Mandrake alert MDKSA-2004:050 (kernel)
| From: | Mandrake Linux Security Team <security@linux-mandrake.com> | |
| To: | bugtraq@securityfocus.com | |
| Subject: | MDKSA-2004:050 - Updated kernel packages fix multiple vulnerabilities | |
| Date: | 22 May 2004 05:18:24 -0000 |
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 _______________________________________________________________________ Mandrakelinux Security Update Advisory _______________________________________________________________________ Package name: kernel Advisory ID: MDKSA-2004:050 Date: May 21st, 2004 Affected versions: 10.0, 9.2 ______________________________________________________________________ Problem Description: Brad Spender discovered an exploitable bug in the cpufreq code in the Linux 2.6 kernel (CAN-2004-0228). As well, a permissions problem existed on some SCSI drivers; a fix from Olaf Kirch is provided that changes the mode from 0777 to 0600. This update also provides a 10.0/amd64 kernel with fixes for the previous MDKSA-2004:037 advisory as well as the above-noted fixes. The provided packages are patched to fix these vulnerabilities. All users are encouraged to upgrade to these updated kernels. To update your kernel, please follow the directions located at: http://www.mandrakesoft.com/kernelupdate _______________________________________________________________________ References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0228 ______________________________________________________________________ Updated Packages: Mandrakelinux 10.0: c27bdbed859af49a0e7400b2608394e9 10.0/RPMS/kernel-2.4.25.5mdk-1-1mdk.i586.rpm 2aa96fed17d8a9a82e9603b9f1ca112b 10.0/RPMS/kernel-2.6.3.13mdk-1-1mdk.i586.rpm 32df9053e07cac55d09a0bb962323e65 10.0/RPMS/kernel-enterprise-2.4.25.5mdk-1-1mdk.i586.rpm 9e4406b3df09e62913928d13fc1638a6 10.0/RPMS/kernel-enterprise-2.6.3.13mdk-1-1mdk.i586.rpm fd4e9bedce11cd21bdcf0dc40301f2f1 10.0/RPMS/kernel-i686-up-4GB-2.4.25.5mdk-1-1mdk.i586.rpm 48ca6d4b319ff4b93c3f49242d9dab91 10.0/RPMS/kernel-i686-up-4GB-2.6.3.13mdk-1-1mdk.i586.rpm 7126bd36be90cda4292f16d43cd8df3f 10.0/RPMS/kernel-p3-smp-64GB-2.4.25.5mdk-1-1mdk.i586.rpm 1f4569fb3ee33a8ee392ec06833e85ae 10.0/RPMS/kernel-p3-smp-64GB-2.6.3.13mdk-1-1mdk.i586.rpm d396431c7e9ec430a3a67f1e844bac74 10.0/RPMS/kernel-secure-2.6.3.13mdk-1-1mdk.i586.rpm 41958f6522922947a8fee8d199454946 10.0/RPMS/kernel-smp-2.4.25.5mdk-1-1mdk.i586.rpm 44b3d21a879e488b36ec6522f2ba1f56 10.0/RPMS/kernel-smp-2.6.3.13mdk-1-1mdk.i586.rpm 462effd5b3b452749994887cba792109 10.0/RPMS/kernel-source-2.4.25-5mdk.i586.rpm 3bbac2f69ac134f15211fdbfe48adca8 10.0/RPMS/kernel-source-2.6.3-13mdk.i586.rpm f5ec5f36685134e6cc13f8e140c811a2 10.0/RPMS/kernel-source-stripped-2.6.3-13mdk.i586.rpm ca54ddc53be37e332531e9c7574b282f 10.0/SRPMS/kernel-2.4.25.5mdk-1-1mdk.src.rpm dd67df2cffe071aef5fad4691d4fcf01 10.0/SRPMS/kernel-2.6.3.13mdk-1-1mdk.src.rpm Mandrakelinux 10.0/AMD64: 30130b0a95df43ab8bbc78034abb982e amd64/10.0/RPMS/kernel-2.4.25.5mdk-1-1mdk.amd64.rpm 6de514e0a70381d91358dcccc17b2047 amd64/10.0/RPMS/kernel-2.6.3.13mdk-1-1mdk.amd64.rpm 7d428529767fdb4f1e0586161c450252 amd64/10.0/RPMS/kernel-secure-2.6.3.13mdk-1-1mdk.amd64.rpm 20ed7696fa02ac41de642f18b4be5367 amd64/10.0/RPMS/kernel-smp-2.4.25.5mdk-1-1mdk.amd64.rpm 6820f8941edf150f0d31c7266a889604 amd64/10.0/RPMS/kernel-smp-2.6.3.13mdk-1-1mdk.amd64.rpm 2733b3696b80c6b6f14a1e5cd6aa7636 amd64/10.0/RPMS/kernel-source-2.4.25-5mdk.amd64.rpm cf3cc155e7cf92790a7271d9bfc32337 amd64/10.0/RPMS/kernel-source-2.6.3-13mdk.amd64.rpm c35af18fa10fd0293940cc0264a9fb30 amd64/10.0/RPMS/kernel-source-stripped-2.6.3-13mdk.amd64.rpm ca54ddc53be37e332531e9c7574b282f amd64/10.0/SRPMS/kernel-2.4.25.5mdk-1-1mdk.src.rpm dd67df2cffe071aef5fad4691d4fcf01 amd64/10.0/SRPMS/kernel-2.6.3.13mdk-1-1mdk.src.rpm Mandrakelinux 9.2: 83b384a70158a22b07d1675b348a756e 9.2/RPMS/kernel-2.4.22.32mdk-1-1mdk.i586.rpm d8dd19717e444638a4d86150a9b16f88 9.2/RPMS/kernel-enterprise-2.4.22.32mdk-1-1mdk.i586.rpm 231b42c760bb976d56f34f17fe524ed6 9.2/RPMS/kernel-i686-up-4GB-2.4.22.32mdk-1-1mdk.i586.rpm 2dd6754351b6d5a1a004e4ba94c6df4b 9.2/RPMS/kernel-p3-smp-64GB-2.4.22.32mdk-1-1mdk.i586.rpm 839e5c6fc4c346c187f6c6e9e847d407 9.2/RPMS/kernel-secure-2.4.22.32mdk-1-1mdk.i586.rpm 96d80a6197d075e3380aa27f64ad17d4 9.2/RPMS/kernel-smp-2.4.22.32mdk-1-1mdk.i586.rpm 299b347b46e5eafb070cfa9e75519fa5 9.2/RPMS/kernel-source-2.4.22-32mdk.i586.rpm da504294cf4d64769b8cc3855c05e306 9.2/SRPMS/kernel-2.4.22.32mdk-1-1mdk.src.rpm Mandrakelinux 9.2/AMD64: 2d16c561573580aba9a645b5db364fd0 amd64/9.2/RPMS/kernel-2.4.22.32mdk-1-1mdk.amd64.rpm 3d578c646f2b708e65e210e6f829c7c9 amd64/9.2/RPMS/kernel-secure-2.4.22.32mdk-1-1mdk.amd64.rpm ae1baf4717dad49787ac9de697eb42b7 amd64/9.2/RPMS/kernel-smp-2.4.22.32mdk-1-1mdk.amd64.rpm 1959cb64b5eafafc8afba80db2cd50ee amd64/9.2/RPMS/kernel-source-2.4.22-32mdk.amd64.rpm da504294cf4d64769b8cc3855c05e306 amd64/9.2/SRPMS/kernel-2.4.22.32mdk-1-1mdk.src.rpm _______________________________________________________________________ To upgrade automatically use MandrakeUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. All packages are signed by Mandrakesoft for security. You can obtain the GPG public key of the Mandrakelinux Security Team by executing: gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98 You can view other update advisories for Mandrakelinux at: http://www.mandrakesoft.com/security/advisories If you want to report vulnerabilities, please contact security_linux-mandrake.com Type Bits/KeyID Date User ID pub 1024D/22458A98 2000-07-10 Linux Mandrake Security Team <security linux-mandrake.com> -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.7 (GNU/Linux) iD8DBQFAruKfmqjQ0CJFipgRAjZcAJ9M7JN8l+t3tZhvO0N5WlXUP1fCKgCgxGnb ZYzKnsLHpec+SYNFdmHxLMM= =zVv0 -----END PGP SIGNATURE-----
(Log in to post comments)