntp should upgrade to these updated packages, which
resolve these issues.

4. Solution:

Before applying this update, make sure all previously released
errata relevant to your system have been applied.

This update is available via Red Hat Network. To use Red Hat
Network, launch the Red Hat Update Agent with the following
command:

up2date

This will start an interactive process that will result in the
appropriate RPMs being upgraded on your system.

5. Bug IDs fixed (http://bugzilla.redhat.com/):

142926 – multiple problems with ntpd init.d script
149652 – CVE-2005-2496 improper group set when running ntpd
166773 – ntp %post scriptlet fails on upgrade, if ntpd is
disabled.
177052 – ntpd dies with the error “Exiting: out of memory!”
187003 – ntpdate not invoked when supplying the -x option

6. RPMs required:

Red Hat Enterprise Linux AS version 4:

SRPMS:

ftp://updates.redhat.com/enterprise/4AS/en/os/SRPMS/ntp-4.2.0.a.20040617-4.EL4.1.src.rpm

dff68ba8482fdd88684731e41e74dde1
ntp-4.2.0.a.20040617-4.EL4.1.src.rpm

i386:
aa4a319b232a09042e240c79f1dbb8b9
ntp-4.2.0.a.20040617-4.EL4.1.i386.rpm
d09b18e7e38dab6d7bc84a90030a60a2
ntp-debuginfo-4.2.0.a.20040617-4.EL4.1.i386.rpm

ia64:
76ef9ac685f13b5481ef4db219141c5d
ntp-4.2.0.a.20040617-4.EL4.1.ia64.rpm
143e832e4208863a62cac77378ed991c
ntp-debuginfo-4.2.0.a.20040617-4.EL4.1.ia64.rpm

ppc:
7ec8d69a2dc475c766672c6c1bc021f0
ntp-4.2.0.a.20040617-4.EL4.1.ppc.rpm
fdbba961648d4583e3d1992bf5d0f1a3
ntp-debuginfo-4.2.0.a.20040617-4.EL4.1.ppc.rpm

s390:
bf8c2f2493a1f5159defa9f4031a5932
ntp-4.2.0.a.20040617-4.EL4.1.s390.rpm
af5c21cc6f67a50ae239412faddab1b5
ntp-debuginfo-4.2.0.a.20040617-4.EL4.1.s390.rpm

s390x:
002a6130739bd420e49387531339197c
ntp-4.2.0.a.20040617-4.EL4.1.s390x.rpm
1a3ae9557dea58b9bfd736c268bb7f31
ntp-debuginfo-4.2.0.a.20040617-4.EL4.1.s390x.rpm

x86_64:
b8dba251850ba2ae65cd0a26f3c30513
ntp-4.2.0.a.20040617-4.EL4.1.x86_64.rpm
0f466011249fa7f443e940d51adc9769
ntp-debuginfo-4.2.0.a.20040617-4.EL4.1.x86_64.rpm

Red Hat Enterprise Linux Desktop version 4:

SRPMS:

ftp://updates.redhat.com/enterprise/4Desktop/en/os/SRPMS/ntp-4.2.0.a.20040617-4.EL4.1.src.rpm

dff68ba8482fdd88684731e41e74dde1
ntp-4.2.0.a.20040617-4.EL4.1.src.rpm

i386:
aa4a319b232a09042e240c79f1dbb8b9
ntp-4.2.0.a.20040617-4.EL4.1.i386.rpm
d09b18e7e38dab6d7bc84a90030a60a2
ntp-debuginfo-4.2.0.a.20040617-4.EL4.1.i386.rpm

x86_64:
b8dba251850ba2ae65cd0a26f3c30513
ntp-4.2.0.a.20040617-4.EL4.1.x86_64.rpm
0f466011249fa7f443e940d51adc9769
ntp-debuginfo-4.2.0.a.20040617-4.EL4.1.x86_64.rpm

Red Hat Enterprise Linux ES version 4:

SRPMS:

ftp://updates.redhat.com/enterprise/4ES/en/os/SRPMS/ntp-4.2.0.a.20040617-4.EL4.1.src.rpm

dff68ba8482fdd88684731e41e74dde1
ntp-4.2.0.a.20040617-4.EL4.1.src.rpm

i386:
aa4a319b232a09042e240c79f1dbb8b9
ntp-4.2.0.a.20040617-4.EL4.1.i386.rpm
d09b18e7e38dab6d7bc84a90030a60a2
ntp-debuginfo-4.2.0.a.20040617-4.EL4.1.i386.rpm

ia64:
76ef9ac685f13b5481ef4db219141c5d
ntp-4.2.0.a.20040617-4.EL4.1.ia64.rpm
143e832e4208863a62cac77378ed991c
ntp-debuginfo-4.2.0.a.20040617-4.EL4.1.ia64.rpm

x86_64:
b8dba251850ba2ae65cd0a26f3c30513
ntp-4.2.0.a.20040617-4.EL4.1.x86_64.rpm
0f466011249fa7f443e940d51adc9769
ntp-debuginfo-4.2.0.a.20040617-4.EL4.1.x86_64.rpm

Red Hat Enterprise Linux WS version 4:

SRPMS:

ftp://updates.redhat.com/enterprise/4WS/en/os/SRPMS/ntp-4.2.0.a.20040617-4.EL4.1.src.rpm

dff68ba8482fdd88684731e41e74dde1
ntp-4.2.0.a.20040617-4.EL4.1.src.rpm

i386:
aa4a319b232a09042e240c79f1dbb8b9
ntp-4.2.0.a.20040617-4.EL4.1.i386.rpm
d09b18e7e38dab6d7bc84a90030a60a2
ntp-debuginfo-4.2.0.a.20040617-4.EL4.1.i386.rpm

ia64:
76ef9ac685f13b5481ef4db219141c5d
ntp-4.2.0.a.20040617-4.EL4.1.ia64.rpm
143e832e4208863a62cac77378ed991c
ntp-debuginfo-4.2.0.a.20040617-4.EL4.1.ia64.rpm

x86_64:
b8dba251850ba2ae65cd0a26f3c30513
ntp-4.2.0.a.20040617-4.EL4.1.x86_64.rpm
0f466011249fa7f443e940d51adc9769
ntp-debuginfo-4.2.0.a.20040617-4.EL4.1.x86_64.rpm

These packages are GPG signed by Red Hat for security. Our key
and details on how to verify the signature are available from
https://www.redhat.com/security/team/key/#package

7. References:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2496

http://www.redhat.com/security/updates/classification/#low

8. Contact:

The Red Hat security contact is <secalert@redhat.com>. More
contact details at https://www.redhat.com/security/team/contact/

Copyright 2006 Red Hat, Inc.

Red Hat Security Advisory

Synopsis: Updated kernel packages available for Red Hat
Enterprise Linux 4 Update 4
Advisory ID: RHSA-2006:0575-01
Advisory URL: https://rhn.redhat.com/errata/RHSA-2006-0575.html

Issue date: 2006-08-10
Updated on: 2006-08-10
Product: Red Hat Enterprise Linux
Keywords: nahant kernel update
Obsoletes: RHSA-2006:0574
CVE Names: CVE-2005-3055 CVE-2005-3623 CVE-2006-0038 CVE-2006-0456
CVE-2006-0457 CVE-2006-0742 CVE-2006-1052 CVE-2006-1056
CVE-2006-1242 CVE-2006-1343 CVE-2006-1857 CVE-2006-2275
CVE-2006-2446 CVE-2006-2448 CVE-2006-2934

1. Summary:

Updated kernel packages are now available as part of ongoing
support and maintenance of Red Hat Enterprise Linux version 4.

This update has been rated as having important security impact
by the Red Hat Security Response Team.

The Linux kernel handles the basic functions of the operating
system.

This is the fourth regular update to Red Hat Enterprise Linux
4.

2. Relevant releases/architectures:

Red Hat Enterprise Linux AS version 4 – i386, ia64, noarch, ppc,
s390, s390x, x86_64
Red Hat Enterprise Linux Desktop version 4 – i386, noarch,
x86_64
Red Hat Enterprise Linux ES version 4 – i386, ia64, noarch,
x86_64
Red Hat Enterprise Linux WS version 4 – i386, ia64, noarch,
x86_64

3. Problem description:

New features introduced in this update include:

  • Device Mapper mirroring support
  • IDE diskdump support
  • x86, AMD64 and Intel EM64T: Multi-core scheduler support
    enhancements
  • Itanium: perfmon support for Montecito
  • much improved support for IBM x460
  • AMD PowerNow! patches to support Opteron Rev G
  • Vmalloc support > 64MB

The following device drivers have been upgraded to new
versions:

ipmi: 33.11 to 33.13
ib_mthca: 0.06 to 0.08
bnx2: 1.4.30 to 1.4.38
bonding: 2.6.1 to 2.6.3
e100: 3.4.8-k2-NAPI to 3.5.10-k2-NAPI
e1000: 6.1.16-k3-NAPI to 7.0.33-k2-NAPI
sky2: 0.13 to 1.1
tg3: 3.43-rh to 3.52-rh
ipw2100: 1.1.0 to git-1.1.4
ipw2200: 1.0.0 to git-1.0.10
3w-9xxx: 2.26.02.001 to 2.26.04.010
ips: 7.10.18 to 7.12.02
iscsi_sfnet: 4:0.1.11-2 to 4:0.1.11-3
lpfc: 0:8.0.16.18 to 0:8.0.16.27
megaraid_sas: 00.00.02.00 to 00.00.02.03-RH1 qla2xxx: 8.01.02-d4 to
8.01.04-d7
qla6312: 8.01.02-d4 to 8.01.04-d7
sata_promise: 1.03 to 1.04
sata_vsc: 1.1 to 1.2
ibmvscsic: 1.5.5 to 1.5.6
ipr: 2.0.11.1 to 2.0.11.2

Added drivers:

dcdbas: 5.6.0-2
sata_mv: 0.6
sata_qstor: 0.05
sata_uli: 0.5
skge: 1.1
stex: 2.9.0.13
pdc_adma: 0.03

This update includes fixes for the security issues:

  • a flaw in the USB devio handling of device removal that allowed
    a local user to cause a denial of service (crash) (CVE-2005-3055,
    moderate)
  • a flaw in the ACL handling of nfsd that allowed a remote user
    to bypass ACLs for readonly mounted NFS file systems
    (CVE-2005-3623, moderate)
  • a flaw in the netfilter handling that allowed a local user with
    CAP_NET_ADMIN rights to cause a buffer overflow (CVE-2006-0038,
    low)
  • a flaw in the IBM S/390 and IBM zSeries strnlen_user() function
    that allowed a local user to cause a denial of service (crash) or
    to retrieve random kernel data (CVE-2006-0456, important)
  • a flaw in the keyctl functions that allowed a local user to
    cause a denial of service (crash) or to read sensitive kernel
    memory (CVE-2006-0457, important)
  • a flaw in unaligned accesses handling on Itanium processors
    that allowed a local user to cause a denial of service (crash)
    (CVE-2006-0742, important)
  • a flaw in SELinux ptrace logic that allowed a local user with
    ptrace permissions to change the tracer SID to a SID of another
    process (CVE-2006-1052, moderate)
  • an info leak on AMD-based x86 and x86_64 systems that allowed a
    local user to retrieve the floating point exception state of a
    process run by a different user (CVE-2006-1056, important)
  • a flaw in IPv4 packet output handling that allowed a remote
    user to bypass the zero IP ID countermeasure on systems with a
    disabled firewall (CVE-2006-1242, low)
  • a minor info leak in socket option handling in the network code
    (CVE-2006-1343, low)
  • a flaw in the HB-ACK chunk handling of SCTP that allowed a
    remote user to cause a denial of service (crash) (CVE-2006-1857,
    moderate)
  • a flaw in the SCTP implementation that allowed a remote user to
    cause a denial of service (deadlock) (CVE-2006-2275, moderate)
  • a flaw in the socket buffer handling that allowed a remote user
    to cause a denial of service (panic) (CVE-2006-2446,
    important)
  • a flaw in the signal handling access checking on PowerPC that
    allowed a local user to cause a denial of service (crash) or read
    arbitrary kernel memory on 64-bit systems (CVE-2006-2448,
    important)
  • a flaw in the netfilter SCTP module when receiving a chunkless
    packet that allowed a remote user to cause a denial of service
    (crash) (CVE-2006-2934, important)

There were several bug fixes in various parts of the kernel. The
ongoing effort to resolve these problems has resulted in a marked
improvement in the reliability and scalability of Red Hat
Enterprise Linux 4.

4. Solution:

Before applying this update, make sure that all
previously-released errata relevant to your system have been
applied. Use Red Hat Network to download and update your packages.
To launch the Red Hat Update Agent, use the following command:

up2date

For information on how to install packages manually, refer to
the following Web page for the System Administration or
Customization guide specific to your system:

    http://www.redhat.com/docs/manuals/enterprise/

5. Bug IDs fixed (http://bugzilla.redhat.com/):

141342 – install hangs on Dell PowerVault 745 with SATA drives
(sata_vsc module)
149933 – fix missing wakeup in ipc/sem
151981 – udevd fails to create /dev files after misc_register
154984 – Sound Blaster Audigy 2 Value audio does not work
155926 – [RHEL4-U2][Diskdump] OS_INIT dump function is broken
156145 – kernel may oops if more than 4k worth of string data
returned in /proc/devices
156663 – Can’t install from SATA CD/DVD drive
157404 – Loss of SATA ICH device hangs RAID1
157902 – [PATCH] ata_piix fails on some ICH7 hardware
158989 – snd-nm256 module hangs Dell Latitude CSx
165113 – kernel build broken when 4KSTACKS disabled
165245 – EHCI Host driver violates USB2.0 Specification leading to
device failures
166541 – mdadm –grow infinite resync
168285 – No (useful) logging of parameters to execve
169260 – CVE-2005-3055 async usb devio oops
169456 – COMM_LOST problem with SCTP stream socket
169600 – SMP kernel crash when use as LVS router
170143 – rm command hangs when removing a symlink on ext2 loop
filesystem
170434 – Deadlock in fc_target_unblock while shutting down the
system
171304 – sata_promise: missing PCI ID for SATA300 TX4
171645 – Oops kernel NULL pointer
171740 – ipw2100 modules crashes and restarts whenever in use
172199 – Spurious keyboard repeats and clock is fast
172696 – kernel panic after a few hours/days of operation with
pulse
173193 – vmalloc limited to 64Mb
173489 – kernel panics when rebooting
173843 – Kernel panic with this comment: <4>VFS: Busy inodes
after unmount. Self-destruct in 5 seconds. Have a nice day…
173895 – Kernel panic on install on 64BG EM64T
174019 – TG3 driver crashes with BCM4704C chipset with heavy
traffic
174155 – Documentation mismatch
174470 – RFE: tg3 support for Broadcom 5751 PCIe
174639 – System hangs with kernel panic when using current 3ware
drivers
174671 – [PATCH] bonding: don’t drop non-VLAN traffic
175616 – [RHEL 4 U2] kernel panic on EM64T with long cmdline
args
175763 – misleading overcommit_memory reference in
Documentation/filesystems/proc.txt
175778 – Accessing automounted directories can cause a process to
hang forever
175854 – [RHEL4-U3] Checking dump partition fails when a swap
partition whose size is less than memory size is configured for
diskdump.
176107 – sata-nv crashes on multiple SATA disks
176173 – The hash.h hash_long function, when used on a 64 bit
mac

Get the Free Newsletter!

Subscribe to Developer Insider for top news, trends, & analysis

Must Read

LinuxToday is a trusted, contributor-driven news resource supporting all types of Linux users. Our thriving international community engages with us through social media and frequent content contributions aimed at solving problems ranging from personal computing to enterprise-level IT operations. LinuxToday serves as a home for a community that struggles to find comparable information elsewhere on the web.

Our Brands

Advertiser Disclosure: Some of the products that appear on this site are from companies from which TechnologyAdvice receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. TechnologyAdvice does not include all companies or all types of products available in the marketplace.