---

Home Security

Advisories: May 2, 2005

By

Conectiva Linux

CONECTIVA LINUX SECURITY ANNOUNCEMENT

PACKAGE : kernel
SUMMARY : Kernel update
DATE : 2005-05-02 17:48:00
ID : CLA-2005:952
RELEVANT RELEASES : 10

DESCRIPTION
The Linux kernel is responsible for handling the basic functions of
the GNU/Linux operating system.

The following security vulnerabilities are being fixed via this
update:

  1. Integer overflow (CAN-2005-0736)[1]
    Georgi Guninski reported[2] an integer overflow in sys_epoll_wait
    in eventpoll.c which allows local users to overwrite kernel memory
    via a large number of events.
  2. PPP DoS (CAN-2005-0384)[3]
    Ben Martel and Stephen Blackheath have discovered a
    denial-of-service attack where a pppd client can cause a DoS
    condition on the server.
  3. ISO9660 range checking flaws (CAN-2005-0815)[4]
    Michal Zalewski reported[5] multiple “range checking flaws” in the
    ISO9660 filesystem handler which may allow attackers to cause a
    denial of service or corrupt memory via a crafted filesystem.
  4. Bluetooth vulnerability (CAN-2005-0750)[6]
    The suresec team reported[7] a vulnerability in the
    bluez_sock_create function in the Bluetooth stack which allows
    allows local users to gain privileges via a socket or socketpair
    call with a negative protocol value.
  5. Information leak in the ext2 filesystem (CAN-2005-0400)[8]
    The Arkoon Security Team reported[9] an information leak
    vulnerability in the ext2_make_empty function call. It does not
    properly initialize memory when creating a block for a new
    directory entry, which allows local users to obtain potentially
    sensitive information by reading the block.
  6. Local DoS (CAN-2005-0749)[10]
    The load_elf_library function in the Linux kernel allows local
    users to cause a denial of service condition via a crafted ELF
    library or executable, which causes a free of an invalid
    pointer.

The following additional fixes have also been made:

  • the NVidia driver has been updated to version 7174
  • the slmodem driver received a patch[12] to work with kernel
    versions 2.6.10 and higher

SOLUTION
It is recommended that all Conectiva Linux users perform the
upgrade.

IMPORTANT: exercise caution and preparation when upgrading the
kernel, since it will require a reboot after the new packages are
installed. More detailed instructions are available in Portuguese
at our Q&A page[11].

REFERENCES
1.http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0736

2.http://lists.grok.org.uk/pipermail/full-disclosure/2005-March/032314.html

3.http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0384

4.http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0815

5.http://marc.theaimsgroup.com/?l=bugtraq&m=111110067304783&w=2

6.http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0750

7.http://marc.theaimsgroup.com/?l=bugtraq&m=111204562102633&w=2

8.http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0400

9.http://arkoon.net/advisories/ext2-make-empty-leak.txt

10.http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0749

11.http://www.conectiva.com.br/suporte/pr/sistema.kernel.atualizar.html

12.http://www.datiku.com/documents/2610_migration.php

UPDATED PACKAGES

ftp://atualizacoes.conectiva.com.br/10/SRPMS/kernel26-2.6.11-72032U10_17cl.src.rpm


ftp://atualizacoes.conectiva.com.br/10/SRPMS/kernel26-module-drbd-2.6.11.72032U10_17cl.0.7.10-71801U10_6cl.src.rpm


ftp://atualizacoes.conectiva.com.br/10/SRPMS/kernel26-module-hsfmodem-2.6.11.72032U10_17cl.7.18.00.03full-63167U10_6cl.src.rpm


ftp://atualizacoes.conectiva.com.br/10/SRPMS/kernel26-module-madwifi-2.6.11.72032U10_17cl.20041216-63166U10_6cl.src.rpm


ftp://atualizacoes.conectiva.com.br/10/SRPMS/kernel26-module-ndiswrapper-2.6.11.72032U10_17cl.1.1-72907U10_4cl.src.rpm


ftp://atualizacoes.conectiva.com.br/10/SRPMS/kernel26-module-nvidia-2.6.11.72032U10_17cl.1.0.7174-71023U10_7cl.src.rpm


ftp://atualizacoes.conectiva.com.br/10/SRPMS/kernel26-module-slmodem-2.6.11.72032U10_17cl.2.9.10-63168U10_7cl.src.rpm


ftp://atualizacoes.conectiva.com.br/10/SRPMS/xfree86-driver-nvidia-1.0.7174-71010U10_2cl.src.rpm


ftp://atualizacoes.conectiva.com.br/10/RPMS/hsfmodem-progs-2.6.11.72032U10_17cl.7.18.00.03full-63167U10_6cl.i386.rpm


ftp://atualizacoes.conectiva.com.br/10/RPMS/kernel26-2.6.11-72032U10_17cl.athlon.rpm


ftp://atualizacoes.conectiva.com.br/10/RPMS/kernel26-2.6.11-72032U10_17cl.i386.rpm


ftp://atualizacoes.conectiva.com.br/10/RPMS/kernel26-2.6.11-72032U10_17cl.i586.rpm


ftp://atualizacoes.conectiva.com.br/10/RPMS/kernel26-2.6.11-72032U10_17cl.i686.rpm


ftp://atualizacoes.conectiva.com.br/10/RPMS/kernel26-2.6.11-72032U10_17cl.pentium4.rpm


ftp://atualizacoes.conectiva.com.br/10/RPMS/kernel26-BOOT-2.6.11-72032U10_17cl.i386.rpm


ftp://atualizacoes.conectiva.com.br/10/RPMS/kernel26-BOOT-module-drbd-2.6.11.72032U10_17cl.0.7.10-71801U10_6cl.i386.rpm


ftp://atualizacoes.conectiva.com.br/10/RPMS/kernel26-BOOT-module-hsfmodem-2.6.11.72032U10_17cl.7.18.00.03full-63167U10_6cl.i386.rpm


ftp://atualizacoes.conectiva.com.br/10/RPMS/kernel26-BOOT-module-madwifi-2.6.11.72032U10_17cl.20041216-63166U10_6cl.i386.rpm


ftp://atualizacoes.conectiva.com.br/10/RPMS/kernel26-BOOT-module-ndiswrapper-2.6.11.72032U10_17cl.1.1-72907U10_4cl.i386.rpm


ftp://atualizacoes.conectiva.com.br/10/RPMS/kernel26-BOOT-module-nvidia-2.6.11.72032U10_17cl.1.0.7174-71023U10_7cl.i386.rpm


ftp://atualizacoes.conectiva.com.br/10/RPMS/kernel26-BOOT-module-slmodem-2.6.11.72032U10_17cl.2.9.10-63168U10_7cl.i386.rpm


ftp://atualizacoes.conectiva.com.br/10/RPMS/kernel26-doc-2.6.11-72032U10_17cl.i386.rpm


ftp://atualizacoes.conectiva.com.br/10/RPMS/kernel26-enterprise-2.6.11-72032U10_17cl.athlon.rpm


ftp://atualizacoes.conectiva.com.br/10/RPMS/kernel26-enterprise-2.6.11-72032U10_17cl.i686.rpm


ftp://atualizacoes.conectiva.com.br/10/RPMS/kernel26-enterprise-2.6.11-72032U10_17cl.pentium4.rpm


ftp://atualizacoes.conectiva.com.br/10/RPMS/kernel26-enterprise-module-drbd-2.6.11.72032U10_17cl.0.7.10-71801U10_6cl.athlon.rpm


ftp://atualizacoes.conectiva.com.br/10/RPMS/kernel26-enterprise-module-drbd-2.6.11.72032U10_17cl.0.7.10-71801U10_6cl.i686.rpm


ftp://atualizacoes.conectiva.com.br/10/RPMS/kernel26-enterprise-module-drbd-2.6.11.72032U10_17cl.0.7.10-71801U10_6cl.pentium4.rpm


ftp://atualizacoes.conectiva.com.br/10/RPMS/kernel26-enterprise-module-hsfmodem-2.6.11.72032U10_17cl.7.18.00.03full-63167U10_6cl.athlon.rpm


ftp://atualizacoes.conectiva.com.br/10/RPMS/kernel26-enterprise-module-hsfmodem-2.6.11.72032U10_17cl.7.18.00.03full-63167U10_6cl.i686.rpm


ftp://atualizacoes.conectiva.com.br/10/RPMS/kernel26-enterprise-module-hsfmodem-2.6.11.72032U10_17cl.7.18.00.03full-63167U10_6cl.pentium4.rpm


ftp://atualizacoes.conectiva.com.br/10/RPMS/kernel26-enterprise-module-madwifi-2.6.11.72032U10_17cl.20041216-63166U10_6cl.athlon.rpm


ftp://atualizacoes.conectiva.com.br/10/RPMS/kernel26-enterprise-module-madwifi-2.6.11.72032U10_17cl.20041216-63166U10_6cl.i686.rpm


ftp://atualizacoes.conectiva.com.br/10/RPMS/kernel26-enterprise-module-madwifi-2.6.11.72032U10_17cl.20041216-63166U10_6cl.pentium4.rpm


ftp://atualizacoes.conectiva.com.br/10/RPMS/kernel26-enterprise-module-ndiswrapper-2.6.11.72032U10_17cl.1.1-72907U10_4cl.athlon.rpm


ftp://atualizacoes.conectiva.com.br/10/RPMS/kernel26-enterprise-module-ndiswrapper-2.6.11.72032U10_17cl.1.1-72907U10_4cl.i686.rpm


ftp://atualizacoes.conectiva.com.br/10/RPMS/kernel26-enterprise-module-ndiswrapper-2.6.11.72032U10_17cl.1.1-72907U10_4cl.pentium4.rpm


ftp://atualizacoes.conectiva.com.br/10/RPMS/kernel26-enterprise-module-nvidia-2.6.11.72032U10_17cl.1.0.7174-71023U10_7cl.athlon.rpm


ftp://atualizacoes.conectiva.com.br/10/RPMS/kernel26-enterprise-module-nvidia-2.6.11.72032U10_17cl.1.0.7174-71023U10_7cl.i686.rpm


ftp://atualizacoes.conectiva.com.br/10/RPMS/kernel26-enterprise-module-nvidia-2.6.11.72032U10_17cl.1.0.7174-71023U10_7cl.pentium4.rpm


ftp://atualizacoes.conectiva.com.br/10/RPMS/kernel26-enterprise-module-slmodem-2.6.11.72032U10_17cl.2.9.10-63168U10_7cl.athlon.rpm


ftp://atualizacoes.conectiva.com.br/10/RPMS/kernel26-enterprise-module-slmodem-2.6.11.72032U10_17cl.2.9.10-63168U10_7cl.i686.rpm


ftp://atualizacoes.conectiva.com.br/10/RPMS/kernel26-enterprise-module-slmodem-2.6.11.72032U10_17cl.2.9.10-63168U10_7cl.pentium4.rpm


ftp://atualizacoes.conectiva.com.br/10/RPMS/kernel26-highmem-2.6.11-72032U10_17cl.athlon.rpm


ftp://atualizacoes.conectiva.com.br/10/RPMS/kernel26-highmem-2.6.11-72032U10_17cl.i686.rpm


ftp://atualizacoes.conectiva.com.br/10/RPMS/kernel26-highmem-2.6.11-72032U10_17cl.pentium4.rpm


ftp://atualizacoes.conectiva.com.br/10/RPMS/kernel26-highmem-module-drbd-2.6.11.72032U10_17cl.0.7.10-71801U10_6cl.athlon.rpm


ftp://atualizacoes.conectiva.com.br/10/RPMS/kernel26-highmem-module-drbd-2.6.11.72032U10_17cl.0.7.10-71801U10_6cl.i686.rpm


ftp://atualizacoes.conectiva.com.br/10/RPMS/kernel26-highmem-module-drbd-2.6.11.72032U10_17cl.0.7.10-71801U10_6cl.pentium4.rpm


ftp://atualizacoes.conectiva.com.br/10/RPMS/kernel26-highmem-module-hsfmodem-2.6.11.72032U10_17cl.7.18.00.03full-63167U10_6cl.athlon.rpm


ftp://atualizacoes.conectiva.com.br/10/RPMS/kernel26-highmem-module-hsfmodem-2.6.11.72032U10_17cl.7.18.00.03full-63167U10_6cl.i686.rpm


ftp://atualizacoes.conectiva.com.br/10/RPMS/kernel26-highmem-module-hsfmodem-2.6.11.72032U10_17cl.7.18.00.03full-63167U10_6cl.pentium4.rpm


ftp://atualizacoes.conectiva.com.br/10/RPMS/kernel26-highmem-module-madwifi-2.6.11.72032U10_17cl.20041216-63166U10_6cl.athlon.rpm


ftp://atualizacoes.conectiva.com.br/10/RPMS/kernel26-highmem-module-madwifi-2.6.11.72032U10_17cl.20041216-63166U10_6cl.i686.rpm


ftp://atualizacoes.conectiva.com.br/10/RPMS/kernel26-highmem-module-madwifi-2.6.11.72032U10_17cl.20041216-63166U10_6cl.pentium4.rpm


ftp://atualizacoes.conectiva.com.br/10/RPMS/kernel26-highmem-module-ndiswrapper-2.6.11.72032U10_17cl.1.1-72907U10_4cl.athlon.rpm


ftp://atualizacoes.conectiva.com.br/10/RPMS/kernel26-smp-2.6.11-72032U10_17cl.athlon.rpm


ftp://atualizacoes.conectiva.com.br/10/RPMS/kernel26-highmem-module-ndiswrapper-2.6.11.72032U10_17cl.1.1-72907U10_4cl.i686.rpm


ftp://atualizacoes.conectiva.com.br/10/RPMS/kernel26-highmem-module-ndiswrapper-2.6.11.72032U10_17cl.1.1-72907U10_4cl.pentium4.rpm


ftp://atualizacoes.conectiva.com.br/10/RPMS/kernel26-highmem-module-nvidia-2.6.11.72032U10_17cl.1.0.7174-71023U10_7cl.athlon.rpm


ftp://atualizacoes.conectiva.com.br/10/RPMS/kernel26-highmem-module-nvidia-2.6.11.72032U10_17cl.1.0.7174-71023U10_7cl.i686.rpm


ftp://atualizacoes.conectiva.com.br/10/RPMS/kernel26-highmem-module-nvidia-2.6.11.72032U10_17cl.1.0.7174-71023U10_7cl.pentium4.rpm


ftp://atualizacoes.conectiva.com.br/10/RPMS/kernel26-highmem-module-slmodem-2.6.11.72032U10_17cl.2.9.10-63168U10_7cl.athlon.rpm


ftp://atualizacoes.conectiva.com.br/10/RPMS/kernel26-highmem-module-slmodem-2.6.11.72032U10_17cl.2.9.10-63168U10_7cl.i686.rpm


ftp://atualizacoes.conectiva.com.br/10/RPMS/kernel26-highmem-module-slmodem-2.6.11.72032U10_17cl.2.9.10-63168U10_7cl.pentium4.rpm


ftp://atualizacoes.conectiva.com.br/10/RPMS/kernel26-highmem-smp-2.6.11-72032U10_17cl.athlon.rpm


ftp://atualizacoes.conectiva.com.br/10/RPMS/kernel26-highmem-smp-2.6.11-72032U10_17cl.i686.rpm


ftp://atualizacoes.conectiva.com.br/10/RPMS/kernel26-highmem-smp-2.6.11-72032U10_17cl.pentium4.rpm


ftp://atualizacoes.conectiva.com.br/10/RPMS/kernel26-highmem-smp-module-drbd-2.6.11.72032U10_17cl.0.7.10-71801U10_6cl.athlon.rpm


ftp://atualizacoes.conectiva.com.br/10/RPMS/kernel26-highmem-smp-module-drbd-2.6.11.72032U10_17cl.0.7.10-71801U10_6cl.i686.rpm


ftp://atualizacoes.conectiva.com.br/10/RPMS/kernel26-highmem-smp-module-drbd-2.6.11.72032U10_17cl.0.7.10-71801U10_6cl.pentium4.rpm


ftp://atualizacoes.conectiva.com.br/10/RPMS/kernel26-highmem-smp-module-hsfmodem-2.6.11.72032U10_17cl.7.18.00.03full-63167U10_6cl.athlon.rpm


ftp://atualizacoes.conectiva.com.br/10/RPMS/kernel26-highmem-smp-module-hsfmodem-2.6.11.72032U10_17cl.7.18.00.03full-63167U10_6cl.i686.rpm


ftp://atualizacoes.conectiva.com.br/10/RPMS/kernel26-highmem-smp-module-hsfmodem-2.6.11.72032U10_17cl.7.18.00.03full-63167U10_6cl.pentium4.rpm


ftp://atualizacoes.conectiva.com.br/10/RPMS/kernel26-highmem-smp-module-madwifi-2.6.11.72032U10_17cl.20041216-63166U10_6cl.athlon.rpm


ftp://atualizacoes.conectiva.com.br/10/RPMS/kernel26-highmem-smp-module-madwifi-2.6.11.72032U10_17cl.20041216-63166U10_6cl.i686.rpm


ftp://atualizacoes.conectiva.com.br/10/RPMS/kernel26-highmem-smp-module-madwifi-2.6.11.72032U10_17cl.20041216-63166U10_6cl.pentium4.rpm


ftp://atualizacoes.conectiva.com.br/10/RPMS/kernel26-highmem-smp-module-ndiswrapper-2.6.11.72032U10_17cl.1.1-72907U10_4cl.athlon.rpm


ftp://atualizacoes.conectiva.com.br/10/RPMS/kernel26-highmem-smp-module-ndiswrapper-2.6.11.72032U10_17cl.1.1-72907U10_4cl.i686.rpm


ftp://atualizacoes.conectiva.com.br/10/RPMS/kernel26-highmem-smp-module-ndiswrapper-2.6.11.72032U10_17cl.1.1-72907U10_4cl.pentium4.rpm


ftp://atualizacoes.conectiva.com.br/10/RPMS/kernel26-highmem-smp-module-nvidia-2.6.11.72032U10_17cl.1.0.7174-71023U10_7cl.athlon.rpm


ftp://atualizacoes.conectiva.com.br/10/RPMS/kernel26-highmem-smp-module-nvidia-2.6.11.72032U10_17cl.1.0.7174-71023U10_7cl.i686.rpm


ftp://atualizacoes.conectiva.com.br/10/RPMS/kernel26-highmem-smp-module-nvidia-2.6.11.72032U10_17cl.1.0.7174-71023U10_7cl.pentium4.rpm


ftp://atualizacoes.conectiva.com.br/10/RPMS/kernel26-highmem-smp-module-slmodem-2.6.11.72032U10_17cl.2.9.10-63168U10_7cl.athlon.rpm


ftp://atualizacoes.conectiva.com.br/10/RPMS/kernel26-highmem-smp-module-slmodem-2.6.11.72032U10_17cl.2.9.10-63168U10_7cl.i686.rpm


ftp://atualizacoes.conectiva.com.br/10/RPMS/kernel26-highmem-smp-module-slmodem-2.6.11.72032U10_17cl.2.9.10-63168U10_7cl.pentium4.rpm


ftp://atualizacoes.conectiva.com.br/10/RPMS/kernel26-module-drbd-2.6.11.72032U10_17cl.0.7.10-71801U10_6cl.athlon.rpm


ftp://atualizacoes.conectiva.com.br/10/RPMS/kernel26-module-drbd-2.6.11.72032U10_17cl.0.7.10-71801U10_6cl.i386.rpm


ftp://atualizacoes.conectiva.com.br/10/RPMS/kernel26-module-drbd-2.6.11.72032U10_17cl.0.7.10-71801U10_6cl.i586.rpm


ftp://atualizacoes.conectiva.com.br/10/RPMS/kernel26-module-drbd-2.6.11.72032U10_17cl.0.7.10-71801U10_6cl.i686.rpm


ftp://atualizacoes.conectiva.com.br/10/RPMS/kernel26-module-drbd-2.6.11.72032U10_17cl.0.7.10-71801U10_6cl.pentium4.rpm


ftp://atualizacoes.conectiva.com.br/10/RPMS/kernel26-module-hsfmodem-2.6.11.72032U10_17cl.7.18.00.03full-63167U10_6cl.athlon.rpm


ftp://atualizacoes.conectiva.com.br/10/RPMS/kernel26-module-hsfmodem-2.6.11.72032U10_17cl.7.18.00.03full-63167U10_6cl.i386.rpm


ftp://atualizacoes.conectiva.com.br/10/RPMS/kernel26-module-hsfmodem-2.6.11.72032U10_17cl.7.18.00.03full-63167U10_6cl.i586.rpm


ftp://atualizacoes.conectiva.com.br/10/RPMS/kernel26-module-hsfmodem-2.6.11.72032U10_17cl.7.18.00.03full-63167U10_6cl.i686.rpm


ftp://atualizacoes.conectiva.com.br/10/RPMS/kernel26-module-hsfmodem-2.6.11.72032U10_17cl.7.18.00.03full-63167U10_6cl.pentium4.rpm


ftp://atualizacoes.conectiva.com.br/10/RPMS/kernel26-module-madwifi-2.6.11.72032U10_17cl.20041216-63166U10_6cl.athlon.rpm


ftp://atualizacoes.conectiva.com.br/10/RPMS/kernel26-module-madwifi-2.6.11.72032U10_17cl.20041216-63166U10_6cl.i386.rpm


ftp://atualizacoes.conectiva.com.br/10/RPMS/kernel26-module-madwifi-2.6.11.72032U10_17cl.20041216-63166U10_6cl.i586.rpm


ftp://atualizacoes.conectiva.com.br/10/RPMS/kernel26-module-madwifi-2.6.11.72032U10_17cl.20041216-63166U10_6cl.i686.rpm


ftp://atualizacoes.conectiva.com.br/10/RPMS/kernel26-module-madwifi-2.6.11.72032U10_17cl.20041216-63166U10_6cl.pentium4.rpm


ftp://atualizacoes.conectiva.com.br/10/RPMS/kernel26-module-ndiswrapper-2.6.11.72032U10_17cl.1.1-72907U10_4cl.athlon.rpm


ftp://atualizacoes.conectiva.com.br/10/RPMS/kernel26-module-ndiswrapper-2.6.11.72032U10_17cl.1.1-72907U10_4cl.i386.rpm


ftp://atualizacoes.conectiva.com.br/10/RPMS/kernel26-module-ndiswrapper-2.6.11.72032U10_17cl.1.1-72907U10_4cl.i586.rpm


ftp://atualizacoes.conectiva.com.br/10/RPMS/kernel26-module-ndiswrapper-2.6.11.72032U10_17cl.1.1-72907U10_4cl.i686.rpm


ftp://atualizacoes.conectiva.com.br/10/RPMS/kernel26-module-ndiswrapper-2.6.11.72032U10_17cl.1.1-72907U10_4cl.pentium4.rpm


ftp://atualizacoes.conectiva.com.br/10/RPMS/kernel26-module-nvidia-2.6.11.72032U10_17cl.1.0.7174-71023U10_7cl.athlon.rpm


ftp://atualizacoes.conectiva.com.br/10/RPMS/kernel26-module-nvidia-2.6.11.72032U10_17cl.1.0.7174-71023U10_7cl.i386.rpm


ftp://atualizacoes.conectiva.com.br/10/RPMS/kernel26-module-nvidia-2.6.11.72032U10_17cl.1.0.7174-71023U10_7cl.i586.rpm


ftp://atualizacoes.conectiva.com.br/10/RPMS/kernel26-module-nvidia-2.6.11.72032U10_17cl.1.0.7174-71023U10_7cl.i686.rpm


ftp://atualizacoes.conectiva.com.br/10/RPMS/kernel26-module-nvidia-2.6.11.72032U10_17cl.1.0.7174-71023U10_7cl.pentium4.rpm


ftp://atualizacoes.conectiva.com.br/10/RPMS/kernel26-module-slmodem-2.6.11.72032U10_17cl.2.9.10-63168U10_7cl.athlon.rpm


ftp://atualizacoes.conectiva.com.br/10/RPMS/kernel26-module-slmodem-2.6.11.72032U10_17cl.2.9.10-63168U10_7cl.i386.rpm


ftp://atualizacoes.conectiva.com.br/10/RPMS/kernel26-module-slmodem-2.6.11.72032U10_17cl.2.9.10-63168U10_7cl.i586.rpm


ftp://atualizacoes.conectiva.com.br/10/RPMS/kernel26-module-slmodem-2.6.11.72032U10_17cl.2.9.10-63168U10_7cl.i686.rpm


ftp://atualizacoes.conectiva.com.br/10/RPMS/kernel26-module-slmodem-2.6.11.72032U10_17cl.2.9.10-63168U10_7cl.pentium4.rpm


ftp://atualizacoes.conectiva.com.br/10/RPMS/kernel26-smp-2.6.11-72032U10_17cl.i386.rpm


ftp://atualizacoes.conectiva.com.br/10/RPMS/kernel26-smp-2.6.11-72032U10_17cl.i586.rpm


ftp://atualizacoes.conectiva.com.br/10/RPMS/kernel26-smp-2.6.11-72032U10_17cl.i686.rpm


ftp://atualizacoes.conectiva.com.br/10/RPMS/kernel26-smp-2.6.11-72032U10_17cl.pentium4.rpm


ftp://atualizacoes.conectiva.com.br/10/RPMS/kernel26-smp-module-drbd-2.6.11.72032U10_17cl.0.7.10-71801U10_6cl.athlon.rpm


ftp://atualizacoes.conectiva.com.br/10/RPMS/kernel26-smp-module-drbd-2.6.11.72032U10_17cl.0.7.10-71801U10_6cl.i386.rpm


ftp://atualizacoes.conectiva.com.br/10/RPMS/kernel26-smp-module-drbd-2.6.11.72032U10_17cl.0.7.10-71801U10_6cl.i586.rpm


ftp://atualizacoes.conectiva.com.br/10/RPMS/kernel26-smp-module-drbd-2.6.11.72032U10_17cl.0.7.10-71801U10_6cl.i686.rpm


ftp://atualizacoes.conectiva.com.br/10/RPMS/kernel26-smp-module-drbd-2.6.11.72032U10_17cl.0.7.10-71801U10_6cl.pentium4.rpm


ftp://atualizacoes.conectiva.com.br/10/RPMS/kernel26-smp-module-hsfmodem-2.6.11.72032U10_17cl.7.18.00.03full-63167U10_6cl.athlon.rpm


ftp://atualizacoes.conectiva.com.br/10/RPMS/kernel26-smp-module-hsfmodem-2.6.11.72032U10_17cl.7.18.00.03full-63167U10_6cl.i386.rpm


ftp://atualizacoes.conectiva.com.br/10/RPMS/kernel26-smp-module-hsfmodem-2.6.11.72032U10_17cl.7.18.00.03full-63167U10_6cl.i586.rpm


ftp://atualizacoes.conectiva.com.br/10/RPMS/kernel26-smp-module-hsfmodem-2.6.11.72032U10_17cl.7.18.00.03full-63167U10_6cl.i686.rpm


ftp://atualizacoes.conectiva.com.br/10/RPMS/kernel26-smp-module-hsfmodem-2.6.11.72032U10_17cl.7.18.00.03full-63167U10_6cl.pentium4.rpm


ftp://atualizacoes.conectiva.com.br/10/RPMS/kernel26-smp-module-madwifi-2.6.11.72032U10_17cl.20041216-63166U10_6cl.athlon.rpm


ftp://atualizacoes.conectiva.com.br/10/RPMS/kernel26-smp-module-madwifi-2.6.11.72032U10_17cl.20041216-63166U10_6cl.i386.rpm


ftp://atualizacoes.conectiva.com.br/10/RPMS/kernel26-smp-module-madwifi-2.6.11.72032U10_17cl.20041216-63166U10_6cl.i586.rpm


ftp://atualizacoes.conectiva.com.br/10/RPMS/kernel26-smp-module-madwifi-2.6.11.72032U10_17cl.20041216-63166U10_6cl.i686.rpm


ftp://atualizacoes.conectiva.com.br/10/RPMS/kernel26-smp-module-madwifi-2.6.11.72032U10_17cl.20041216-63166U10_6cl.pentium4.rpm


ftp://atualizacoes.conectiva.com.br/10/RPMS/kernel26-smp-module-ndiswrapper-2.6.11.72032U10_17cl.1.1-72907U10_4cl.athlon.rpm


ftp://atualizacoes.conectiva.com.br/10/RPMS/kernel26-smp-module-ndiswrapper-2.6.11.72032U10_17cl.1.1-72907U10_4cl.i386.rpm


ftp://atualizacoes.conectiva.com.br/10/RPMS/kernel26-smp-module-ndiswrapper-2.6.11.72032U10_17cl.1.1-72907U10_4cl.i586.rpm


ftp://atualizacoes.conectiva.com.br/10/RPMS/kernel26-smp-module-ndiswrapper-2.6.11.72032U10_17cl.1.1-72907U10_4cl.i686.rpm


ftp://atualizacoes.conectiva.com.br/10/RPMS/kernel26-smp-module-ndiswrapper-2.6.11.72032U10_17cl.1.1-72907U10_4cl.pentium4.rpm


ftp://atualizacoes.conectiva.com.br/10/RPMS/kernel26-smp-module-nvidia-2.6.11.72032U10_17cl.1.0.7174-71023U10_7cl.athlon.rpm


ftp://atualizacoes.conectiva.com.br/10/RPMS/kernel26-smp-module-nvidia-2.6.11.72032U10_17cl.1.0.7174-71023U10_7cl.i386.rpm


ftp://atualizacoes.conectiva.com.br/10/RPMS/kernel26-smp-module-nvidia-2.6.11.72032U10_17cl.1.0.7174-71023U10_7cl.i586.rpm


ftp://atualizacoes.conectiva.com.br/10/RPMS/kernel26-smp-module-nvidia-2.6.11.72032U10_17cl.1.0.7174-71023U10_7cl.i686.rpm


ftp://atualizacoes.conectiva.com.br/10/RPMS/kernel26-smp-module-nvidia-2.6.11.72032U10_17cl.1.0.7174-71023U10_7cl.pentium4.rpm


ftp://atualizacoes.conectiva.com.br/10/RPMS/kernel26-smp-module-slmodem-2.6.11.72032U10_17cl.2.9.10-63168U10_7cl.athlon.rpm


ftp://atualizacoes.conectiva.com.br/10/RPMS/kernel26-smp-module-slmodem-2.6.11.72032U10_17cl.2.9.10-63168U10_7cl.i386.rpm


ftp://atualizacoes.conectiva.com.br/10/RPMS/kernel26-smp-module-slmodem-2.6.11.72032U10_17cl.2.9.10-63168U10_7cl.i586.rpm


ftp://atualizacoes.conectiva.com.br/10/RPMS/kernel26-smp-module-slmodem-2.6.11.72032U10_17cl.2.9.10-63168U10_7cl.i686.rpm


ftp://atualizacoes.conectiva.com.br/10/RPMS/kernel26-smp-module-slmodem-2.6.11.72032U10_17cl.2.9.10-63168U10_7cl.pentium4.rpm


ftp://atualizacoes.conectiva.com.br/10/RPMS/kernel26-source-2.6.11-72032U10_17cl.i386.rpm


ftp://atualizacoes.conectiva.com.br/10/RPMS/libgl1-nvidia-1.0.7174-71010U10_2cl.i386.rpm


ftp://atualizacoes.conectiva.com.br/10/RPMS/ndiswrapper-utils-2.6.11.72032U10_17cl.1.1-72907U10_4cl.i386.rpm


ftp://atualizacoes.conectiva.com.br/10/RPMS/slmodemd-2.6.11.72032U10_17cl.2.9.10-63168U10_7cl.i386.rpm


ftp://atualizacoes.conectiva.com.br/10/RPMS/xfree86-driver-nvidia-1.0.7174-71010U10_2cl.i386.rpm

ADDITIONAL INSTRUCTIONS
The apt tool can be used to perform RPM packages upgrades:

  • run: apt-get update
  • after that, execute: apt-get upgrade

Detailed instructions regarding the use of apt and upgrade
examples can be found at http://distro.conectiva.com.br/atualizacoes/#apt?idioma=en

All packages are signed with Conectiva’s GPG key. The key and
instructions on how to import it can be found at
http://distro.conectiva.com.br/seguranca/chave/?idioma=en
Instructions on how to check the signatures of the RPM packages can
be found at http://distro.conectiva.com.br/seguranca/politica/?idioma=en

All our advisories and generic update instructions can be viewed at
http://distro.conectiva.com.br/atualizacoes/?idioma=en

Copyright (c) 2004 Conectiva Inc.
http://www.conectiva.com

Fedora Core

Fedora Update Notification
FEDORA-2005-350
2005-05-02

Product : Fedora Core 3
Name : kdelibs
Version : 3.3.1
Release : 2.12.FC3
Summary : K Desktop Environment – Libraries

Description :
Libraries for the K Desktop Environment: KDE Libraries included:
kdecore (KDE core library), kdeui (user interface), kfm (file
manager), khtmlw (HTML widget), kio (Input/Output, networking),
kspell (spelling checker), jscript (javascript), kab (addressbook),
kimgio (image manipulation).

Update Information:

A buffer overflow was found in the kimgio library for KDE 3.3.1.
An attacker could create a carefully crafted PCX image in such a
way that it would cause kimgio to execute arbitrary code when
processing the image. The Common Vulnerabilities and Exposures
project (cve.mitre.org/) has
assigned the name CAN-2005-1046 to this issue.

All users of kdelibs should upgrade to these updated packages,
which contain a backported security patch to correct these
issues.

  • Tue Apr 19 2005 Than Ngo <than@redhat.com> 6:3.3.1-2.12.FC3
    • apply patch to fix gcc warning #117938
  • Tue Apr 19 2005 Than Ngo <than@redhat.com> 6:3.3.1-2.11.FC3
    • add missing kde documents #152307
    • apply patch to fix kimgio input validation vulnerabilities,
      CAN-2005-1046
    • add hack for loading of *.so shared object files #142244
  • Mon Apr 18 2005 Than Ngo <than@redhat.com> 6:3.3.1-2.10.FC3
    • backport the patch to fix kimgio input validation
      vulnerabilities, CAN-2005-1046, #152093, thanks to KDE security
      team

This update can be downloaded from:

http://download.fedora.redhat.com/pub/fedora/linux/core/updates/3/

1023f08e9573cd579ed4d978b8f7a7fb
SRPMS/kdelibs-3.3.1-2.12.FC3.src.rpm
be28a562a1d99f4530ac1866ab332199
x86_64/kdelibs-3.3.1-2.12.FC3.x86_64.rpm
784b411818c9a1a3d28811e814b9880a
x86_64/kdelibs-devel-3.3.1-2.12.FC3.x86_64.rpm
c81fb52aa13551ffb233f9ecc9ea72df
x86_64/debug/kdelibs-debuginfo-3.3.1-2.12.FC3.x86_64.rpm
0e6fdd04807160ee7571bcfb098d4c79
x86_64/kdelibs-3.3.1-2.12.FC3.i386.rpm
0e6fdd04807160ee7571bcfb098d4c79
i386/kdelibs-3.3.1-2.12.FC3.i386.rpm
f14c330fcc3f2c9618dc88550d4dd307
i386/kdelibs-devel-3.3.1-2.12.FC3.i386.rpm
bf6808e504ace10edb9da8b6f71efc5f
i386/debug/kdelibs-debuginfo-3.3.1-2.12.FC3.i386.rpm

This update can also be installed with the Update Agent; you can
launch the Update Agent with the ‘up2date’ command.

Fedora Update Notification
FEDORA-2005-351
2005-05-02

Product : Fedora Core 3
Name : tcpdump
Version : 3.8.2
Release : 8.FC3
Summary : A network traffic monitoring tool.

Description :
Tcpdump is a command-line tool for monitoring network traffic.
Tcpdump can capture and display the packet headers on a particular
network interface or on all interfaces. Tcpdump can display all of
the packet headers, or just the ones that match particular
criteria.

Install tcpdump if you need a program to monitor network
traffic.

  • Fri Apr 29 2005 Martin Stransky <stransky@redhat.com> –
    14:3.8.2-8.FC3

    • fix for CAN-2005-1280 Multiple DoS issues in tcpdump
      (CAN-2005-1279 CAN-2005-1278), #156040

This update can be downloaded from:


http://download.fedora.redhat.com/pub/fedora/linux/core/updates/3/

4b740bfe93581978552145842e23898d
SRPMS/tcpdump-3.8.2-8.FC3.src.rpm
380ab25ad5a4908c2b8bf8461c29317a
x86_64/tcpdump-3.8.2-8.FC3.x86_64.rpm
e25dadaa9ab7e602ab6c9b4aee51b536
x86_64/libpcap-0.8.3-8.FC3.x86_64.rpm
f0bcba7f52b8a0c10a5b11488313cb3e
x86_64/arpwatch-2.1a13-8.FC3.x86_64.rpm
0f7d020a9e50561b9fbb41ccc135ab24
x86_64/debug/tcpdump-debuginfo-3.8.2-8.FC3.x86_64.rpm
a50375f8e7edf7a88dea70dcb5df98c4
x86_64/libpcap-0.8.3-8.FC3.i386.rpm
031f3ec5c206b4616f2b30f4949ad345
i386/tcpdump-3.8.2-8.FC3.i386.rpm
a50375f8e7edf7a88dea70dcb5df98c4
i386/libpcap-0.8.3-8.FC3.i386.rpm
7fcb261a49f062939946d84a7816b864
i386/arpwatch-2.1a13-8.FC3.i386.rpm
c5006240d5c4c6e4f9c892c882a1ca7b
i386/debug/tcpdump-debuginfo-3.8.2-8.FC3.i386.rpm

This update can also be installed with the Update Agent; you can
launch the Update Agent with the ‘up2date’ command.

Fedora Update Notification
FEDORA-2005-353
2005-05-02

Product : Fedora Core 3
Name : perl
Version : 5.8.5
Release : 12.FC3
Summary : The Perl programming language.

Description :
Perl is a high-level programming language with roots in C, sed, awk
and shell scripting. Perl is good at handling processes and files,
and is especially good at handling text. Perl’s hallmarks are
practicality and efficiency. While it is used to do a lot of
different things, Perl’s most common applications are system
administration utilities and web programming. A large proportion of
the CGI scripts on the web are written in Perl. You need the perl
package installed on your system so that your system can handle
Perl scripts.

Install this package if you want to program in Perl or enable
your system to handle Perl scripts.

Update Information:

Security and packaging fixes.

  • Thu Apr 28 2005 Ville Skyttäville.skytta at iki.fi> –
    3:5.8.5-12.FC3

    • Apply fix for CAN-2004-0452 (#156128, #146774).
    • Drop incorrect provides from the main package and release tag
      munging from the suidperl subpackage (#148847, Jos&eactute;
      Pedro Oliveira).
  • Fri Apr 1 2005 Petr Rockai <prockai@redhat.com> –
    3:5.8.5-11.FC3

    • Do not link with libbind… (backported patch from devel).
  • Wed Mar 31 2005 Petr Rockai <prockai@redhat.com> –
    3:5.8.5-10.FC3

    • Fix for CAN-2005-0155, CAN-2005-0156.
    • Work around a FTBFS (fails to build from source) in fc3
      buildroots.

This update can be downloaded from:


http://download.fedora.redhat.com/pub/fedora/linux/core/updates/3/

1509fe0fadb22b69b5f878341b34d767
SRPMS/perl-5.8.5-12.FC3.src.rpm
c90f95a4aacf003d94d2420dd6629650
x86_64/perl-5.8.5-12.FC3.x86_64.rpm
c46fe5d5db1ca845e67b39f21ea37d99
x86_64/perl-suidperl-5.8.5-12.FC3.x86_64.rpm
32a2972a6d1d56a60a213249e70ac7ff
x86_64/debug/perl-debuginfo-5.8.5-12.FC3.x86_64.rpm
fb672eecfac3216363fae01b52cb1fd8
i386/perl-5.8.5-12.FC3.i386.rpm
c54d4bb985501c643eb7be1309543779
i386/perl-suidperl-5.8.5-12.FC3.i386.rpm
dbbc18ba952c8df14788658dcf13d014
i386/debug/perl-debuginfo-5.8.5-12.FC3.i386.rpm

This update can also be installed with the Update Agent; you can
launch the Update Agent with the ‘up2date’ command.

Gentoo Linux

Gentoo Linux Security Advisory GLSA 200504-30

http://security.gentoo.org/

Severity: Normal
Title: phpMyAdmin: Insecure SQL script installation
Date: April 30, 2005
Bugs: #88831
ID: 200504-30

Synopsis

phpMyAdmin leaves the SQL install script with insecure
permissions, potentially leading to a database compromise.

Background

phpMyAdmin is a tool written in PHP intended to handle the
administration of MySQL databases from a web-browser. phpMyAdmin
uses a pma MySQL user to control the linked-tables infrastructure.
The SQL install script sets the initial password for the pma
user.

Affected packages

     Package            /  Vulnerable  /                    Unaffected

  1  dev-db/phpmyadmin     < 2.6.2-r1                      >= 2.6.2-r1

Description

The phpMyAdmin installation process leaves the SQL install
script with insecure permissions.

Impact

A local attacker could exploit this vulnerability to obtain the
initial phpMyAdmin password and from there obtain information about
databases accessible by phpMyAdmin.

Workaround

Change the password for the phpMyAdmin MySQL user (pma):

    mysql -u root -p
    SET PASSWORD FOR 'pma'@'localhost' = PASSWORD('MyNewPassword');

Update your phpMyAdmin config.inc.php/:

    $cfg['Servers'][$i]['controlpass']   = 'MyNewPassword';

Resolution

All phpMyAdmin users should change password for the pma user as
described above and upgrade to the latest version:

    # emerge --sync
    # emerge --ask --oneshot --verbose ">=dev-db/phpmyadmin-2.6.2-r1"

Availability

This GLSA and any updates to it are available for viewing at the
Gentoo Security Website:

http://security.gentoo.org/glsa/glsa-200504-30.xml

Concerns?

Security is a primary focus of Gentoo Linux and ensuring the
confidentiality and security of our users machines is of utmost
importance to us. Any security concerns should be addressed to
security@gentoo.org or
alternatively, you may file a bug at http://bugs.gentoo.org.

License

Copyright 2005 Gentoo Foundation, Inc; referenced text belongs
to its owner(s).

The contents of this document are licensed under the Creative
Commons – Attribution / Share Alike license.

http://creativecommons.org/licenses/by-sa/2.0

Gentoo Linux Security Advisory GLSA 200505-01

http://security.gentoo.org/

Severity: Low
Title: Horde Framework: Multiple XSS vulnerabilities
Date: May 01, 2005
Bugs: #90365
ID: 200505-01

Synopsis

Various modules of the Horde Framework are vulnerable to
multiple cross-site scripting (XSS) vulnerabilities.

Background

The Horde Framework is a PHP based framework for building web
applications. It provides many modules including calendar, address
book, CVS viewer and Internet Messaging Program.

Affected packages

     Package                   /  Vulnerable  /             Unaffected



  1  www-apps/horde-vacation        < 2.2.2                   >= 2.2.2
  2  www-apps/horde-turba           < 1.2.5                   >= 1.2.5
  3  www-apps/horde-passwd          < 2.2.2                   >= 2.2.2
  4  www-apps/horde-nag             < 1.1.3                   >= 1.1.3
  5  www-apps/horde-mnemo           < 1.1.4                   >= 1.1.4
  6  www-apps/horde-kronolith       < 1.1.4                   >= 1.1.4
  7  www-apps/horde-imp             < 3.2.8                   >= 3.2.8
  8  www-apps/horde-accounts        < 2.1.2                   >= 2.1.2
  9  www-apps/horde-forwards        < 2.2.2                   >= 2.2.2
 10  www-apps/horde-chora           < 1.2.3                   >= 1.2.3
 11  www-apps/horde                 < 2.2.8                   >= 2.2.8
    -------------------------------------------------------------------
     11 affected packages on all of their supported architectures.

Description

Cross-site scripting vulnerabilities have been discovered in
various modules of the Horde Framework.

Impact

These vulnerabilities could be exploited by an attacker to
execute arbitrary HTML and script code in context of the victim’s
browser.

Workaround

There is no known workaround at this time.

Resolution

All Horde users should upgrade to the latest version:

    # emerge --sync
    # emerge --ask --oneshot --verbose ">=www-apps/horde-2.2.8"

All Horde Vacation users should upgrade to the latest
version:

    # emerge --sync
    # emerge --ask --oneshot --verbose ">=www-apps/horde-vacation-2.2.2"

All Horde Turba users should upgrade to the latest version:

    # emerge --sync
    # emerge --ask --oneshot --verbose ">=www-apps/horde-turba-1.2.5"

All Horde Passwd users should upgrade to the latest version:

    # emerge --sync
    # emerge --ask --oneshot --verbose ">=www-apps/horde-passwd-2.2.2"

All Horde Nag users should upgrade to the latest version:

    # emerge --sync
    # emerge --ask --oneshot --verbose ">=www-apps/horde-nag-1.1.3"

All Horde Mnemo users should upgrade to the latest version:

    # emerge --sync
    # emerge --ask --oneshot --verbose ">=www-apps/horde-mnemo-1.1.4"

All Horde Kronolith users should upgrade to the latest
version:

    # emerge --sync
    # emerge --ask --oneshot --verbose
    # ">=www-apps/horde-kronolith-1.1.4"

All Horde IMP users should upgrade to the latest version:

    # emerge --sync
    # emerge --ask --oneshot --verbose ">=www-apps/horde-imp-3.2.8"

All Horde Accounts users should upgrade to the latest
version:

    # emerge --sync
    # emerge --ask --oneshot --verbose ">=www-apps/horde-accounts-2.1.2"

All Horde Forwards users should upgrade to the latest
version:

    # emerge --sync
    # emerge --ask --oneshot --verbose ">=www-apps/horde-forwards-2.2.2"

All Horde Chora users should upgrade to the latest version:

    # emerge --sync
    # emerge --ask --oneshot --verbose ">=www-apps/horde-chora-1.2.3"

References

[ 1 ] Horde Announcement


http://marc.theaimsgroup.com/?l=horde-announce&r=1&b=200504&w=2

Availability

This GLSA and any updates to it are available for viewing at the
Gentoo Security Website:

http://security.gentoo.org/glsa/glsa-200505-01.xml

Concerns?

Security is a primary focus of Gentoo Linux and ensuring the
confidentiality and security of our users machines is of utmost
importance to us. Any security concerns should be addressed to
security@gentoo.org or
alternatively, you may file a bug at http://bugs.gentoo.org.

License

Copyright 2005 Gentoo Foundation, Inc; referenced text belongs
to its owner(s).

The contents of this document are licensed under the Creative
Commons – Attribution / Share Alike license.

http://creativecommons.org/licenses/by-sa/2.0

Slackware Linux

[slackware-security] infozip (SSA:2005-121-01)

Get the Free Newsletter!

Subscribe to Developer Insider for top news, trends, & analysis

Must Read

LinuxToday is a trusted, contributor-driven news resource supporting all types of Linux users. Our thriving international community engages with us through social media and frequent content contributions aimed at solving problems ranging from personal computing to enterprise-level IT operations. LinuxToday serves as a home for a community that struggles to find comparable information elsewhere on the web.

Our Brands

Advertiser Disclosure: Some of the products that appear on this site are from companies from which TechnologyAdvice receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. TechnologyAdvice does not include all companies or all types of products available in the marketplace.