FAQ Search Today's Posts Mark Forums Read
» Video Reviews

» Linux Archive

Linux-archive is a website aiming to archive linux email lists and to make them easily accessible for linux users/developers.


» Sponsor

» Partners

» Sponsor

Go Back   Linux Archive > Redhat > Enterprise Watch List

 
 
LinkBack Thread Tools
 
Old 12-03-2007, 02:38 PM
 
Default Important: kernel security and bug fix update

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ---------------------------------------------------------------------
Red Hat Security Advisory

Synopsis: Important: kernel security and bug fix update
Advisory ID: RHSA-2007:1049-01
Advisory URL: https://rhn.redhat.com/errata/RHSA-2007-1049.html
Issue date: 2007-12-03
Updated on: 2007-12-03
Product: Red Hat Enterprise Linux
CVE Names: CVE-2007-2172 CVE-2007-3848
CVE-2006-4538 CVE-2007-3739
CVE-2007-4308
- ---------------------------------------------------------------------

1. Summary:

Updated kernel packages that fix several security issues and a bug in the
Red Hat Enterprise Linux 3 kernel are now available.

This update has been rated as having important security impact by the Red
Hat Security Response Team.

2. Relevant releases/architectures:

Red Hat Enterprise Linux AS version 3 - i386, ia64, ppc, s390, s390x, x86_64
Red Hat Desktop version 3 - i386, x86_64
Red Hat Enterprise Linux ES version 3 - i386, ia64, x86_64
Red Hat Enterprise Linux WS version 3 - i386, ia64, x86_64

3. Problem description:

The kernel packages contain the Linux kernel, the core of any Linux
operating system.

A flaw was found in the handling of process death signals. This allowed a
local user to send arbitrary signals to the suid-process executed by that
user. A successful exploitation of this flaw depends on the structure of
the suid-program and its signal handling. (CVE-2007-3848, Important)

A flaw was found in the IPv4 forwarding base. This allowed a local user to
cause a denial of service. (CVE-2007-2172, Important)

A flaw was found where a corrupted executable file could cause cross-region
memory mappings on Itanium systems. This allowed a local user to cause a
denial of service. (CVE-2006-4538, Moderate)

A flaw was found in the stack expansion when using the hugetlb kernel on
PowerPC systems. This allowed a local user to cause a denial of service.
(CVE-2007-3739, Moderate)

A flaw was found in the aacraid SCSI driver. This allowed a local user to
make ioctl calls to the driver that should be restricted to privileged
users. (CVE-2007-4308, Moderate)

As well, these updated packages fix the following bug:

* a bug in the TCP header prediction code may have caused "TCP: Treason
uncloaked!" messages to be logged. In certain situations this may have lead
to TCP connections hanging or aborting.

Red Hat Enterprise Linux 3 users are advised to upgrade to these updated
packages, which contain backported patches to resolve these issues.

4. Solution:

Before applying this update, make sure that all previously-released
errata relevant to your system have been applied.

This update is available via Red Hat Network. Details on how to use
the Red Hat Network to apply this update are available at
http://kbase.redhat.com/faq/FAQ_58_10188

5. Bug IDs fixed (http://bugzilla.redhat.com/):

249237 - IPV4 'Treason uncloaked' message - hints at a more general kernel/net bug
250429 - CVE-2007-2172 fib_semantics.c out of bounds access vulnerability
250972 - CVE-2007-3848 Privilege escalation via PR_SET_PDEATHSIG
252309 - CVE-2007-4308 Missing ioctl() permission checks in aacraid driver
289151 - CVE-2006-4538 Local DoS with corrupted ELF
294941 - CVE-2007-3739 LTC36188-Don't allow the stack to grow into hugetlb reserved regions

6. RPMs required:

Red Hat Enterprise Linux AS version 3:

SRPMS:
ftp://updates.redhat.com/enterprise/3AS/en/os/SRPMS/kernel-2.4.21-53.EL.src.rpm
f6b14b96032c8e6ef0b6bf0ceb50f658 kernel-2.4.21-53.EL.src.rpm

i386:
5ed3ebaa27fe3523e6287afe9da778df kernel-2.4.21-53.EL.athlon.rpm
aaaa37a37c4d9d50f85c3d33ea75c2d5 kernel-2.4.21-53.EL.i686.rpm
c750ed31d9402c48bb0831443947b1b3 kernel-BOOT-2.4.21-53.EL.i386.rpm
958895eee3ffc86db1744b59b18b2ed4 kernel-debuginfo-2.4.21-53.EL.athlon.rpm
6da92dd3c05cdef87a3afe85cf76ffcf kernel-debuginfo-2.4.21-53.EL.i386.rpm
c7cc1996634c81fe969dfd6f1c228bd2 kernel-debuginfo-2.4.21-53.EL.i686.rpm
2ca9bf21f2bbbf0bcbcb2501ca972f4e kernel-doc-2.4.21-53.EL.i386.rpm
c3e41830403b446d494e0fcb0668ffb6 kernel-hugemem-2.4.21-53.EL.i686.rpm
125a006ee18d4a5afc652547252f77b4 kernel-hugemem-unsupported-2.4.21-53.EL.i686.rpm
b6966cff1cca0a9b4c53f7ac8bc7c8ec kernel-smp-2.4.21-53.EL.athlon.rpm
874b032f5f12e35a66842966dfe615fc kernel-smp-2.4.21-53.EL.i686.rpm
e1f6b9b5f82534206d68de57173cebc7 kernel-smp-unsupported-2.4.21-53.EL.athlon.rpm
7ee65541e62b6e76a0f0c8c8ffacfe7b kernel-smp-unsupported-2.4.21-53.EL.i686.rpm
25eb44031ca51e13c3518cbfa5d14868 kernel-source-2.4.21-53.EL.i386.rpm
38292e5677afeca19eff46011643b687 kernel-unsupported-2.4.21-53.EL.athlon.rpm
8e81ce663a85ccdb323ae10be861965e kernel-unsupported-2.4.21-53.EL.i686.rpm

ia64:
58ce57bce8a0f72f8239b4412ec5f0d0 kernel-2.4.21-53.EL.ia64.rpm
3da16c323c512d3c6aca21db7e50a35c kernel-debuginfo-2.4.21-53.EL.ia64.rpm
85811f0f247d9bb01e1b823de7fb429b kernel-doc-2.4.21-53.EL.ia64.rpm
dcc30f9dd34cf5c7666d71b2fae6d975 kernel-source-2.4.21-53.EL.ia64.rpm
66e70d213977984f6a3f189a74ad0963 kernel-unsupported-2.4.21-53.EL.ia64.rpm

ppc:
82bba5f9f376ee007a6354df6af87778 kernel-2.4.21-53.EL.ppc64iseries.rpm
dcb788cdc164cb2c51e462734d8ffeca kernel-2.4.21-53.EL.ppc64pseries.rpm
4afa2676f02b6121e450f1dc2df4e263 kernel-debuginfo-2.4.21-53.EL.ppc64.rpm
b68f959c2976aa66f3ff3e32e8ba4faa kernel-debuginfo-2.4.21-53.EL.ppc64iseries.rpm
0d7766cf63a102296ca82ea788546a15 kernel-debuginfo-2.4.21-53.EL.ppc64pseries.rpm
1447344d9ebee027257d495c074b244e kernel-doc-2.4.21-53.EL.ppc64.rpm
fb387166670d7fd1f1ca034d6bbfc371 kernel-source-2.4.21-53.EL.ppc64.rpm
a2e26fe734de4d356d68dbdd08c64548 kernel-unsupported-2.4.21-53.EL.ppc64iseries.rpm
53fa6a0d16093346fac2db9f490cbc87 kernel-unsupported-2.4.21-53.EL.ppc64pseries.rpm

s390:
7651727c8b05c762c4efae0a224f92c3 kernel-2.4.21-53.EL.s390.rpm
d513754b73947f7b8601668d3c88c5d3 kernel-debuginfo-2.4.21-53.EL.s390.rpm
93fc7baca88bb36556780aaf66416f90 kernel-doc-2.4.21-53.EL.s390.rpm
21a066b295363b8e22d671603e1ab5dd kernel-source-2.4.21-53.EL.s390.rpm
8d1da2180806c3654af48587948a5994 kernel-unsupported-2.4.21-53.EL.s390.rpm

s390x:
795d3ac785caab9befd45edb9f98f787 kernel-2.4.21-53.EL.s390x.rpm
04e28c359ab663a936d48ace4d83cd39 kernel-debuginfo-2.4.21-53.EL.s390x.rpm
bbe1dcab582e792a3200ff69557cf7bf kernel-doc-2.4.21-53.EL.s390x.rpm
cc0f24530dd8b0adf53378f702107e71 kernel-source-2.4.21-53.EL.s390x.rpm
e710ac2b4a5263884f7f63ace4c402a8 kernel-unsupported-2.4.21-53.EL.s390x.rpm

x86_64:
22267331e595689b6b7c6ddbc92b3e66 kernel-2.4.21-53.EL.ia32e.rpm
66cdd20c8c8059e92593b2acdbb1357d kernel-2.4.21-53.EL.x86_64.rpm
6899921e5b7d613eb378d62adb0fdfb6 kernel-debuginfo-2.4.21-53.EL.ia32e.rpm
cfc8f90e4c202958d99c4a76df0055ce kernel-debuginfo-2.4.21-53.EL.x86_64.rpm
4e281964dadc7aa8afcf7364102cf8d6 kernel-doc-2.4.21-53.EL.x86_64.rpm
65ef6c81fad4acbff6a4626888e49c6c kernel-smp-2.4.21-53.EL.x86_64.rpm
0f8c0fd98410071fafa0b892c22a075b kernel-smp-unsupported-2.4.21-53.EL.x86_64.rpm
bf9539cde0b3e4a42c95e2302c2568aa kernel-source-2.4.21-53.EL.x86_64.rpm
595d8cee6a98e3813fb29a3eaa3a51f4 kernel-unsupported-2.4.21-53.EL.ia32e.rpm
bc60307faf9dd46e819e0e67cb9bbf2d kernel-unsupported-2.4.21-53.EL.x86_64.rpm

Red Hat Desktop version 3:

SRPMS:
ftp://updates.redhat.com/enterprise/3desktop/en/os/SRPMS/kernel-2.4.21-53.EL.src.rpm
f6b14b96032c8e6ef0b6bf0ceb50f658 kernel-2.4.21-53.EL.src.rpm

i386:
5ed3ebaa27fe3523e6287afe9da778df kernel-2.4.21-53.EL.athlon.rpm
aaaa37a37c4d9d50f85c3d33ea75c2d5 kernel-2.4.21-53.EL.i686.rpm
c750ed31d9402c48bb0831443947b1b3 kernel-BOOT-2.4.21-53.EL.i386.rpm
958895eee3ffc86db1744b59b18b2ed4 kernel-debuginfo-2.4.21-53.EL.athlon.rpm
6da92dd3c05cdef87a3afe85cf76ffcf kernel-debuginfo-2.4.21-53.EL.i386.rpm
c7cc1996634c81fe969dfd6f1c228bd2 kernel-debuginfo-2.4.21-53.EL.i686.rpm
2ca9bf21f2bbbf0bcbcb2501ca972f4e kernel-doc-2.4.21-53.EL.i386.rpm
c3e41830403b446d494e0fcb0668ffb6 kernel-hugemem-2.4.21-53.EL.i686.rpm
125a006ee18d4a5afc652547252f77b4 kernel-hugemem-unsupported-2.4.21-53.EL.i686.rpm
b6966cff1cca0a9b4c53f7ac8bc7c8ec kernel-smp-2.4.21-53.EL.athlon.rpm
874b032f5f12e35a66842966dfe615fc kernel-smp-2.4.21-53.EL.i686.rpm
e1f6b9b5f82534206d68de57173cebc7 kernel-smp-unsupported-2.4.21-53.EL.athlon.rpm
7ee65541e62b6e76a0f0c8c8ffacfe7b kernel-smp-unsupported-2.4.21-53.EL.i686.rpm
25eb44031ca51e13c3518cbfa5d14868 kernel-source-2.4.21-53.EL.i386.rpm
38292e5677afeca19eff46011643b687 kernel-unsupported-2.4.21-53.EL.athlon.rpm
8e81ce663a85ccdb323ae10be861965e kernel-unsupported-2.4.21-53.EL.i686.rpm

x86_64:
22267331e595689b6b7c6ddbc92b3e66 kernel-2.4.21-53.EL.ia32e.rpm
66cdd20c8c8059e92593b2acdbb1357d kernel-2.4.21-53.EL.x86_64.rpm
6899921e5b7d613eb378d62adb0fdfb6 kernel-debuginfo-2.4.21-53.EL.ia32e.rpm
cfc8f90e4c202958d99c4a76df0055ce kernel-debuginfo-2.4.21-53.EL.x86_64.rpm
4e281964dadc7aa8afcf7364102cf8d6 kernel-doc-2.4.21-53.EL.x86_64.rpm
65ef6c81fad4acbff6a4626888e49c6c kernel-smp-2.4.21-53.EL.x86_64.rpm
0f8c0fd98410071fafa0b892c22a075b kernel-smp-unsupported-2.4.21-53.EL.x86_64.rpm
bf9539cde0b3e4a42c95e2302c2568aa kernel-source-2.4.21-53.EL.x86_64.rpm
595d8cee6a98e3813fb29a3eaa3a51f4 kernel-unsupported-2.4.21-53.EL.ia32e.rpm
bc60307faf9dd46e819e0e67cb9bbf2d kernel-unsupported-2.4.21-53.EL.x86_64.rpm

Red Hat Enterprise Linux ES version 3:

SRPMS:
ftp://updates.redhat.com/enterprise/3ES/en/os/SRPMS/kernel-2.4.21-53.EL.src.rpm
f6b14b96032c8e6ef0b6bf0ceb50f658 kernel-2.4.21-53.EL.src.rpm

i386:
5ed3ebaa27fe3523e6287afe9da778df kernel-2.4.21-53.EL.athlon.rpm
aaaa37a37c4d9d50f85c3d33ea75c2d5 kernel-2.4.21-53.EL.i686.rpm
c750ed31d9402c48bb0831443947b1b3 kernel-BOOT-2.4.21-53.EL.i386.rpm
958895eee3ffc86db1744b59b18b2ed4 kernel-debuginfo-2.4.21-53.EL.athlon.rpm
6da92dd3c05cdef87a3afe85cf76ffcf kernel-debuginfo-2.4.21-53.EL.i386.rpm
c7cc1996634c81fe969dfd6f1c228bd2 kernel-debuginfo-2.4.21-53.EL.i686.rpm
2ca9bf21f2bbbf0bcbcb2501ca972f4e kernel-doc-2.4.21-53.EL.i386.rpm
c3e41830403b446d494e0fcb0668ffb6 kernel-hugemem-2.4.21-53.EL.i686.rpm
125a006ee18d4a5afc652547252f77b4 kernel-hugemem-unsupported-2.4.21-53.EL.i686.rpm
b6966cff1cca0a9b4c53f7ac8bc7c8ec kernel-smp-2.4.21-53.EL.athlon.rpm
874b032f5f12e35a66842966dfe615fc kernel-smp-2.4.21-53.EL.i686.rpm
e1f6b9b5f82534206d68de57173cebc7 kernel-smp-unsupported-2.4.21-53.EL.athlon.rpm
7ee65541e62b6e76a0f0c8c8ffacfe7b kernel-smp-unsupported-2.4.21-53.EL.i686.rpm
25eb44031ca51e13c3518cbfa5d14868 kernel-source-2.4.21-53.EL.i386.rpm
38292e5677afeca19eff46011643b687 kernel-unsupported-2.4.21-53.EL.athlon.rpm
8e81ce663a85ccdb323ae10be861965e kernel-unsupported-2.4.21-53.EL.i686.rpm

ia64:
58ce57bce8a0f72f8239b4412ec5f0d0 kernel-2.4.21-53.EL.ia64.rpm
3da16c323c512d3c6aca21db7e50a35c kernel-debuginfo-2.4.21-53.EL.ia64.rpm
85811f0f247d9bb01e1b823de7fb429b kernel-doc-2.4.21-53.EL.ia64.rpm
dcc30f9dd34cf5c7666d71b2fae6d975 kernel-source-2.4.21-53.EL.ia64.rpm
66e70d213977984f6a3f189a74ad0963 kernel-unsupported-2.4.21-53.EL.ia64.rpm

x86_64:
22267331e595689b6b7c6ddbc92b3e66 kernel-2.4.21-53.EL.ia32e.rpm
66cdd20c8c8059e92593b2acdbb1357d kernel-2.4.21-53.EL.x86_64.rpm
6899921e5b7d613eb378d62adb0fdfb6 kernel-debuginfo-2.4.21-53.EL.ia32e.rpm
cfc8f90e4c202958d99c4a76df0055ce kernel-debuginfo-2.4.21-53.EL.x86_64.rpm
4e281964dadc7aa8afcf7364102cf8d6 kernel-doc-2.4.21-53.EL.x86_64.rpm
65ef6c81fad4acbff6a4626888e49c6c kernel-smp-2.4.21-53.EL.x86_64.rpm
0f8c0fd98410071fafa0b892c22a075b kernel-smp-unsupported-2.4.21-53.EL.x86_64.rpm
bf9539cde0b3e4a42c95e2302c2568aa kernel-source-2.4.21-53.EL.x86_64.rpm
595d8cee6a98e3813fb29a3eaa3a51f4 kernel-unsupported-2.4.21-53.EL.ia32e.rpm
bc60307faf9dd46e819e0e67cb9bbf2d kernel-unsupported-2.4.21-53.EL.x86_64.rpm

Red Hat Enterprise Linux WS version 3:

SRPMS:
ftp://updates.redhat.com/enterprise/3WS/en/os/SRPMS/kernel-2.4.21-53.EL.src.rpm
f6b14b96032c8e6ef0b6bf0ceb50f658 kernel-2.4.21-53.EL.src.rpm

i386:
5ed3ebaa27fe3523e6287afe9da778df kernel-2.4.21-53.EL.athlon.rpm
aaaa37a37c4d9d50f85c3d33ea75c2d5 kernel-2.4.21-53.EL.i686.rpm
c750ed31d9402c48bb0831443947b1b3 kernel-BOOT-2.4.21-53.EL.i386.rpm
958895eee3ffc86db1744b59b18b2ed4 kernel-debuginfo-2.4.21-53.EL.athlon.rpm
6da92dd3c05cdef87a3afe85cf76ffcf kernel-debuginfo-2.4.21-53.EL.i386.rpm
c7cc1996634c81fe969dfd6f1c228bd2 kernel-debuginfo-2.4.21-53.EL.i686.rpm
2ca9bf21f2bbbf0bcbcb2501ca972f4e kernel-doc-2.4.21-53.EL.i386.rpm
c3e41830403b446d494e0fcb0668ffb6 kernel-hugemem-2.4.21-53.EL.i686.rpm
125a006ee18d4a5afc652547252f77b4 kernel-hugemem-unsupported-2.4.21-53.EL.i686.rpm
b6966cff1cca0a9b4c53f7ac8bc7c8ec kernel-smp-2.4.21-53.EL.athlon.rpm
874b032f5f12e35a66842966dfe615fc kernel-smp-2.4.21-53.EL.i686.rpm
e1f6b9b5f82534206d68de57173cebc7 kernel-smp-unsupported-2.4.21-53.EL.athlon.rpm
7ee65541e62b6e76a0f0c8c8ffacfe7b kernel-smp-unsupported-2.4.21-53.EL.i686.rpm
25eb44031ca51e13c3518cbfa5d14868 kernel-source-2.4.21-53.EL.i386.rpm
38292e5677afeca19eff46011643b687 kernel-unsupported-2.4.21-53.EL.athlon.rpm
8e81ce663a85ccdb323ae10be861965e kernel-unsupported-2.4.21-53.EL.i686.rpm

ia64:
58ce57bce8a0f72f8239b4412ec5f0d0 kernel-2.4.21-53.EL.ia64.rpm
3da16c323c512d3c6aca21db7e50a35c kernel-debuginfo-2.4.21-53.EL.ia64.rpm
85811f0f247d9bb01e1b823de7fb429b kernel-doc-2.4.21-53.EL.ia64.rpm
dcc30f9dd34cf5c7666d71b2fae6d975 kernel-source-2.4.21-53.EL.ia64.rpm
66e70d213977984f6a3f189a74ad0963 kernel-unsupported-2.4.21-53.EL.ia64.rpm

x86_64:
22267331e595689b6b7c6ddbc92b3e66 kernel-2.4.21-53.EL.ia32e.rpm
66cdd20c8c8059e92593b2acdbb1357d kernel-2.4.21-53.EL.x86_64.rpm
6899921e5b7d613eb378d62adb0fdfb6 kernel-debuginfo-2.4.21-53.EL.ia32e.rpm
cfc8f90e4c202958d99c4a76df0055ce kernel-debuginfo-2.4.21-53.EL.x86_64.rpm
4e281964dadc7aa8afcf7364102cf8d6 kernel-doc-2.4.21-53.EL.x86_64.rpm
65ef6c81fad4acbff6a4626888e49c6c kernel-smp-2.4.21-53.EL.x86_64.rpm
0f8c0fd98410071fafa0b892c22a075b kernel-smp-unsupported-2.4.21-53.EL.x86_64.rpm
bf9539cde0b3e4a42c95e2302c2568aa kernel-source-2.4.21-53.EL.x86_64.rpm
595d8cee6a98e3813fb29a3eaa3a51f4 kernel-unsupported-2.4.21-53.EL.ia32e.rpm
bc60307faf9dd46e819e0e67cb9bbf2d kernel-unsupported-2.4.21-53.EL.x86_64.rpm

These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
https://www.redhat.com/security/team/key/#package

7. References:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2172
http://cve.mitre.org/cgi-bin/cvename.cgi?name=
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3848
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4538
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3739
http://cve.mitre.org/cgi-bin/cvename.cgi?name=
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4308
http://www.redhat.com/security/updates/classification/#important

8. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact
details at https://www.redhat.com/security/team/contact/

Copyright 2007 Red Hat, Inc.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.4 (GNU/Linux)

iD8DBQFHVCLdXlSAg2UNWIIRArWGAJ9cq2/UtXFTLJENT+XXaMy7GQJXcACghuqK
bMaRlCFgjP/F0CTi828wOhw=
=53Xo
-----END PGP SIGNATURE-----



--
Enterprise-watch-list mailing list
Enterprise-watch-list@redhat.com
https://www.redhat.com/mailman/listinfo/enterprise-watch-list
 
Old 01-31-2008, 05:36 PM
 
Default Important: kernel security and bug fix update

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

================================================== ===================
Red Hat Security Advisory

Synopsis: Important: kernel security and bug fix update
Advisory ID: RHSA-2008:0055-01
Product: Red Hat Enterprise Linux
Advisory URL: https://rhn.redhat.com/errata/RHSA-2008-0055.html
Issue date: 2008-01-31
CVE Names: CVE-2007-4130 CVE-2007-5500 CVE-2007-6063
CVE-2007-6151 CVE-2007-6206 CVE-2007-6694
CVE-2008-0001
================================================== ===================

1. Summary:

Updated kernel packages that fix several security issues and a bug in the
Red Hat Enterprise Linux 4 kernel are now available.

This update has been rated as having important security impact by the Red
Hat Security Response Team.

2. Relevant releases/architectures:

Red Hat Enterprise Linux AS version 4 - i386, ia64, noarch, ppc, s390, s390x, x86_64
Red Hat Enterprise Linux Desktop version 4 - i386, noarch, x86_64
Red Hat Enterprise Linux ES version 4 - i386, ia64, noarch, x86_64
Red Hat Enterprise Linux WS version 4 - i386, ia64, noarch, x86_64

3. Description:

The kernel packages contain the Linux kernel, the core of any Linux
operating system.

These updated kernel packages fix the following security issues:

A flaw was found in the virtual filesystem (VFS). A local unprivileged
user could truncate directories to which they had write permission; this
could render the contents of the directory inaccessible. (CVE-2008-0001,
Important)

A flaw was found in the implementation of ptrace. A local unprivileged user
could trigger this flaw and possibly cause a denial of service (system
hang). (CVE-2007-5500, Important)

A flaw was found in the way the Red Hat Enterprise Linux 4 kernel handled
page faults when a CPU used the NUMA method for accessing memory on Itanium
architectures. A local unprivileged user could trigger this flaw and cause
a denial of service (system panic). (CVE-2007-4130, Important)

A possible NULL pointer dereference was found in the chrp_show_cpuinfo
function when using the PowerPC architecture. This may have allowed a local
unprivileged user to cause a denial of service (crash).
(CVE-2007-6694, Moderate)

A flaw was found in the way core dump files were created. If a local user
can get a root-owned process to dump a core file into a directory, which
the user has write access to, they could gain read access to that core
file. This could potentially grant unauthorized access to sensitive
information. (CVE-2007-6206, Moderate)

Two buffer overflow flaws were found in the Linux kernel ISDN subsystem. A
local unprivileged user could use these flaws to cause a denial of
service. (CVE-2007-6063, CVE-2007-6151, Moderate)

As well, these updated packages fix the following bug:

* when moving volumes that contain multiple segments, and a mirror segment
is not the first in the mapping table, running the "pvmove /dev/[device]
/dev/[device]" command caused a kernel panic. A "kernel: Unable to handle
kernel paging request at virtual address [address]" error was logged by
syslog.

Red Hat Enterprise Linux 4 users are advised to upgrade to these updated
packages, which contain backported patches to resolve these issues.

4. Solution:

Before applying this update, make sure that all previously-released
errata relevant to your system have been applied.

This update is available via Red Hat Network. Details on how to use
the Red Hat Network to apply this update are available at
http://kbase.redhat.com/faq/FAQ_58_10188

5. Bugs fixed (http://bugzilla.redhat.com/):

179665 - CVE-2007-4130 panic caused by set_mempolicy with MPOL_BIND
382161 - CVE-2007-5500 kernel hang via userspace PTRACE+waitid
392101 - CVE-2007-6063 Linux Kernel isdn_net_setcfg buffer overflow
396751 - CVE-2007-6694 /proc/cpuinfo DoS on some ppc machines
396861 - CVE-2007-6206 Issue with core dump owner
425111 - CVE-2007-6151 I4L: fix isdn_ioctl memory issue
428637 - pvmove causes kernel panic
428791 - CVE-2008-0001 kernel: filesystem corruption by unprivileged user via directory truncation

6. Package List:

Red Hat Enterprise Linux AS version 4:

Source:
ftp://updates.redhat.com/enterprise/4AS/en/os/SRPMS/kernel-2.6.9-67.0.4.EL.src.rpm

i386:
kernel-2.6.9-67.0.4.EL.i686.rpm
kernel-debuginfo-2.6.9-67.0.4.EL.i686.rpm
kernel-devel-2.6.9-67.0.4.EL.i686.rpm
kernel-hugemem-2.6.9-67.0.4.EL.i686.rpm
kernel-hugemem-devel-2.6.9-67.0.4.EL.i686.rpm
kernel-smp-2.6.9-67.0.4.EL.i686.rpm
kernel-smp-devel-2.6.9-67.0.4.EL.i686.rpm
kernel-xenU-2.6.9-67.0.4.EL.i686.rpm
kernel-xenU-devel-2.6.9-67.0.4.EL.i686.rpm

ia64:
kernel-2.6.9-67.0.4.EL.ia64.rpm
kernel-debuginfo-2.6.9-67.0.4.EL.ia64.rpm
kernel-devel-2.6.9-67.0.4.EL.ia64.rpm
kernel-largesmp-2.6.9-67.0.4.EL.ia64.rpm
kernel-largesmp-devel-2.6.9-67.0.4.EL.ia64.rpm

noarch:
kernel-doc-2.6.9-67.0.4.EL.noarch.rpm

ppc:
kernel-2.6.9-67.0.4.EL.ppc64.rpm
kernel-2.6.9-67.0.4.EL.ppc64iseries.rpm
kernel-debuginfo-2.6.9-67.0.4.EL.ppc64.rpm
kernel-debuginfo-2.6.9-67.0.4.EL.ppc64iseries.rpm
kernel-devel-2.6.9-67.0.4.EL.ppc64.rpm
kernel-devel-2.6.9-67.0.4.EL.ppc64iseries.rpm
kernel-largesmp-2.6.9-67.0.4.EL.ppc64.rpm
kernel-largesmp-devel-2.6.9-67.0.4.EL.ppc64.rpm

s390:
kernel-2.6.9-67.0.4.EL.s390.rpm
kernel-debuginfo-2.6.9-67.0.4.EL.s390.rpm
kernel-devel-2.6.9-67.0.4.EL.s390.rpm

s390x:
kernel-2.6.9-67.0.4.EL.s390x.rpm
kernel-debuginfo-2.6.9-67.0.4.EL.s390x.rpm
kernel-devel-2.6.9-67.0.4.EL.s390x.rpm

x86_64:
kernel-2.6.9-67.0.4.EL.x86_64.rpm
kernel-debuginfo-2.6.9-67.0.4.EL.x86_64.rpm
kernel-devel-2.6.9-67.0.4.EL.x86_64.rpm
kernel-largesmp-2.6.9-67.0.4.EL.x86_64.rpm
kernel-largesmp-devel-2.6.9-67.0.4.EL.x86_64.rpm
kernel-smp-2.6.9-67.0.4.EL.x86_64.rpm
kernel-smp-devel-2.6.9-67.0.4.EL.x86_64.rpm
kernel-xenU-2.6.9-67.0.4.EL.x86_64.rpm
kernel-xenU-devel-2.6.9-67.0.4.EL.x86_64.rpm

Red Hat Enterprise Linux Desktop version 4:

Source:
ftp://updates.redhat.com/enterprise/4Desktop/en/os/SRPMS/kernel-2.6.9-67.0.4.EL.src.rpm

i386:
kernel-2.6.9-67.0.4.EL.i686.rpm
kernel-debuginfo-2.6.9-67.0.4.EL.i686.rpm
kernel-devel-2.6.9-67.0.4.EL.i686.rpm
kernel-hugemem-2.6.9-67.0.4.EL.i686.rpm
kernel-hugemem-devel-2.6.9-67.0.4.EL.i686.rpm
kernel-smp-2.6.9-67.0.4.EL.i686.rpm
kernel-smp-devel-2.6.9-67.0.4.EL.i686.rpm
kernel-xenU-2.6.9-67.0.4.EL.i686.rpm
kernel-xenU-devel-2.6.9-67.0.4.EL.i686.rpm

noarch:
kernel-doc-2.6.9-67.0.4.EL.noarch.rpm

x86_64:
kernel-2.6.9-67.0.4.EL.x86_64.rpm
kernel-debuginfo-2.6.9-67.0.4.EL.x86_64.rpm
kernel-devel-2.6.9-67.0.4.EL.x86_64.rpm
kernel-largesmp-2.6.9-67.0.4.EL.x86_64.rpm
kernel-largesmp-devel-2.6.9-67.0.4.EL.x86_64.rpm
kernel-smp-2.6.9-67.0.4.EL.x86_64.rpm
kernel-smp-devel-2.6.9-67.0.4.EL.x86_64.rpm
kernel-xenU-2.6.9-67.0.4.EL.x86_64.rpm
kernel-xenU-devel-2.6.9-67.0.4.EL.x86_64.rpm

Red Hat Enterprise Linux ES version 4:

Source:
ftp://updates.redhat.com/enterprise/4ES/en/os/SRPMS/kernel-2.6.9-67.0.4.EL.src.rpm

i386:
kernel-2.6.9-67.0.4.EL.i686.rpm
kernel-debuginfo-2.6.9-67.0.4.EL.i686.rpm
kernel-devel-2.6.9-67.0.4.EL.i686.rpm
kernel-hugemem-2.6.9-67.0.4.EL.i686.rpm
kernel-hugemem-devel-2.6.9-67.0.4.EL.i686.rpm
kernel-smp-2.6.9-67.0.4.EL.i686.rpm
kernel-smp-devel-2.6.9-67.0.4.EL.i686.rpm
kernel-xenU-2.6.9-67.0.4.EL.i686.rpm
kernel-xenU-devel-2.6.9-67.0.4.EL.i686.rpm

ia64:
kernel-2.6.9-67.0.4.EL.ia64.rpm
kernel-debuginfo-2.6.9-67.0.4.EL.ia64.rpm
kernel-devel-2.6.9-67.0.4.EL.ia64.rpm
kernel-largesmp-2.6.9-67.0.4.EL.ia64.rpm
kernel-largesmp-devel-2.6.9-67.0.4.EL.ia64.rpm

noarch:
kernel-doc-2.6.9-67.0.4.EL.noarch.rpm

x86_64:
kernel-2.6.9-67.0.4.EL.x86_64.rpm
kernel-debuginfo-2.6.9-67.0.4.EL.x86_64.rpm
kernel-devel-2.6.9-67.0.4.EL.x86_64.rpm
kernel-largesmp-2.6.9-67.0.4.EL.x86_64.rpm
kernel-largesmp-devel-2.6.9-67.0.4.EL.x86_64.rpm
kernel-smp-2.6.9-67.0.4.EL.x86_64.rpm
kernel-smp-devel-2.6.9-67.0.4.EL.x86_64.rpm
kernel-xenU-2.6.9-67.0.4.EL.x86_64.rpm
kernel-xenU-devel-2.6.9-67.0.4.EL.x86_64.rpm

Red Hat Enterprise Linux WS version 4:

Source:
ftp://updates.redhat.com/enterprise/4WS/en/os/SRPMS/kernel-2.6.9-67.0.4.EL.src.rpm

i386:
kernel-2.6.9-67.0.4.EL.i686.rpm
kernel-debuginfo-2.6.9-67.0.4.EL.i686.rpm
kernel-devel-2.6.9-67.0.4.EL.i686.rpm
kernel-hugemem-2.6.9-67.0.4.EL.i686.rpm
kernel-hugemem-devel-2.6.9-67.0.4.EL.i686.rpm
kernel-smp-2.6.9-67.0.4.EL.i686.rpm
kernel-smp-devel-2.6.9-67.0.4.EL.i686.rpm
kernel-xenU-2.6.9-67.0.4.EL.i686.rpm
kernel-xenU-devel-2.6.9-67.0.4.EL.i686.rpm

ia64:
kernel-2.6.9-67.0.4.EL.ia64.rpm
kernel-debuginfo-2.6.9-67.0.4.EL.ia64.rpm
kernel-devel-2.6.9-67.0.4.EL.ia64.rpm
kernel-largesmp-2.6.9-67.0.4.EL.ia64.rpm
kernel-largesmp-devel-2.6.9-67.0.4.EL.ia64.rpm

noarch:
kernel-doc-2.6.9-67.0.4.EL.noarch.rpm

x86_64:
kernel-2.6.9-67.0.4.EL.x86_64.rpm
kernel-debuginfo-2.6.9-67.0.4.EL.x86_64.rpm
kernel-devel-2.6.9-67.0.4.EL.x86_64.rpm
kernel-largesmp-2.6.9-67.0.4.EL.x86_64.rpm
kernel-largesmp-devel-2.6.9-67.0.4.EL.x86_64.rpm
kernel-smp-2.6.9-67.0.4.EL.x86_64.rpm
kernel-smp-devel-2.6.9-67.0.4.EL.x86_64.rpm
kernel-xenU-2.6.9-67.0.4.EL.x86_64.rpm
kernel-xenU-devel-2.6.9-67.0.4.EL.x86_64.rpm

These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
https://www.redhat.com/security/team/key/#package

7. References:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4130
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5500
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6063
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6151
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6206
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6694
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0001
http://www.redhat.com/security/updates/classification/#important

8. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact
details at https://www.redhat.com/security/team/contact/

Copyright 2008 Red Hat, Inc.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.4 (GNU/Linux)

iD8DBQFHohUYXlSAg2UNWIIRAvgXAJ0X3teoSMZAR5GVFafJnC yqwdN7bQCdF5e7
Ad8v5oCkVcDypRRLOHRADtg=
=Xgk6
-----END PGP SIGNATURE-----


--
Enterprise-watch-list mailing list
Enterprise-watch-list@redhat.com
https://www.redhat.com/mailman/listinfo/enterprise-watch-list
 
Old 05-07-2008, 07:06 AM
 
Default Important: kernel security and bug fix update

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

================================================== ===================
Red Hat Security Advisory

Synopsis: Important: kernel security and bug fix update
Advisory ID: RHSA-2008:0211-01
Product: Red Hat Enterprise Linux
Advisory URL: https://rhn.redhat.com/errata/RHSA-2008-0211.html
Issue date: 2008-05-07
CVE Names: CVE-2006-4814 CVE-2007-5001 CVE-2007-6151
CVE-2007-6206 CVE-2008-0007 CVE-2008-1367
CVE-2008-1375 CVE-2008-1669
================================================== ===================

1. Summary:

Updated kernel packages that fix various security issues and several bugs
are now available for Red Hat Enterprise Linux 3.

This update has been rated as having important security impact by the Red
Hat Security Response Team.

2. Relevant releases/architectures:

Red Hat Enterprise Linux AS version 3 - i386, ia64, ppc, s390, s390x, x86_64
Red Hat Desktop version 3 - i386, x86_64
Red Hat Enterprise Linux ES version 3 - i386, ia64, x86_64
Red Hat Enterprise Linux WS version 3 - i386, ia64, x86_64

3. Description:

The kernel packages contain the Linux kernel, the core of any Linux
operating system.

These updated packages fix the following security issues:

* the absence of a protection mechanism when attempting to access a
critical section of code has been found in the Linux kernel open file
descriptors control mechanism, fcntl. This could allow a local unprivileged
user to simultaneously execute code, which would otherwise be protected
against parallel execution. As well, a race condition when handling locks
in the Linux kernel fcntl functionality, may have allowed a process
belonging to a local unprivileged user to gain re-ordered access to the
descriptor table. (CVE-2008-1669, Important)

* the absence of a protection mechanism when attempting to access a
critical section of code, as well as a race condition, have been found in
the Linux kernel file system event notifier, dnotify. This could allow a
local unprivileged user to get inconsistent data, or to send arbitrary
signals to arbitrary system processes. (CVE-2008-1375, Important)

Red Hat would like to thank Nick Piggin for responsibly disclosing the
following issue:

* when accessing kernel memory locations, certain Linux kernel drivers
registering a fault handler did not perform required range checks. A local
unprivileged user could use this flaw to gain read or write access to
arbitrary kernel memory, or possibly cause a kernel crash.
(CVE-2008-0007, Important)

* a flaw was found when performing asynchronous input or output operations
on a FIFO special file. A local unprivileged user could use this flaw to
cause a kernel panic. (CVE-2007-5001, Important)

* a flaw was found in the way core dump files were created. If a local user
could get a root-owned process to dump a core file into a directory, which
the user has write access to, they could gain read access to that core
file. This could potentially grant unauthorized access to sensitive
information. (CVE-2007-6206, Moderate)

* a buffer overflow was found in the Linux kernel ISDN subsystem. A local
unprivileged user could use this flaw to cause a denial of service.
(CVE-2007-6151, Moderate)

* a race condition found in the mincore system core could allow a local
user to cause a denial of service (system hang). (CVE-2006-4814, Moderate)

* it was discovered that the Linux kernel handled string operations in the
opposite way to the GNU Compiler Collection (GCC). This could allow a local
unprivileged user to cause memory corruption. (CVE-2008-1367, Low)

As well, these updated packages fix the following bugs:

* a bug, which caused long delays when unmounting mounts containing a large
number of unused dentries, has been resolved.

* in the previous kernel packages, the kernel was unable to handle certain
floating point instructions on Itanium(R) architectures.

* on certain Intel CPUs, the Translation Lookaside Buffer (TLB) was not
flushed correctly, which caused machine check errors.

Red Hat Enterprise Linux 3 users are advised to upgrade to these updated
packages, which contain backported patches to resolve these issues.

4. Solution:

Before applying this update, make sure that all previously-released
errata relevant to your system have been applied.

This update is available via Red Hat Network. Details on how to use
the Red Hat Network to apply this update are available at
http://kbase.redhat.com/faq/FAQ_58_10188

5. Bugs fixed (http://bugzilla.redhat.com/):

306971 - CVE-2006-4814 kernel Race condition in mincore can cause "ps -ef" to hang
326251 - CVE-2007-5001 kernel asynchronous IO on a FIFO kernel panic
396861 - CVE-2007-6206 Issue with core dump owner
413731 - RHEL3: System hangs at unmount
425111 - CVE-2007-6151 I4L: fix isdn_ioctl memory issue
428961 - CVE-2008-0007 kernel: insufficient range checks in fault handlers with mremap
437312 - CVE-2008-1367 Kernel doesn't clear DF for signal handlers
439754 - CVE-2008-1375 kernel: race condition in dnotify (local DoS, local roothole possible)
443433 - CVE-2008-1669 kernel: add rcu_read_lock() to fcheck() in both dnotify, locks.c and fix fcntl store/load race in locks.c

6. Package List:

Red Hat Enterprise Linux AS version 3:

Source:
ftp://updates.redhat.com/enterprise/3AS/en/os/SRPMS/kernel-2.4.21-57.EL.src.rpm

i386:
kernel-2.4.21-57.EL.athlon.rpm
kernel-2.4.21-57.EL.i686.rpm
kernel-BOOT-2.4.21-57.EL.i386.rpm
kernel-debuginfo-2.4.21-57.EL.athlon.rpm
kernel-debuginfo-2.4.21-57.EL.i386.rpm
kernel-debuginfo-2.4.21-57.EL.i686.rpm
kernel-doc-2.4.21-57.EL.i386.rpm
kernel-hugemem-2.4.21-57.EL.i686.rpm
kernel-hugemem-unsupported-2.4.21-57.EL.i686.rpm
kernel-smp-2.4.21-57.EL.athlon.rpm
kernel-smp-2.4.21-57.EL.i686.rpm
kernel-smp-unsupported-2.4.21-57.EL.athlon.rpm
kernel-smp-unsupported-2.4.21-57.EL.i686.rpm
kernel-source-2.4.21-57.EL.i386.rpm
kernel-unsupported-2.4.21-57.EL.athlon.rpm
kernel-unsupported-2.4.21-57.EL.i686.rpm

ia64:
kernel-2.4.21-57.EL.ia64.rpm
kernel-debuginfo-2.4.21-57.EL.ia64.rpm
kernel-doc-2.4.21-57.EL.ia64.rpm
kernel-source-2.4.21-57.EL.ia64.rpm
kernel-unsupported-2.4.21-57.EL.ia64.rpm

ppc:
kernel-2.4.21-57.EL.ppc64iseries.rpm
kernel-2.4.21-57.EL.ppc64pseries.rpm
kernel-debuginfo-2.4.21-57.EL.ppc64.rpm
kernel-debuginfo-2.4.21-57.EL.ppc64iseries.rpm
kernel-debuginfo-2.4.21-57.EL.ppc64pseries.rpm
kernel-doc-2.4.21-57.EL.ppc64.rpm
kernel-source-2.4.21-57.EL.ppc64.rpm
kernel-unsupported-2.4.21-57.EL.ppc64iseries.rpm
kernel-unsupported-2.4.21-57.EL.ppc64pseries.rpm

s390:
kernel-2.4.21-57.EL.s390.rpm
kernel-debuginfo-2.4.21-57.EL.s390.rpm
kernel-doc-2.4.21-57.EL.s390.rpm
kernel-source-2.4.21-57.EL.s390.rpm
kernel-unsupported-2.4.21-57.EL.s390.rpm

s390x:
kernel-2.4.21-57.EL.s390x.rpm
kernel-debuginfo-2.4.21-57.EL.s390x.rpm
kernel-doc-2.4.21-57.EL.s390x.rpm
kernel-source-2.4.21-57.EL.s390x.rpm
kernel-unsupported-2.4.21-57.EL.s390x.rpm

x86_64:
kernel-2.4.21-57.EL.ia32e.rpm
kernel-2.4.21-57.EL.x86_64.rpm
kernel-debuginfo-2.4.21-57.EL.ia32e.rpm
kernel-debuginfo-2.4.21-57.EL.x86_64.rpm
kernel-doc-2.4.21-57.EL.x86_64.rpm
kernel-smp-2.4.21-57.EL.x86_64.rpm
kernel-smp-unsupported-2.4.21-57.EL.x86_64.rpm
kernel-source-2.4.21-57.EL.x86_64.rpm
kernel-unsupported-2.4.21-57.EL.ia32e.rpm
kernel-unsupported-2.4.21-57.EL.x86_64.rpm

Red Hat Desktop version 3:

Source:
ftp://updates.redhat.com/enterprise/3desktop/en/os/SRPMS/kernel-2.4.21-57.EL.src.rpm

i386:
kernel-2.4.21-57.EL.athlon.rpm
kernel-2.4.21-57.EL.i686.rpm
kernel-BOOT-2.4.21-57.EL.i386.rpm
kernel-debuginfo-2.4.21-57.EL.athlon.rpm
kernel-debuginfo-2.4.21-57.EL.i386.rpm
kernel-debuginfo-2.4.21-57.EL.i686.rpm
kernel-doc-2.4.21-57.EL.i386.rpm
kernel-hugemem-2.4.21-57.EL.i686.rpm
kernel-hugemem-unsupported-2.4.21-57.EL.i686.rpm
kernel-smp-2.4.21-57.EL.athlon.rpm
kernel-smp-2.4.21-57.EL.i686.rpm
kernel-smp-unsupported-2.4.21-57.EL.athlon.rpm
kernel-smp-unsupported-2.4.21-57.EL.i686.rpm
kernel-source-2.4.21-57.EL.i386.rpm
kernel-unsupported-2.4.21-57.EL.athlon.rpm
kernel-unsupported-2.4.21-57.EL.i686.rpm

x86_64:
kernel-2.4.21-57.EL.ia32e.rpm
kernel-2.4.21-57.EL.x86_64.rpm
kernel-debuginfo-2.4.21-57.EL.ia32e.rpm
kernel-debuginfo-2.4.21-57.EL.x86_64.rpm
kernel-doc-2.4.21-57.EL.x86_64.rpm
kernel-smp-2.4.21-57.EL.x86_64.rpm
kernel-smp-unsupported-2.4.21-57.EL.x86_64.rpm
kernel-source-2.4.21-57.EL.x86_64.rpm
kernel-unsupported-2.4.21-57.EL.ia32e.rpm
kernel-unsupported-2.4.21-57.EL.x86_64.rpm

Red Hat Enterprise Linux ES version 3:

Source:
ftp://updates.redhat.com/enterprise/3ES/en/os/SRPMS/kernel-2.4.21-57.EL.src.rpm

i386:
kernel-2.4.21-57.EL.athlon.rpm
kernel-2.4.21-57.EL.i686.rpm
kernel-BOOT-2.4.21-57.EL.i386.rpm
kernel-debuginfo-2.4.21-57.EL.athlon.rpm
kernel-debuginfo-2.4.21-57.EL.i386.rpm
kernel-debuginfo-2.4.21-57.EL.i686.rpm
kernel-doc-2.4.21-57.EL.i386.rpm
kernel-hugemem-2.4.21-57.EL.i686.rpm
kernel-hugemem-unsupported-2.4.21-57.EL.i686.rpm
kernel-smp-2.4.21-57.EL.athlon.rpm
kernel-smp-2.4.21-57.EL.i686.rpm
kernel-smp-unsupported-2.4.21-57.EL.athlon.rpm
kernel-smp-unsupported-2.4.21-57.EL.i686.rpm
kernel-source-2.4.21-57.EL.i386.rpm
kernel-unsupported-2.4.21-57.EL.athlon.rpm
kernel-unsupported-2.4.21-57.EL.i686.rpm

ia64:
kernel-2.4.21-57.EL.ia64.rpm
kernel-debuginfo-2.4.21-57.EL.ia64.rpm
kernel-doc-2.4.21-57.EL.ia64.rpm
kernel-source-2.4.21-57.EL.ia64.rpm
kernel-unsupported-2.4.21-57.EL.ia64.rpm

x86_64:
kernel-2.4.21-57.EL.ia32e.rpm
kernel-2.4.21-57.EL.x86_64.rpm
kernel-debuginfo-2.4.21-57.EL.ia32e.rpm
kernel-debuginfo-2.4.21-57.EL.x86_64.rpm
kernel-doc-2.4.21-57.EL.x86_64.rpm
kernel-smp-2.4.21-57.EL.x86_64.rpm
kernel-smp-unsupported-2.4.21-57.EL.x86_64.rpm
kernel-source-2.4.21-57.EL.x86_64.rpm
kernel-unsupported-2.4.21-57.EL.ia32e.rpm
kernel-unsupported-2.4.21-57.EL.x86_64.rpm

Red Hat Enterprise Linux WS version 3:

Source:
ftp://updates.redhat.com/enterprise/3WS/en/os/SRPMS/kernel-2.4.21-57.EL.src.rpm

i386:
kernel-2.4.21-57.EL.athlon.rpm
kernel-2.4.21-57.EL.i686.rpm
kernel-BOOT-2.4.21-57.EL.i386.rpm
kernel-debuginfo-2.4.21-57.EL.athlon.rpm
kernel-debuginfo-2.4.21-57.EL.i386.rpm
kernel-debuginfo-2.4.21-57.EL.i686.rpm
kernel-doc-2.4.21-57.EL.i386.rpm
kernel-hugemem-2.4.21-57.EL.i686.rpm
kernel-hugemem-unsupported-2.4.21-57.EL.i686.rpm
kernel-smp-2.4.21-57.EL.athlon.rpm
kernel-smp-2.4.21-57.EL.i686.rpm
kernel-smp-unsupported-2.4.21-57.EL.athlon.rpm
kernel-smp-unsupported-2.4.21-57.EL.i686.rpm
kernel-source-2.4.21-57.EL.i386.rpm
kernel-unsupported-2.4.21-57.EL.athlon.rpm
kernel-unsupported-2.4.21-57.EL.i686.rpm

ia64:
kernel-2.4.21-57.EL.ia64.rpm
kernel-debuginfo-2.4.21-57.EL.ia64.rpm
kernel-doc-2.4.21-57.EL.ia64.rpm
kernel-source-2.4.21-57.EL.ia64.rpm
kernel-unsupported-2.4.21-57.EL.ia64.rpm

x86_64:
kernel-2.4.21-57.EL.ia32e.rpm
kernel-2.4.21-57.EL.x86_64.rpm
kernel-debuginfo-2.4.21-57.EL.ia32e.rpm
kernel-debuginfo-2.4.21-57.EL.x86_64.rpm
kernel-doc-2.4.21-57.EL.x86_64.rpm
kernel-smp-2.4.21-57.EL.x86_64.rpm
kernel-smp-unsupported-2.4.21-57.EL.x86_64.rpm
kernel-source-2.4.21-57.EL.x86_64.rpm
kernel-unsupported-2.4.21-57.EL.ia32e.rpm
kernel-unsupported-2.4.21-57.EL.x86_64.rpm

These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
https://www.redhat.com/security/team/key/#package

7. References:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4814
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5001
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6151
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6206
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0007
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1367
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1375
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1669
http://www.redhat.com/security/updates/classification/#important

8. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact
details at https://www.redhat.com/security/team/contact/

Copyright 2008 Red Hat, Inc.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.4 (GNU/Linux)

iD8DBQFIIVShXlSAg2UNWIIRAgmSAKCRogfxBH0zKSSl0LoEU/mX2fM8HACgpUZp
ku1MKisAK/HECsk5IhuieJo=
=ld1g
-----END PGP SIGNATURE-----


--
Enterprise-watch-list mailing list
Enterprise-watch-list@redhat.com
https://www.redhat.com/mailman/listinfo/enterprise-watch-list
 
Old 05-07-2008, 07:49 AM
 
Default Important: kernel security and bug fix update

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

================================================== ===================
Red Hat Security Advisory

Synopsis: Important: kernel security and bug fix update
Advisory ID: RHSA-2008:0233-01
Product: Red Hat Enterprise Linux
Advisory URL: https://rhn.redhat.com/errata/RHSA-2008-0233.html
Issue date: 2008-05-07
CVE Names: CVE-2007-5498 CVE-2008-0007 CVE-2008-1367
CVE-2008-1375 CVE-2008-1619 CVE-2008-1669
================================================== ===================

1. Summary:

Updated kernel packages that fix various security issues and several bugs
are now available for Red Hat Enterprise Linux 5.

This update has been rated as having important security impact by the Red
Hat Security Response Team.

2. Relevant releases/architectures:

Red Hat Enterprise Linux Desktop (v. 5 client) - i386, noarch, x86_64
Red Hat Enterprise Linux (v. 5 server) - i386, ia64, noarch, ppc, s390x, x86_64

3. Description:

The kernel packages contain the Linux kernel, the core of any Linux
operating system.

These updated packages fix the following security issues:

* the absence of a protection mechanism when attempting to access a
critical section of code has been found in the Linux kernel open file
descriptors control mechanism, fcntl. This could allow a local unprivileged
user to simultaneously execute code, which would otherwise be protected
against parallel execution. As well, a race condition when handling locks
in the Linux kernel fcntl functionality, may have allowed a process
belonging to a local unprivileged user to gain re-ordered access to the
descriptor table. (CVE-2008-1669, Important)

* a possible hypervisor panic was found in the Linux kernel. A privileged
user of a fully virtualized guest could initiate a stress-test File
Transfer Protocol (FTP) transfer between the guest and the hypervisor,
possibly leading to hypervisor panic. (CVE-2008-1619, Important)

* the absence of a protection mechanism when attempting to access a
critical section of code, as well as a race condition, have been found
in the Linux kernel file system event notifier, dnotify. This could allow a
local unprivileged user to get inconsistent data, or to send arbitrary
signals to arbitrary system processes. (CVE-2008-1375, Important)

Red Hat would like to thank Nick Piggin for responsibly disclosing the
following issue:

* when accessing kernel memory locations, certain Linux kernel drivers
registering a fault handler did not perform required range checks. A local
unprivileged user could use this flaw to gain read or write access to
arbitrary kernel memory, or possibly cause a kernel crash.
(CVE-2008-0007, Important)

* the absence of sanity-checks was found in the hypervisor block backend
driver, when running 32-bit paravirtualized guests on a 64-bit host. The
number of blocks to be processed per one request from guest to host, or
vice-versa, was not checked for its maximum value, which could have allowed
a local privileged user of the guest operating system to cause a denial of
service. (CVE-2007-5498, Important)

* it was discovered that the Linux kernel handled string operations in the
opposite way to the GNU Compiler Collection (GCC). This could allow a local
unprivileged user to cause memory corruption. (CVE-2008-1367, Low)

As well, these updated packages fix the following bugs:

* on IBM System z architectures, when running QIOASSIST enabled QDIO
devices in an IBM z/VM environment, the output queue stalled under heavy
load. This caused network performance to degrade, possibly causing network
hangs and outages.

* multiple buffer overflows were discovered in the neofb video driver. It
was not possible for an unprivileged user to exploit these issues, and as
such, they have not been handled as security issues.

* when running Microsoft Windows in a HVM, a bug in vmalloc/vfree caused
network performance to degrade.

* on certain architectures, a bug in the libATA sata_nv driver may have
caused infinite reboots, and an "ata1: CPB flags CMD err flags 0x11" error.

* repeatedly hot-plugging a PCI Express card may have caused "Bad DLLP"
errors.

* a NULL pointer dereference in NFS, which may have caused applications to
crash, has been resolved.

* when attempting to kexec reboot, either manually or via a panic-triggered
kdump, the Unisys ES7000/one hanged after rebooting in the new kernel,
after printing the "Memory: 32839688k/33685504k available" line.

Red Hat Enterprise Linux 5 users are advised to upgrade to these updated
packages, which contain backported patches to resolve these issues.

4. Solution:

Before applying this update, make sure that all previously-released
errata relevant to your system have been applied.

This update is available via Red Hat Network. Details on how to use
the Red Hat Network to apply this update are available at
http://kbase.redhat.com/faq/FAQ_58_10188

5. Bugs fixed (http://bugzilla.redhat.com/):

369531 - CVE-2007-5498 missing sanity check in xen block backend driver
412071 - LTC37008-QDIO based network connections hang with QIOASSIST ON
427400 - CVE-2008-1619 [xen-ia64] Dom0 panic while we run ftp test tool between HVM and Dom0.
428961 - CVE-2008-0007 kernel: insufficient range checks in fault handlers with mremap
433616 - [Xen] vmalloc/vfree on HVM Guest/IA64 does untolerate performance.
433617 - libata: sata_nv may send commands with duplicate tags [5.1.z]
437312 - CVE-2008-1367 Kernel doesn't clear DF for signal handlers
437770 - CVE-2008-1619 [xen-ia64] Dom0 panic while we run ftp test tool between HVM and Dom0.
439754 - CVE-2008-1375 kernel: race condition in dnotify (local DoS, local roothole possible)
440438 - [5.1] PCI Express hotplug driver problem (Bad DLLP) [rhel-5.1.z]
440447 - 2.6.18-53.1.12 crashes on NULL pointer dereference with NFS on the stack [rhel-5.1.z]
442922 - kexec or kdump hangs on ES7000/ONE
443433 - CVE-2008-1669 kernel: add rcu_read_lock() to fcheck() in both dnotify, locks.c and fix fcntl store/load race in locks.c

6. Package List:

Red Hat Enterprise Linux Desktop (v. 5 client):

Source:
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Client/en/os/SRPMS/kernel-2.6.18-53.1.19.el5.src.rpm

i386:
kernel-2.6.18-53.1.19.el5.i686.rpm
kernel-PAE-2.6.18-53.1.19.el5.i686.rpm
kernel-PAE-debuginfo-2.6.18-53.1.19.el5.i686.rpm
kernel-PAE-devel-2.6.18-53.1.19.el5.i686.rpm
kernel-debug-2.6.18-53.1.19.el5.i686.rpm
kernel-debug-debuginfo-2.6.18-53.1.19.el5.i686.rpm
kernel-debug-devel-2.6.18-53.1.19.el5.i686.rpm
kernel-debuginfo-2.6.18-53.1.19.el5.i686.rpm
kernel-debuginfo-common-2.6.18-53.1.19.el5.i686.rpm
kernel-devel-2.6.18-53.1.19.el5.i686.rpm
kernel-headers-2.6.18-53.1.19.el5.i386.rpm
kernel-xen-2.6.18-53.1.19.el5.i686.rpm
kernel-xen-debuginfo-2.6.18-53.1.19.el5.i686.rpm
kernel-xen-devel-2.6.18-53.1.19.el5.i686.rpm

noarch:
kernel-doc-2.6.18-53.1.19.el5.noarch.rpm

x86_64:
kernel-2.6.18-53.1.19.el5.x86_64.rpm
kernel-debug-2.6.18-53.1.19.el5.x86_64.rpm
kernel-debug-debuginfo-2.6.18-53.1.19.el5.x86_64.rpm
kernel-debug-devel-2.6.18-53.1.19.el5.x86_64.rpm
kernel-debuginfo-2.6.18-53.1.19.el5.x86_64.rpm
kernel-debuginfo-common-2.6.18-53.1.19.el5.x86_64.rpm
kernel-devel-2.6.18-53.1.19.el5.x86_64.rpm
kernel-headers-2.6.18-53.1.19.el5.x86_64.rpm
kernel-xen-2.6.18-53.1.19.el5.x86_64.rpm
kernel-xen-debuginfo-2.6.18-53.1.19.el5.x86_64.rpm
kernel-xen-devel-2.6.18-53.1.19.el5.x86_64.rpm

Red Hat Enterprise Linux (v. 5 server):

Source:
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Server/en/os/SRPMS/kernel-2.6.18-53.1.19.el5.src.rpm

i386:
kernel-2.6.18-53.1.19.el5.i686.rpm
kernel-PAE-2.6.18-53.1.19.el5.i686.rpm
kernel-PAE-debuginfo-2.6.18-53.1.19.el5.i686.rpm
kernel-PAE-devel-2.6.18-53.1.19.el5.i686.rpm
kernel-debug-2.6.18-53.1.19.el5.i686.rpm
kernel-debug-debuginfo-2.6.18-53.1.19.el5.i686.rpm
kernel-debug-devel-2.6.18-53.1.19.el5.i686.rpm
kernel-debuginfo-2.6.18-53.1.19.el5.i686.rpm
kernel-debuginfo-common-2.6.18-53.1.19.el5.i686.rpm
kernel-devel-2.6.18-53.1.19.el5.i686.rpm
kernel-headers-2.6.18-53.1.19.el5.i386.rpm
kernel-xen-2.6.18-53.1.19.el5.i686.rpm
kernel-xen-debuginfo-2.6.18-53.1.19.el5.i686.rpm
kernel-xen-devel-2.6.18-53.1.19.el5.i686.rpm

ia64:
kernel-2.6.18-53.1.19.el5.ia64.rpm
kernel-debug-2.6.18-53.1.19.el5.ia64.rpm
kernel-debug-debuginfo-2.6.18-53.1.19.el5.ia64.rpm
kernel-debug-devel-2.6.18-53.1.19.el5.ia64.rpm
kernel-debuginfo-2.6.18-53.1.19.el5.ia64.rpm
kernel-debuginfo-common-2.6.18-53.1.19.el5.ia64.rpm
kernel-devel-2.6.18-53.1.19.el5.ia64.rpm
kernel-headers-2.6.18-53.1.19.el5.ia64.rpm
kernel-xen-2.6.18-53.1.19.el5.ia64.rpm
kernel-xen-debuginfo-2.6.18-53.1.19.el5.ia64.rpm
kernel-xen-devel-2.6.18-53.1.19.el5.ia64.rpm

noarch:
kernel-doc-2.6.18-53.1.19.el5.noarch.rpm

ppc:
kernel-2.6.18-53.1.19.el5.ppc64.rpm
kernel-debug-2.6.18-53.1.19.el5.ppc64.rpm
kernel-debug-debuginfo-2.6.18-53.1.19.el5.ppc64.rpm
kernel-debug-devel-2.6.18-53.1.19.el5.ppc64.rpm
kernel-debuginfo-2.6.18-53.1.19.el5.ppc64.rpm
kernel-debuginfo-common-2.6.18-53.1.19.el5.ppc64.rpm
kernel-devel-2.6.18-53.1.19.el5.ppc64.rpm
kernel-headers-2.6.18-53.1.19.el5.ppc.rpm
kernel-headers-2.6.18-53.1.19.el5.ppc64.rpm
kernel-kdump-2.6.18-53.1.19.el5.ppc64.rpm
kernel-kdump-debuginfo-2.6.18-53.1.19.el5.ppc64.rpm
kernel-kdump-devel-2.6.18-53.1.19.el5.ppc64.rpm

s390x:
kernel-2.6.18-53.1.19.el5.s390x.rpm
kernel-debug-2.6.18-53.1.19.el5.s390x.rpm
kernel-debug-debuginfo-2.6.18-53.1.19.el5.s390x.rpm
kernel-debug-devel-2.6.18-53.1.19.el5.s390x.rpm
kernel-debuginfo-2.6.18-53.1.19.el5.s390x.rpm
kernel-debuginfo-common-2.6.18-53.1.19.el5.s390x.rpm
kernel-devel-2.6.18-53.1.19.el5.s390x.rpm
kernel-headers-2.6.18-53.1.19.el5.s390x.rpm

x86_64:
kernel-2.6.18-53.1.19.el5.x86_64.rpm
kernel-debug-2.6.18-53.1.19.el5.x86_64.rpm
kernel-debug-debuginfo-2.6.18-53.1.19.el5.x86_64.rpm
kernel-debug-devel-2.6.18-53.1.19.el5.x86_64.rpm
kernel-debuginfo-2.6.18-53.1.19.el5.x86_64.rpm
kernel-debuginfo-common-2.6.18-53.1.19.el5.x86_64.rpm
kernel-devel-2.6.18-53.1.19.el5.x86_64.rpm
kernel-headers-2.6.18-53.1.19.el5.x86_64.rpm
kernel-xen-2.6.18-53.1.19.el5.x86_64.rpm
kernel-xen-debuginfo-2.6.18-53.1.19.el5.x86_64.rpm
kernel-xen-devel-2.6.18-53.1.19.el5.x86_64.rpm

These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
https://www.redhat.com/security/team/key/#package

7. References:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5498
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0007
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1367
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1375
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1619
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1669
http://www.redhat.com/security/updates/classification/#important

8. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact
details at https://www.redhat.com/security/team/contact/

Copyright 2008 Red Hat, Inc.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.4 (GNU/Linux)

iD8DBQFIIV6cXlSAg2UNWIIRAroqAJ9mxmGtFJNNxXGQ1Yv53R OudG4AOgCdEIBH
oxXtczRwSakkE0jTk1AnyN4=
=WSVP
-----END PGP SIGNATURE-----


--
Enterprise-watch-list mailing list
Enterprise-watch-list@redhat.com
https://www.redhat.com/mailman/listinfo/enterprise-watch-list
 
Old 05-07-2008, 07:49 AM
 
Default Important: kernel security and bug fix update

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

================================================== ===================
Red Hat Security Advisory

Synopsis: Important: kernel security and bug fix update
Advisory ID: RHSA-2008:0237-01
Product: Red Hat Enterprise Linux
Advisory URL: https://rhn.redhat.com/errata/RHSA-2008-0237.html
Issue date: 2008-05-07
CVE Names: CVE-2005-0504 CVE-2007-6282 CVE-2008-0007
CVE-2008-1375 CVE-2008-1615 CVE-2008-1669
================================================== ===================

1. Summary:

Updated kernel packages that fix various security issues and several bugs
are now available for Red Hat Enterprise Linux 4.

This update has been rated as having important security impact by the Red
Hat Security Response Team.

2. Relevant releases/architectures:

Red Hat Enterprise Linux AS version 4 - i386, ia64, noarch, ppc, s390, s390x, x86_64
Red Hat Enterprise Linux Desktop version 4 - i386, noarch, x86_64
Red Hat Enterprise Linux ES version 4 - i386, ia64, noarch, x86_64
Red Hat Enterprise Linux WS version 4 - i386, ia64, noarch, x86_64

3. Description:

The kernel packages contain the Linux kernel, the core of any Linux
operating system.

These updated packages fix the following security issues:

* the absence of a protection mechanism when attempting to access a
critical section of code has been found in the Linux kernel open file
descriptors control mechanism, fcntl. This could allow a local unprivileged
user to simultaneously execute code, which would otherwise be protected
against parallel execution. As well, a race condition when handling locks
in the Linux kernel fcntl functionality, may have allowed a process
belonging to a local unprivileged user to gain re-ordered access to the
descriptor table. (CVE-2008-1669, Important)

* on AMD64 architectures, the possibility of a kernel crash was discovered
by testing the Linux kernel process-trace ability. This could allow a local
unprivileged user to cause a denial of service (kernel crash).
(CVE-2008-1615, Important)

* the absence of a protection mechanism when attempting to access a
critical section of code, as well as a race condition, have been found
in the Linux kernel file system event notifier, dnotify. This could allow a
local unprivileged user to get inconsistent data, or to send arbitrary
signals to arbitrary system processes. (CVE-2008-1375, Important)

Red Hat would like to thank Nick Piggin for responsibly disclosing the
following issue:

* when accessing kernel memory locations, certain Linux kernel drivers
registering a fault handler did not perform required range checks. A local
unprivileged user could use this flaw to gain read or write access to
arbitrary kernel memory, or possibly cause a kernel crash.
(CVE-2008-0007, Important)

* the possibility of a kernel crash was found in the Linux kernel IPsec
protocol implementation, due to improper handling of fragmented ESP
packets. When an attacker controlling an intermediate router fragmented
these packets into very small pieces, it would cause a kernel crash on the
receiving node during packet reassembly. (CVE-2007-6282, Important)

* a flaw in the MOXA serial driver could allow a local unprivileged user
to perform privileged operations, such as replacing firmware.
(CVE-2005-0504, Important)

As well, these updated packages fix the following bugs:

* multiple buffer overflows in the neofb driver have been resolved. It was
not possible for an unprivileged user to exploit these issues, and as such,
they have not been handled as security issues.

* a kernel panic, due to inconsistent detection of AGP aperture size, has
been resolved.

* a race condition in UNIX domain sockets may have caused "recv()" to
return zero. In clustered configurations, this may have caused unexpected
failovers.

* to prevent link storms, network link carrier events were delayed by up to
one second, causing unnecessary packet loss. Now, link carrier events are
scheduled immediately.

* a client-side race on blocking locks caused large time delays on NFS file
systems.

* in certain situations, the libATA sata_nv driver may have sent commands
with duplicate tags, which were rejected by SATA devices. This may have
caused infinite reboots.

* running the "service network restart" command may have caused networking
to fail.

* a bug in NFS caused cached information about directories to be stored
for too long, causing wrong attributes to be read.

* on systems with a large highmem/lowmem ratio, NFS write performance may
have been very slow when using small files.

* a bug, which caused network hangs when the system clock was wrapped
around zero, has been resolved.

Red Hat Enterprise Linux 4 users are advised to upgrade to these updated
packages, which contain backported patches to resolve these issues.

4. Solution:

Before applying this update, make sure that all previously-released
errata relevant to your system have been applied.

This update is available via Red Hat Network. Details on how to use
the Red Hat Network to apply this update are available at
http://kbase.redhat.com/faq/FAQ_58_10188

5. Bugs fixed (http://bugzilla.redhat.com/):

404291 - CVE-2007-6282 IPSec ESP kernel panics
423111 - CVE-2005-0504 Buffer overflow in moxa driver
428961 - CVE-2008-0007 kernel: insufficient range checks in fault handlers with mremap
431430 - CVE-2008-1615 kernel: ptrace: Unprivileged crash on x86_64 %cs corruption
435122 - [RHEL4.6] In unix domain sockets, recv() may incorrectly return zero
436102 - Fake ARP dropped after migration leading to loss of network connectivity
436129 - LTC41942-30 second flock() calls against files stored on a NetApp while using NFS
436499 - libata: sata_nv may send commands with duplicate tags
436749 - HP-Japan Network stack hang after service network restart
437788 - NFS: Fix directory caching problem - with test case and patch.
438345 - [2.6.9-55.9] VM pagecache reclaim patch causes high latency on systems with large highmem/lowmem ratios
438477 - Since "Patch2037: linux-2.6.9-vm-balance.patch" my NFS performance is poorly
439754 - CVE-2008-1375 kernel: race condition in dnotify (local DoS, local roothole possible)
443433 - CVE-2008-1669 kernel: add rcu_read_lock() to fcheck() in both dnotify, locks.c and fix fcntl store/load race in locks.c

6. Package List:

Red Hat Enterprise Linux AS version 4:

Source:
ftp://updates.redhat.com/enterprise/4AS/en/os/SRPMS/kernel-2.6.9-67.0.15.EL.src.rpm

i386:
kernel-2.6.9-67.0.15.EL.i686.rpm
kernel-debuginfo-2.6.9-67.0.15.EL.i686.rpm
kernel-devel-2.6.9-67.0.15.EL.i686.rpm
kernel-hugemem-2.6.9-67.0.15.EL.i686.rpm
kernel-hugemem-devel-2.6.9-67.0.15.EL.i686.rpm
kernel-smp-2.6.9-67.0.15.EL.i686.rpm
kernel-smp-devel-2.6.9-67.0.15.EL.i686.rpm
kernel-xenU-2.6.9-67.0.15.EL.i686.rpm
kernel-xenU-devel-2.6.9-67.0.15.EL.i686.rpm

ia64:
kernel-2.6.9-67.0.15.EL.ia64.rpm
kernel-debuginfo-2.6.9-67.0.15.EL.ia64.rpm
kernel-devel-2.6.9-67.0.15.EL.ia64.rpm
kernel-largesmp-2.6.9-67.0.15.EL.ia64.rpm
kernel-largesmp-devel-2.6.9-67.0.15.EL.ia64.rpm

noarch:
kernel-doc-2.6.9-67.0.15.EL.noarch.rpm

ppc:
kernel-2.6.9-67.0.15.EL.ppc64.rpm
kernel-2.6.9-67.0.15.EL.ppc64iseries.rpm
kernel-debuginfo-2.6.9-67.0.15.EL.ppc64.rpm
kernel-debuginfo-2.6.9-67.0.15.EL.ppc64iseries.rpm
kernel-devel-2.6.9-67.0.15.EL.ppc64.rpm
kernel-devel-2.6.9-67.0.15.EL.ppc64iseries.rpm
kernel-largesmp-2.6.9-67.0.15.EL.ppc64.rpm
kernel-largesmp-devel-2.6.9-67.0.15.EL.ppc64.rpm

s390:
kernel-2.6.9-67.0.15.EL.s390.rpm
kernel-debuginfo-2.6.9-67.0.15.EL.s390.rpm
kernel-devel-2.6.9-67.0.15.EL.s390.rpm

s390x:
kernel-2.6.9-67.0.15.EL.s390x.rpm
kernel-debuginfo-2.6.9-67.0.15.EL.s390x.rpm
kernel-devel-2.6.9-67.0.15.EL.s390x.rpm

x86_64:
kernel-2.6.9-67.0.15.EL.x86_64.rpm
kernel-debuginfo-2.6.9-67.0.15.EL.x86_64.rpm
kernel-devel-2.6.9-67.0.15.EL.x86_64.rpm
kernel-largesmp-2.6.9-67.0.15.EL.x86_64.rpm
kernel-largesmp-devel-2.6.9-67.0.15.EL.x86_64.rpm
kernel-smp-2.6.9-67.0.15.EL.x86_64.rpm
kernel-smp-devel-2.6.9-67.0.15.EL.x86_64.rpm
kernel-xenU-2.6.9-67.0.15.EL.x86_64.rpm
kernel-xenU-devel-2.6.9-67.0.15.EL.x86_64.rpm

Red Hat Enterprise Linux Desktop version 4:

Source:
ftp://updates.redhat.com/enterprise/4Desktop/en/os/SRPMS/kernel-2.6.9-67.0.15.EL.src.rpm

i386:
kernel-2.6.9-67.0.15.EL.i686.rpm
kernel-debuginfo-2.6.9-67.0.15.EL.i686.rpm
kernel-devel-2.6.9-67.0.15.EL.i686.rpm
kernel-hugemem-2.6.9-67.0.15.EL.i686.rpm
kernel-hugemem-devel-2.6.9-67.0.15.EL.i686.rpm
kernel-smp-2.6.9-67.0.15.EL.i686.rpm
kernel-smp-devel-2.6.9-67.0.15.EL.i686.rpm
kernel-xenU-2.6.9-67.0.15.EL.i686.rpm
kernel-xenU-devel-2.6.9-67.0.15.EL.i686.rpm

noarch:
kernel-doc-2.6.9-67.0.15.EL.noarch.rpm

x86_64:
kernel-2.6.9-67.0.15.EL.x86_64.rpm
kernel-debuginfo-2.6.9-67.0.15.EL.x86_64.rpm
kernel-devel-2.6.9-67.0.15.EL.x86_64.rpm
kernel-largesmp-2.6.9-67.0.15.EL.x86_64.rpm
kernel-largesmp-devel-2.6.9-67.0.15.EL.x86_64.rpm
kernel-smp-2.6.9-67.0.15.EL.x86_64.rpm
kernel-smp-devel-2.6.9-67.0.15.EL.x86_64.rpm
kernel-xenU-2.6.9-67.0.15.EL.x86_64.rpm
kernel-xenU-devel-2.6.9-67.0.15.EL.x86_64.rpm

Red Hat Enterprise Linux ES version 4:

Source:
ftp://updates.redhat.com/enterprise/4ES/en/os/SRPMS/kernel-2.6.9-67.0.15.EL.src.rpm

i386:
kernel-2.6.9-67.0.15.EL.i686.rpm
kernel-debuginfo-2.6.9-67.0.15.EL.i686.rpm
kernel-devel-2.6.9-67.0.15.EL.i686.rpm
kernel-hugemem-2.6.9-67.0.15.EL.i686.rpm
kernel-hugemem-devel-2.6.9-67.0.15.EL.i686.rpm
kernel-smp-2.6.9-67.0.15.EL.i686.rpm
kernel-smp-devel-2.6.9-67.0.15.EL.i686.rpm
kernel-xenU-2.6.9-67.0.15.EL.i686.rpm
kernel-xenU-devel-2.6.9-67.0.15.EL.i686.rpm

ia64:
kernel-2.6.9-67.0.15.EL.ia64.rpm
kernel-debuginfo-2.6.9-67.0.15.EL.ia64.rpm
kernel-devel-2.6.9-67.0.15.EL.ia64.rpm
kernel-largesmp-2.6.9-67.0.15.EL.ia64.rpm
kernel-largesmp-devel-2.6.9-67.0.15.EL.ia64.rpm

noarch:
kernel-doc-2.6.9-67.0.15.EL.noarch.rpm

x86_64:
kernel-2.6.9-67.0.15.EL.x86_64.rpm
kernel-debuginfo-2.6.9-67.0.15.EL.x86_64.rpm
kernel-devel-2.6.9-67.0.15.EL.x86_64.rpm
kernel-largesmp-2.6.9-67.0.15.EL.x86_64.rpm
kernel-largesmp-devel-2.6.9-67.0.15.EL.x86_64.rpm
kernel-smp-2.6.9-67.0.15.EL.x86_64.rpm
kernel-smp-devel-2.6.9-67.0.15.EL.x86_64.rpm
kernel-xenU-2.6.9-67.0.15.EL.x86_64.rpm
kernel-xenU-devel-2.6.9-67.0.15.EL.x86_64.rpm

Red Hat Enterprise Linux WS version 4:

Source:
ftp://updates.redhat.com/enterprise/4WS/en/os/SRPMS/kernel-2.6.9-67.0.15.EL.src.rpm

i386:
kernel-2.6.9-67.0.15.EL.i686.rpm
kernel-debuginfo-2.6.9-67.0.15.EL.i686.rpm
kernel-devel-2.6.9-67.0.15.EL.i686.rpm
kernel-hugemem-2.6.9-67.0.15.EL.i686.rpm
kernel-hugemem-devel-2.6.9-67.0.15.EL.i686.rpm
kernel-smp-2.6.9-67.0.15.EL.i686.rpm
kernel-smp-devel-2.6.9-67.0.15.EL.i686.rpm
kernel-xenU-2.6.9-67.0.15.EL.i686.rpm
kernel-xenU-devel-2.6.9-67.0.15.EL.i686.rpm

ia64:
kernel-2.6.9-67.0.15.EL.ia64.rpm
kernel-debuginfo-2.6.9-67.0.15.EL.ia64.rpm
kernel-devel-2.6.9-67.0.15.EL.ia64.rpm
kernel-largesmp-2.6.9-67.0.15.EL.ia64.rpm
kernel-largesmp-devel-2.6.9-67.0.15.EL.ia64.rpm

noarch:
kernel-doc-2.6.9-67.0.15.EL.noarch.rpm

x86_64:
kernel-2.6.9-67.0.15.EL.x86_64.rpm
kernel-debuginfo-2.6.9-67.0.15.EL.x86_64.rpm
kernel-devel-2.6.9-67.0.15.EL.x86_64.rpm
kernel-largesmp-2.6.9-67.0.15.EL.x86_64.rpm
kernel-largesmp-devel-2.6.9-67.0.15.EL.x86_64.rpm
kernel-smp-2.6.9-67.0.15.EL.x86_64.rpm
kernel-smp-devel-2.6.9-67.0.15.EL.x86_64.rpm
kernel-xenU-2.6.9-67.0.15.EL.x86_64.rpm
kernel-xenU-devel-2.6.9-67.0.15.EL.x86_64.rpm

These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
https://www.redhat.com/security/team/key/#package

7. References:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-0504
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6282
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0007
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1375
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1615
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1669
http://www.redhat.com/security/updates/classification/#important

8. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact
details at https://www.redhat.com/security/team/contact/

Copyright 2008 Red Hat, Inc.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.4 (GNU/Linux)

iD8DBQFIIV8IXlSAg2UNWIIRAlDoAKC/PSOTtgcT/spYH8H43N6cPXTrCQCffa7O
M2K5hk4HepnEKsOw5a3q6Y8=
=Cab9
-----END PGP SIGNATURE-----


--
Enterprise-watch-list mailing list
Enterprise-watch-list@redhat.com
https://www.redhat.com/mailman/listinfo/enterprise-watch-list
 
Old 05-20-2008, 10:02 AM
 
Default Important: kernel security and bug fix update

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

================================================== ===================
Red Hat Security Advisory

Synopsis: Important: kernel security and bug fix update
Advisory ID: RHSA-2008:0275-01
Product: Red Hat Enterprise Linux
Advisory URL: https://rhn.redhat.com/errata/RHSA-2008-0275.html
Issue date: 2008-05-20
CVE Names: CVE-2007-5093 CVE-2007-6282 CVE-2007-6712
CVE-2008-1615
================================================== ===================

1. Summary:

Updated kernel packages that fix various security issues and several bugs
are now available for Red Hat Enterprise Linux 5.

This update has been rated as having important security impact by the Red
Hat Security Response Team.

2. Relevant releases/architectures:

Red Hat Enterprise Linux Desktop (v. 5 client) - i386, noarch, x86_64
Red Hat Enterprise Linux (v. 5 server) - i386, ia64, noarch, ppc, s390x, x86_64

3. Description:

The kernel packages contain the Linux kernel, the core of any Linux
operating system.

These updated packages fix the following security issues:

* on AMD64 architectures, the possibility of a kernel crash was discovered
by testing the Linux kernel process-trace ability. This could allow a local
unprivileged user to cause a denial of service (kernel crash).
(CVE-2008-1615, Important)

* on 64-bit architectures, the possibility of a timer-expiration value
overflow was found in the Linux kernel high-resolution timers
functionality, hrtimer. This could allow a local unprivileged user to setup
a large interval value, forcing the timer expiry value to become negative,
causing a denial of service (kernel hang). (CVE-2007-6712, Important)

* the possibility of a kernel crash was found in the Linux kernel IPsec
protocol implementation, due to improper handling of fragmented ESP
packets. When an attacker controlling an intermediate router fragmented
these packets into very small pieces, it would cause a kernel crash on the
receiving node during packet reassembly. (CVE-2007-6282, Important)

* a potential denial of service attack was discovered in the Linux kernel
PWC USB video driver. A local unprivileged user could use this flaw to
bring the kernel USB subsystem into the busy-waiting state, causing a
denial of service. (CVE-2007-5093, Low)

As well, these updated packages fix the following bugs:

* in certain situations, a kernel hang and a possible panic occurred when
disabling the cpufreq daemon. This may have prevented system reboots from
completing successfully.

* continual "softlockup" messages, which occurred on the guest's console
after a successful save and restore of a Red Hat Enterprise Linux 5
para-virtualized guest, have been resolved.

* in the previous kernel packages, the kernel may not have reclaimed NFS
locks after a system reboot.

Red Hat Enterprise Linux 5 users are advised to upgrade to these updated
packages, which contain backported patches to resolve these issues.

4. Solution:

Before applying this update, make sure that all previously-released
errata relevant to your system have been applied.

This update is available via Red Hat Network. Details on how to use
the Red Hat Network to apply this update are available at
http://kbase.redhat.com/faq/FAQ_58_10188

5. Bugs fixed (http://bugzilla.redhat.com/):

306591 - CVE-2007-5093 kernel PWC driver DoS
400821 - rhel5.1s2 hang at 'Disabling ondemand cpu frequency scaling' [rhel-5.1.z]
404291 - CVE-2007-6282 IPSec ESP kernel panics
429516 - booting with maxcpus=1 panics when starting cpufreq service [rhel-5.1.z]
431430 - CVE-2008-1615 kernel: ptrace: Unprivileged crash on x86_64 %cs corruption
439999 - CVE-2007-6712 kernel: infinite loop in highres timers (kernel hang)
444402 - [RHEL5]: Softlockup after save/restore in PV guest
445360 - RHEL5.1 kernel not reclaiming NFS locks when server reboots

6. Package List:

Red Hat Enterprise Linux Desktop (v. 5 client):

Source:
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Client/en/os/SRPMS/kernel-2.6.18-53.1.21.el5.src.rpm

i386:
kernel-2.6.18-53.1.21.el5.i686.rpm
kernel-PAE-2.6.18-53.1.21.el5.i686.rpm
kernel-PAE-debuginfo-2.6.18-53.1.21.el5.i686.rpm
kernel-PAE-devel-2.6.18-53.1.21.el5.i686.rpm
kernel-debug-2.6.18-53.1.21.el5.i686.rpm
kernel-debug-debuginfo-2.6.18-53.1.21.el5.i686.rpm
kernel-debug-devel-2.6.18-53.1.21.el5.i686.rpm
kernel-debuginfo-2.6.18-53.1.21.el5.i686.rpm
kernel-debuginfo-common-2.6.18-53.1.21.el5.i686.rpm
kernel-devel-2.6.18-53.1.21.el5.i686.rpm
kernel-headers-2.6.18-53.1.21.el5.i386.rpm
kernel-xen-2.6.18-53.1.21.el5.i686.rpm
kernel-xen-debuginfo-2.6.18-53.1.21.el5.i686.rpm
kernel-xen-devel-2.6.18-53.1.21.el5.i686.rpm

noarch:
kernel-doc-2.6.18-53.1.21.el5.noarch.rpm

x86_64:
kernel-2.6.18-53.1.21.el5.x86_64.rpm
kernel-debug-2.6.18-53.1.21.el5.x86_64.rpm
kernel-debug-debuginfo-2.6.18-53.1.21.el5.x86_64.rpm
kernel-debug-devel-2.6.18-53.1.21.el5.x86_64.rpm
kernel-debuginfo-2.6.18-53.1.21.el5.x86_64.rpm
kernel-debuginfo-common-2.6.18-53.1.21.el5.x86_64.rpm
kernel-devel-2.6.18-53.1.21.el5.x86_64.rpm
kernel-headers-2.6.18-53.1.21.el5.x86_64.rpm
kernel-xen-2.6.18-53.1.21.el5.x86_64.rpm
kernel-xen-debuginfo-2.6.18-53.1.21.el5.x86_64.rpm
kernel-xen-devel-2.6.18-53.1.21.el5.x86_64.rpm

Red Hat Enterprise Linux (v. 5 server):

Source:
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Server/en/os/SRPMS/kernel-2.6.18-53.1.21.el5.src.rpm

i386:
kernel-2.6.18-53.1.21.el5.i686.rpm
kernel-PAE-2.6.18-53.1.21.el5.i686.rpm
kernel-PAE-debuginfo-2.6.18-53.1.21.el5.i686.rpm
kernel-PAE-devel-2.6.18-53.1.21.el5.i686.rpm
kernel-debug-2.6.18-53.1.21.el5.i686.rpm
kernel-debug-debuginfo-2.6.18-53.1.21.el5.i686.rpm
kernel-debug-devel-2.6.18-53.1.21.el5.i686.rpm
kernel-debuginfo-2.6.18-53.1.21.el5.i686.rpm
kernel-debuginfo-common-2.6.18-53.1.21.el5.i686.rpm
kernel-devel-2.6.18-53.1.21.el5.i686.rpm
kernel-headers-2.6.18-53.1.21.el5.i386.rpm
kernel-xen-2.6.18-53.1.21.el5.i686.rpm
kernel-xen-debuginfo-2.6.18-53.1.21.el5.i686.rpm
kernel-xen-devel-2.6.18-53.1.21.el5.i686.rpm

ia64:
kernel-2.6.18-53.1.21.el5.ia64.rpm
kernel-debug-2.6.18-53.1.21.el5.ia64.rpm
kernel-debug-debuginfo-2.6.18-53.1.21.el5.ia64.rpm
kernel-debug-devel-2.6.18-53.1.21.el5.ia64.rpm
kernel-debuginfo-2.6.18-53.1.21.el5.ia64.rpm
kernel-debuginfo-common-2.6.18-53.1.21.el5.ia64.rpm
kernel-devel-2.6.18-53.1.21.el5.ia64.rpm
kernel-headers-2.6.18-53.1.21.el5.ia64.rpm
kernel-xen-2.6.18-53.1.21.el5.ia64.rpm
kernel-xen-debuginfo-2.6.18-53.1.21.el5.ia64.rpm
kernel-xen-devel-2.6.18-53.1.21.el5.ia64.rpm

noarch:
kernel-doc-2.6.18-53.1.21.el5.noarch.rpm

ppc:
kernel-2.6.18-53.1.21.el5.ppc64.rpm
kernel-debug-2.6.18-53.1.21.el5.ppc64.rpm
kernel-debug-debuginfo-2.6.18-53.1.21.el5.ppc64.rpm
kernel-debug-devel-2.6.18-53.1.21.el5.ppc64.rpm
kernel-debuginfo-2.6.18-53.1.21.el5.ppc64.rpm
kernel-debuginfo-common-2.6.18-53.1.21.el5.ppc64.rpm
kernel-devel-2.6.18-53.1.21.el5.ppc64.rpm
kernel-headers-2.6.18-53.1.21.el5.ppc.rpm
kernel-headers-2.6.18-53.1.21.el5.ppc64.rpm
kernel-kdump-2.6.18-53.1.21.el5.ppc64.rpm
kernel-kdump-debuginfo-2.6.18-53.1.21.el5.ppc64.rpm
kernel-kdump-devel-2.6.18-53.1.21.el5.ppc64.rpm

s390x:
kernel-2.6.18-53.1.21.el5.s390x.rpm
kernel-debug-2.6.18-53.1.21.el5.s390x.rpm
kernel-debug-debuginfo-2.6.18-53.1.21.el5.s390x.rpm
kernel-debug-devel-2.6.18-53.1.21.el5.s390x.rpm
kernel-debuginfo-2.6.18-53.1.21.el5.s390x.rpm
kernel-debuginfo-common-2.6.18-53.1.21.el5.s390x.rpm
kernel-devel-2.6.18-53.1.21.el5.s390x.rpm
kernel-headers-2.6.18-53.1.21.el5.s390x.rpm

x86_64:
kernel-2.6.18-53.1.21.el5.x86_64.rpm
kernel-debug-2.6.18-53.1.21.el5.x86_64.rpm
kernel-debug-debuginfo-2.6.18-53.1.21.el5.x86_64.rpm
kernel-debug-devel-2.6.18-53.1.21.el5.x86_64.rpm
kernel-debuginfo-2.6.18-53.1.21.el5.x86_64.rpm
kernel-debuginfo-common-2.6.18-53.1.21.el5.x86_64.rpm
kernel-devel-2.6.18-53.1.21.el5.x86_64.rpm
kernel-headers-2.6.18-53.1.21.el5.x86_64.rpm
kernel-xen-2.6.18-53.1.21.el5.x86_64.rpm
kernel-xen-debuginfo-2.6.18-53.1.21.el5.x86_64.rpm
kernel-xen-devel-2.6.18-53.1.21.el5.x86_64.rpm

These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
https://www.redhat.com/security/team/key/#package

7. References:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5093
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6282
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6712
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1615
http://www.redhat.com/security/updates/classification/#important

8. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact
details at https://www.redhat.com/security/team/contact/

Copyright 2008 Red Hat, Inc.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.4 (GNU/Linux)

iD8DBQFIMqD4XlSAg2UNWIIRAhK/AJ98DsHewofh5uN+K5rpPtn1JxoQJgCgnKJW
EuCpQUULNYEX1G+rfZ+yA+g=
=Ye6D
-----END PGP SIGNATURE-----


--
Enterprise-watch-list mailing list
Enterprise-watch-list@redhat.com
https://www.redhat.com/mailman/listinfo/enterprise-watch-list
 
Old 06-25-2008, 03:19 PM
 
Default Important: kernel security and bug fix update

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

================================================== ===================
Red Hat Security Advisory

Synopsis: Important: kernel security and bug fix update
Advisory ID: RHSA-2008:0508-01
Product: Red Hat Enterprise Linux
Advisory URL: https://rhn.redhat.com/errata/RHSA-2008-0508.html
Issue date: 2008-06-25
CVE Names: CVE-2008-0598 CVE-2008-1367 CVE-2008-2365
CVE-2008-2729
================================================== ===================

1. Summary:

Updated kernel packages that fix several security issues and a bug are now
available for Red Hat Enterprise Linux 4.

This update has been rated as having important security impact by the Red
Hat Security Response Team.

2. Relevant releases/architectures:

Red Hat Enterprise Linux AS version 4 - i386, ia64, noarch, ppc, s390, s390x, x86_64
Red Hat Enterprise Linux Desktop version 4 - i386, noarch, x86_64
Red Hat Enterprise Linux ES version 4 - i386, ia64, noarch, x86_64
Red Hat Enterprise Linux WS version 4 - i386, ia64, noarch, x86_64

3. Description:

The kernel packages contain the Linux kernel, the core of any Linux
operating system.

These updated packages fix the following security issues:

* A security flaw was found in the Linux kernel memory copy routines, when
running on certain AMD64 systems. If an unsuccessful attempt to copy kernel
memory from source to destination memory locations occurred, the copy
routines did not zero the content at the destination memory location. This
could allow a local unprivileged user to view potentially sensitive data.
(CVE-2008-2729, Important)

* Alexey Dobriyan discovered a race condition in the Linux kernel
process-tracing system call, ptrace. A local unprivileged user could
use this flaw to cause a denial of service (kernel hang).
(CVE-2008-2365, Important)

* Tavis Ormandy discovered a deficiency in the Linux kernel 32-bit and
64-bit emulation. This could allow a local unprivileged user to prepare and
run a specially crafted binary, which would use this deficiency to leak
uninitialized and potentially sensitive data. (CVE-2008-0598, Important)

* It was discovered that the Linux kernel handled string operations in the
opposite way to the GNU Compiler Collection (GCC). This could allow a local
unprivileged user to cause memory corruption. (CVE-2008-1367, Low)

As well, these updated packages fix the following bug:

* On systems with a large number of CPUs (more than 16), multiple
applications calling the "times()" system call may have caused a system
hang.

Red Hat Enterprise Linux 4 users are advised to upgrade to these updated
packages, which contain backported patches to resolve these issues.

4. Solution:

Before applying this update, make sure that all previously-released
errata relevant to your system have been applied.

This update is available via Red Hat Network. Details on how to use
the Red Hat Network to apply this update are available at
http://kbase.redhat.com/faq/FAQ_58_10188

5. Bugs fixed (http://bugzilla.redhat.com/):

433938 - CVE-2008-0598 kernel: linux x86_64 ia32 emulation leaks uninitialized data
437312 - CVE-2008-1367 Kernel doesn't clear DF for signal handlers
449101 - [4.7] System goes unresponsive if times() syscall is called concurrently on many cpus
449359 - CVE-2008-2365 kernel: ptrace: Crash on PTRACE_{ATTACH,DETACH} race
451271 - CVE-2008-2729 kernel: [x86_64] The string instruction version didn't zero the output on exception.

6. Package List:

Red Hat Enterprise Linux AS version 4:

Source:
ftp://updates.redhat.com/enterprise/4AS/en/os/SRPMS/kernel-2.6.9-67.0.20.EL.src.rpm

i386:
kernel-2.6.9-67.0.20.EL.i686.rpm
kernel-debuginfo-2.6.9-67.0.20.EL.i686.rpm
kernel-devel-2.6.9-67.0.20.EL.i686.rpm
kernel-hugemem-2.6.9-67.0.20.EL.i686.rpm
kernel-hugemem-devel-2.6.9-67.0.20.EL.i686.rpm
kernel-smp-2.6.9-67.0.20.EL.i686.rpm
kernel-smp-devel-2.6.9-67.0.20.EL.i686.rpm
kernel-xenU-2.6.9-67.0.20.EL.i686.rpm
kernel-xenU-devel-2.6.9-67.0.20.EL.i686.rpm

ia64:
kernel-2.6.9-67.0.20.EL.ia64.rpm
kernel-debuginfo-2.6.9-67.0.20.EL.ia64.rpm
kernel-devel-2.6.9-67.0.20.EL.ia64.rpm
kernel-largesmp-2.6.9-67.0.20.EL.ia64.rpm
kernel-largesmp-devel-2.6.9-67.0.20.EL.ia64.rpm

noarch:
kernel-doc-2.6.9-67.0.20.EL.noarch.rpm

ppc:
kernel-2.6.9-67.0.20.EL.ppc64.rpm
kernel-2.6.9-67.0.20.EL.ppc64iseries.rpm
kernel-debuginfo-2.6.9-67.0.20.EL.ppc64.rpm
kernel-debuginfo-2.6.9-67.0.20.EL.ppc64iseries.rpm
kernel-devel-2.6.9-67.0.20.EL.ppc64.rpm
kernel-devel-2.6.9-67.0.20.EL.ppc64iseries.rpm
kernel-largesmp-2.6.9-67.0.20.EL.ppc64.rpm
kernel-largesmp-devel-2.6.9-67.0.20.EL.ppc64.rpm

s390:
kernel-2.6.9-67.0.20.EL.s390.rpm
kernel-debuginfo-2.6.9-67.0.20.EL.s390.rpm
kernel-devel-2.6.9-67.0.20.EL.s390.rpm

s390x:
kernel-2.6.9-67.0.20.EL.s390x.rpm
kernel-debuginfo-2.6.9-67.0.20.EL.s390x.rpm
kernel-devel-2.6.9-67.0.20.EL.s390x.rpm

x86_64:
kernel-2.6.9-67.0.20.EL.x86_64.rpm
kernel-debuginfo-2.6.9-67.0.20.EL.x86_64.rpm
kernel-devel-2.6.9-67.0.20.EL.x86_64.rpm
kernel-largesmp-2.6.9-67.0.20.EL.x86_64.rpm
kernel-largesmp-devel-2.6.9-67.0.20.EL.x86_64.rpm
kernel-smp-2.6.9-67.0.20.EL.x86_64.rpm
kernel-smp-devel-2.6.9-67.0.20.EL.x86_64.rpm
kernel-xenU-2.6.9-67.0.20.EL.x86_64.rpm
kernel-xenU-devel-2.6.9-67.0.20.EL.x86_64.rpm

Red Hat Enterprise Linux Desktop version 4:

Source:
ftp://updates.redhat.com/enterprise/4Desktop/en/os/SRPMS/kernel-2.6.9-67.0.20.EL.src.rpm

i386:
kernel-2.6.9-67.0.20.EL.i686.rpm
kernel-debuginfo-2.6.9-67.0.20.EL.i686.rpm
kernel-devel-2.6.9-67.0.20.EL.i686.rpm
kernel-hugemem-2.6.9-67.0.20.EL.i686.rpm
kernel-hugemem-devel-2.6.9-67.0.20.EL.i686.rpm
kernel-smp-2.6.9-67.0.20.EL.i686.rpm
kernel-smp-devel-2.6.9-67.0.20.EL.i686.rpm
kernel-xenU-2.6.9-67.0.20.EL.i686.rpm
kernel-xenU-devel-2.6.9-67.0.20.EL.i686.rpm

noarch:
kernel-doc-2.6.9-67.0.20.EL.noarch.rpm

x86_64:
kernel-2.6.9-67.0.20.EL.x86_64.rpm
kernel-debuginfo-2.6.9-67.0.20.EL.x86_64.rpm
kernel-devel-2.6.9-67.0.20.EL.x86_64.rpm
kernel-largesmp-2.6.9-67.0.20.EL.x86_64.rpm
kernel-largesmp-devel-2.6.9-67.0.20.EL.x86_64.rpm
kernel-smp-2.6.9-67.0.20.EL.x86_64.rpm
kernel-smp-devel-2.6.9-67.0.20.EL.x86_64.rpm
kernel-xenU-2.6.9-67.0.20.EL.x86_64.rpm
kernel-xenU-devel-2.6.9-67.0.20.EL.x86_64.rpm

Red Hat Enterprise Linux ES version 4:

Source:
ftp://updates.redhat.com/enterprise/4ES/en/os/SRPMS/kernel-2.6.9-67.0.20.EL.src.rpm

i386:
kernel-2.6.9-67.0.20.EL.i686.rpm
kernel-debuginfo-2.6.9-67.0.20.EL.i686.rpm
kernel-devel-2.6.9-67.0.20.EL.i686.rpm
kernel-hugemem-2.6.9-67.0.20.EL.i686.rpm
kernel-hugemem-devel-2.6.9-67.0.20.EL.i686.rpm
kernel-smp-2.6.9-67.0.20.EL.i686.rpm
kernel-smp-devel-2.6.9-67.0.20.EL.i686.rpm
kernel-xenU-2.6.9-67.0.20.EL.i686.rpm
kernel-xenU-devel-2.6.9-67.0.20.EL.i686.rpm

ia64:
kernel-2.6.9-67.0.20.EL.ia64.rpm
kernel-debuginfo-2.6.9-67.0.20.EL.ia64.rpm
kernel-devel-2.6.9-67.0.20.EL.ia64.rpm
kernel-largesmp-2.6.9-67.0.20.EL.ia64.rpm
kernel-largesmp-devel-2.6.9-67.0.20.EL.ia64.rpm

noarch:
kernel-doc-2.6.9-67.0.20.EL.noarch.rpm

x86_64:
kernel-2.6.9-67.0.20.EL.x86_64.rpm
kernel-debuginfo-2.6.9-67.0.20.EL.x86_64.rpm
kernel-devel-2.6.9-67.0.20.EL.x86_64.rpm
kernel-largesmp-2.6.9-67.0.20.EL.x86_64.rpm
kernel-largesmp-devel-2.6.9-67.0.20.EL.x86_64.rpm
kernel-smp-2.6.9-67.0.20.EL.x86_64.rpm
kernel-smp-devel-2.6.9-67.0.20.EL.x86_64.rpm
kernel-xenU-2.6.9-67.0.20.EL.x86_64.rpm
kernel-xenU-devel-2.6.9-67.0.20.EL.x86_64.rpm

Red Hat Enterprise Linux WS version 4:

Source:
ftp://updates.redhat.com/enterprise/4WS/en/os/SRPMS/kernel-2.6.9-67.0.20.EL.src.rpm

i386:
kernel-2.6.9-67.0.20.EL.i686.rpm
kernel-debuginfo-2.6.9-67.0.20.EL.i686.rpm
kernel-devel-2.6.9-67.0.20.EL.i686.rpm
kernel-hugemem-2.6.9-67.0.20.EL.i686.rpm
kernel-hugemem-devel-2.6.9-67.0.20.EL.i686.rpm
kernel-smp-2.6.9-67.0.20.EL.i686.rpm
kernel-smp-devel-2.6.9-67.0.20.EL.i686.rpm
kernel-xenU-2.6.9-67.0.20.EL.i686.rpm
kernel-xenU-devel-2.6.9-67.0.20.EL.i686.rpm

ia64:
kernel-2.6.9-67.0.20.EL.ia64.rpm
kernel-debuginfo-2.6.9-67.0.20.EL.ia64.rpm
kernel-devel-2.6.9-67.0.20.EL.ia64.rpm
kernel-largesmp-2.6.9-67.0.20.EL.ia64.rpm
kernel-largesmp-devel-2.6.9-67.0.20.EL.ia64.rpm

noarch:
kernel-doc-2.6.9-67.0.20.EL.noarch.rpm

x86_64:
kernel-2.6.9-67.0.20.EL.x86_64.rpm
kernel-debuginfo-2.6.9-67.0.20.EL.x86_64.rpm
kernel-devel-2.6.9-67.0.20.EL.x86_64.rpm
kernel-largesmp-2.6.9-67.0.20.EL.x86_64.rpm
kernel-largesmp-devel-2.6.9-67.0.20.EL.x86_64.rpm
kernel-smp-2.6.9-67.0.20.EL.x86_64.rpm
kernel-smp-devel-2.6.9-67.0.20.EL.x86_64.rpm
kernel-xenU-2.6.9-67.0.20.EL.x86_64.rpm
kernel-xenU-devel-2.6.9-67.0.20.EL.x86_64.rpm

These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
https://www.redhat.com/security/team/key/#package

7. References:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0598
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1367
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2365
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2729
http://www.redhat.com/security/updates/classification/#important

8. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact
details at https://www.redhat.com/security/team/contact/

Copyright 2008 Red Hat, Inc.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.4 (GNU/Linux)

iD8DBQFIYmHsXlSAg2UNWIIRAqgFAJ99yj522cnmgB1O2Gmod2 OtKwcdOACeMOXQ
wx+oqa3/HlRvUCW/Y/nqM+8=
=jD9e
-----END PGP SIGNATURE-----


--
Enterprise-watch-list mailing list
Enterprise-watch-list@redhat.com
https://www.redhat.com/mailman/listinfo/enterprise-watch-list
 
Old 06-25-2008, 03:48 PM
 
Default Important: kernel security and bug fix update

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

================================================== ===================
Red Hat Security Advisory

Synopsis: Important: kernel security and bug fix update
Advisory ID: RHSA-2008:0519-01
Product: Red Hat Enterprise Linux
Advisory URL: https://rhn.redhat.com/errata/RHSA-2008-0519.html
Issue date: 2008-06-25
CVE Names: CVE-2008-0598 CVE-2008-2358 CVE-2008-2729
================================================== ===================

1. Summary:

Updated kernel packages that fix various security issues and a bug are now
available for Red Hat Enterprise Linux 5.

This update has been rated as having important security impact by the Red
Hat Security Response Team.

2. Relevant releases/architectures:

Red Hat Enterprise Linux Desktop (v. 5 client) - i386, noarch, x86_64
Red Hat Enterprise Linux (v. 5 server) - i386, ia64, noarch, ppc, s390x, x86_64

3. Description:

The kernel packages contain the Linux kernel, the core of any Linux
operating system.

These updated packages fix the following security issues:

* A security flaw was found in the Linux kernel memory copy routines, when
running on certain AMD64 systems. If an unsuccessful attempt to copy kernel
memory from source to destination memory locations occurred, the copy
routines did not zero the content at the destination memory location. This
could allow a local unprivileged user to view potentially sensitive data.
(CVE-2008-2729, Important)

* Tavis Ormandy discovered a deficiency in the Linux kernel 32-bit and
64-bit emulation. This could allow a local unprivileged user to prepare and
run a specially crafted binary, which would use this deficiency to leak
uninitialized and potentially sensitive data. (CVE-2008-0598, Important)

* Brandon Edwards discovered a missing length validation check in the Linux
kernel DCCP module reconciliation feature. This could allow a local
unprivileged user to cause a heap overflow, gaining privileges for
arbitrary code execution. (CVE-2008-2358, Moderate)

As well, these updated packages fix the following bug:

* Due to a regression, "gettimeofday" may have gone backwards on certain
x86 hardware. This issue was quite dangerous for time-sensitive systems,
such as those used for transaction systems and databases, and may have
caused applications to produce incorrect results, or even crash.

Red Hat Enterprise Linux 5 users are advised to upgrade to these updated
packages, which contain backported patches to resolve these issues.

4. Solution:

Before applying this update, make sure that all previously-released
errata relevant to your system have been applied.

This update is available via Red Hat Network. Details on how to use
the Red Hat Network to apply this update are available at
http://kbase.redhat.com/faq/FAQ_58_10188

5. Bugs fixed (http://bugzilla.redhat.com/):

433938 - CVE-2008-0598 kernel: linux x86_64 ia32 emulation leaks uninitialized data
447389 - CVE-2008-2358 kernel: dccp: sanity check feature length
451271 - CVE-2008-2729 kernel: [x86_64] The string instruction version didn't zero the output on exception.

6. Package List:

Red Hat Enterprise Linux Desktop (v. 5 client):

Source:
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Client/en/os/SRPMS/kernel-2.6.18-92.1.6.el5.src.rpm

i386:
kernel-2.6.18-92.1.6.el5.i686.rpm
kernel-PAE-2.6.18-92.1.6.el5.i686.rpm
kernel-PAE-debuginfo-2.6.18-92.1.6.el5.i686.rpm
kernel-PAE-devel-2.6.18-92.1.6.el5.i686.rpm
kernel-debug-2.6.18-92.1.6.el5.i686.rpm
kernel-debug-debuginfo-2.6.18-92.1.6.el5.i686.rpm
kernel-debug-devel-2.6.18-92.1.6.el5.i686.rpm
kernel-debuginfo-2.6.18-92.1.6.el5.i686.rpm
kernel-debuginfo-common-2.6.18-92.1.6.el5.i686.rpm
kernel-devel-2.6.18-92.1.6.el5.i686.rpm
kernel-headers-2.6.18-92.1.6.el5.i386.rpm
kernel-xen-2.6.18-92.1.6.el5.i686.rpm
kernel-xen-debuginfo-2.6.18-92.1.6.el5.i686.rpm
kernel-xen-devel-2.6.18-92.1.6.el5.i686.rpm

noarch:
kernel-doc-2.6.18-92.1.6.el5.noarch.rpm

x86_64:
kernel-2.6.18-92.1.6.el5.x86_64.rpm
kernel-debug-2.6.18-92.1.6.el5.x86_64.rpm
kernel-debug-debuginfo-2.6.18-92.1.6.el5.x86_64.rpm
kernel-debug-devel-2.6.18-92.1.6.el5.x86_64.rpm
kernel-debuginfo-2.6.18-92.1.6.el5.x86_64.rpm
kernel-debuginfo-common-2.6.18-92.1.6.el5.x86_64.rpm
kernel-devel-2.6.18-92.1.6.el5.x86_64.rpm
kernel-headers-2.6.18-92.1.6.el5.x86_64.rpm
kernel-xen-2.6.18-92.1.6.el5.x86_64.rpm
kernel-xen-debuginfo-2.6.18-92.1.6.el5.x86_64.rpm
kernel-xen-devel-2.6.18-92.1.6.el5.x86_64.rpm

Red Hat Enterprise Linux (v. 5 server):

Source:
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Server/en/os/SRPMS/kernel-2.6.18-92.1.6.el5.src.rpm

i386:
kernel-2.6.18-92.1.6.el5.i686.rpm
kernel-PAE-2.6.18-92.1.6.el5.i686.rpm
kernel-PAE-debuginfo-2.6.18-92.1.6.el5.i686.rpm
kernel-PAE-devel-2.6.18-92.1.6.el5.i686.rpm
kernel-debug-2.6.18-92.1.6.el5.i686.rpm
kernel-debug-debuginfo-2.6.18-92.1.6.el5.i686.rpm
kernel-debug-devel-2.6.18-92.1.6.el5.i686.rpm
kernel-debuginfo-2.6.18-92.1.6.el5.i686.rpm
kernel-debuginfo-common-2.6.18-92.1.6.el5.i686.rpm
kernel-devel-2.6.18-92.1.6.el5.i686.rpm
kernel-headers-2.6.18-92.1.6.el5.i386.rpm
kernel-xen-2.6.18-92.1.6.el5.i686.rpm
kernel-xen-debuginfo-2.6.18-92.1.6.el5.i686.rpm
kernel-xen-devel-2.6.18-92.1.6.el5.i686.rpm

ia64:
kernel-2.6.18-92.1.6.el5.ia64.rpm
kernel-debug-2.6.18-92.1.6.el5.ia64.rpm
kernel-debug-debuginfo-2.6.18-92.1.6.el5.ia64.rpm
kernel-debug-devel-2.6.18-92.1.6.el5.ia64.rpm
kernel-debuginfo-2.6.18-92.1.6.el5.ia64.rpm
kernel-debuginfo-common-2.6.18-92.1.6.el5.ia64.rpm
kernel-devel-2.6.18-92.1.6.el5.ia64.rpm
kernel-headers-2.6.18-92.1.6.el5.ia64.rpm
kernel-xen-2.6.18-92.1.6.el5.ia64.rpm
kernel-xen-debuginfo-2.6.18-92.1.6.el5.ia64.rpm
kernel-xen-devel-2.6.18-92.1.6.el5.ia64.rpm

noarch:
kernel-doc-2.6.18-92.1.6.el5.noarch.rpm

ppc:
kernel-2.6.18-92.1.6.el5.ppc64.rpm
kernel-debug-2.6.18-92.1.6.el5.ppc64.rpm
kernel-debug-debuginfo-2.6.18-92.1.6.el5.ppc64.rpm
kernel-debug-devel-2.6.18-92.1.6.el5.ppc64.rpm
kernel-debuginfo-2.6.18-92.1.6.el5.ppc64.rpm
kernel-debuginfo-common-2.6.18-92.1.6.el5.ppc64.rpm
kernel-devel-2.6.18-92.1.6.el5.ppc64.rpm
kernel-headers-2.6.18-92.1.6.el5.ppc.rpm
kernel-headers-2.6.18-92.1.6.el5.ppc64.rpm
kernel-kdump-2.6.18-92.1.6.el5.ppc64.rpm
kernel-kdump-debuginfo-2.6.18-92.1.6.el5.ppc64.rpm
kernel-kdump-devel-2.6.18-92.1.6.el5.ppc64.rpm

s390x:
kernel-2.6.18-92.1.6.el5.s390x.rpm
kernel-debug-2.6.18-92.1.6.el5.s390x.rpm
kernel-debug-debuginfo-2.6.18-92.1.6.el5.s390x.rpm
kernel-debug-devel-2.6.18-92.1.6.el5.s390x.rpm
kernel-debuginfo-2.6.18-92.1.6.el5.s390x.rpm
kernel-debuginfo-common-2.6.18-92.1.6.el5.s390x.rpm
kernel-devel-2.6.18-92.1.6.el5.s390x.rpm
kernel-headers-2.6.18-92.1.6.el5.s390x.rpm
kernel-kdump-2.6.18-92.1.6.el5.s390x.rpm
kernel-kdump-debuginfo-2.6.18-92.1.6.el5.s390x.rpm
kernel-kdump-devel-2.6.18-92.1.6.el5.s390x.rpm

x86_64:
kernel-2.6.18-92.1.6.el5.x86_64.rpm
kernel-debug-2.6.18-92.1.6.el5.x86_64.rpm
kernel-debug-debuginfo-2.6.18-92.1.6.el5.x86_64.rpm
kernel-debug-devel-2.6.18-92.1.6.el5.x86_64.rpm
kernel-debuginfo-2.6.18-92.1.6.el5.x86_64.rpm
kernel-debuginfo-common-2.6.18-92.1.6.el5.x86_64.rpm
kernel-devel-2.6.18-92.1.6.el5.x86_64.rpm
kernel-headers-2.6.18-92.1.6.el5.x86_64.rpm
kernel-xen-2.6.18-92.1.6.el5.x86_64.rpm
kernel-xen-debuginfo-2.6.18-92.1.6.el5.x86_64.rpm
kernel-xen-devel-2.6.18-92.1.6.el5.x86_64.rpm

These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
https://www.redhat.com/security/team/key/#package

7. References:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0598
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2358
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2729
http://www.redhat.com/security/updates/classification/#important

8. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact
details at https://www.redhat.com/security/team/contact/

Copyright 2008 Red Hat, Inc.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.4 (GNU/Linux)

iD8DBQFIYmjDXlSAg2UNWIIRAvVmAKCzyx4amEJSyv8P3Wm9W+ jb63JFEgCgmv6u
oxXBJHr1o6HqzfQ2lbahoYQ=
=oUiB
-----END PGP SIGNATURE-----


--
Enterprise-watch-list mailing list
Enterprise-watch-list@redhat.com
https://www.redhat.com/mailman/listinfo/enterprise-watch-list
 
Old 07-23-2008, 01:31 PM
 
Default Important: kernel security and bug fix update

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

================================================== ===================
Red Hat Security Advisory

Synopsis: Important: kernel security and bug fix update
Advisory ID: RHSA-2008:0607-01
Product: Red Hat Enterprise Linux
Advisory URL: https://rhn.redhat.com/errata/RHSA-2008-0607.html
Issue date: 2008-07-23
CVE Names: CVE-2008-2136
================================================== ===================

1. Summary:

Updated kernel packages that fix a security issue and several bugs are now
available for Red Hat Enterprise Linux 4.

This update has been rated as having important security impact by the Red
Hat Security Response Team.

2. Relevant releases/architectures:

Red Hat Enterprise Linux AS version 4 - i386, ia64, noarch, ppc, s390, s390x, x86_64
Red Hat Enterprise Linux Desktop version 4 - i386, noarch, x86_64
Red Hat Enterprise Linux ES version 4 - i386, ia64, noarch, x86_64
Red Hat Enterprise Linux WS version 4 - i386, ia64, noarch, x86_64

3. Description:

The kernel packages contain the Linux kernel, the core of any Linux
operating system.

These updated packages fix the following security issue:

* a possible kernel memory leak was found in the Linux kernel Simple
Internet Transition (SIT) INET6 implementation. This could allow a local
unprivileged user to cause a denial of service. (CVE-2008-2136, Important)

As well, these updated packages fix the following bugs:

* a possible kernel hang on hugemem systems, due to a bug in NFS, which may
have caused systems to become unresponsive, has been resolved.

* an inappropriate exit condition occurred in the architecture-specific
"mmap()" realization, which fell into an infinite loop under certain
conditions. On 64-bit systems, this issue may have manifested itself to
users as a soft lockup, or process hangs.

* due to a bug in hardware initialization in the "ohci_hcd" kernel module,
the kernel may have failed with a NULL pointer dereference. On 64-bit
PowerPC systems, this may have caused booting to fail, and drop to xmon. On
other platforms, a kernel oops occurred.

* due to insufficient locks in task termination code, a panic may have
occurred in the "sys_times()" system call on SMP machines.

Red Hat Enterprise Linux 4 users are advised to upgrade to these updated
packages, which contain backported patches to resolve these issues.

4. Solution:

Before applying this update, make sure that all previously-released
errata relevant to your system have been applied.

This update is available via Red Hat Network. Details on how to use
the Red Hat Network to apply this update are available at
http://kbase.redhat.com/faq/FAQ_58_10188

5. Bugs fixed (http://bugzilla.redhat.com/):

446031 - CVE-2008-2136 kernel: sit memory leak
450185 - [RHEL 4] cffimtgsaslx08 hung
450760 - Patch for bug 360281 "Odd behaviour in mmap" introduces regression
450865 - kernel failed to boot and dropped to xmon
455072 - kernel panic with kernel version 2.6.9-67.0.20.EL

6. Package List:

Red Hat Enterprise Linux AS version 4:

Source:
ftp://updates.redhat.com/enterprise/4AS/en/os/SRPMS/kernel-2.6.9-67.0.22.EL.src.rpm

i386:
kernel-2.6.9-67.0.22.EL.i686.rpm
kernel-debuginfo-2.6.9-67.0.22.EL.i686.rpm
kernel-devel-2.6.9-67.0.22.EL.i686.rpm
kernel-hugemem-2.6.9-67.0.22.EL.i686.rpm
kernel-hugemem-devel-2.6.9-67.0.22.EL.i686.rpm
kernel-smp-2.6.9-67.0.22.EL.i686.rpm
kernel-smp-devel-2.6.9-67.0.22.EL.i686.rpm
kernel-xenU-2.6.9-67.0.22.EL.i686.rpm
kernel-xenU-devel-2.6.9-67.0.22.EL.i686.rpm

ia64:
kernel-2.6.9-67.0.22.EL.ia64.rpm
kernel-debuginfo-2.6.9-67.0.22.EL.ia64.rpm
kernel-devel-2.6.9-67.0.22.EL.ia64.rpm
kernel-largesmp-2.6.9-67.0.22.EL.ia64.rpm
kernel-largesmp-devel-2.6.9-67.0.22.EL.ia64.rpm

noarch:
kernel-doc-2.6.9-67.0.22.EL.noarch.rpm

ppc:
kernel-2.6.9-67.0.22.EL.ppc64.rpm
kernel-2.6.9-67.0.22.EL.ppc64iseries.rpm
kernel-debuginfo-2.6.9-67.0.22.EL.ppc64.rpm
kernel-debuginfo-2.6.9-67.0.22.EL.ppc64iseries.rpm
kernel-devel-2.6.9-67.0.22.EL.ppc64.rpm
kernel-devel-2.6.9-67.0.22.EL.ppc64iseries.rpm
kernel-largesmp-2.6.9-67.0.22.EL.ppc64.rpm
kernel-largesmp-devel-2.6.9-67.0.22.EL.ppc64.rpm

s390:
kernel-2.6.9-67.0.22.EL.s390.rpm
kernel-debuginfo-2.6.9-67.0.22.EL.s390.rpm
kernel-devel-2.6.9-67.0.22.EL.s390.rpm

s390x:
kernel-2.6.9-67.0.22.EL.s390x.rpm
kernel-debuginfo-2.6.9-67.0.22.EL.s390x.rpm
kernel-devel-2.6.9-67.0.22.EL.s390x.rpm

x86_64:
kernel-2.6.9-67.0.22.EL.x86_64.rpm
kernel-debuginfo-2.6.9-67.0.22.EL.x86_64.rpm
kernel-devel-2.6.9-67.0.22.EL.x86_64.rpm
kernel-largesmp-2.6.9-67.0.22.EL.x86_64.rpm
kernel-largesmp-devel-2.6.9-67.0.22.EL.x86_64.rpm
kernel-smp-2.6.9-67.0.22.EL.x86_64.rpm
kernel-smp-devel-2.6.9-67.0.22.EL.x86_64.rpm
kernel-xenU-2.6.9-67.0.22.EL.x86_64.rpm
kernel-xenU-devel-2.6.9-67.0.22.EL.x86_64.rpm

Red Hat Enterprise Linux Desktop version 4:

Source:
ftp://updates.redhat.com/enterprise/4Desktop/en/os/SRPMS/kernel-2.6.9-67.0.22.EL.src.rpm

i386:
kernel-2.6.9-67.0.22.EL.i686.rpm
kernel-debuginfo-2.6.9-67.0.22.EL.i686.rpm
kernel-devel-2.6.9-67.0.22.EL.i686.rpm
kernel-hugemem-2.6.9-67.0.22.EL.i686.rpm
kernel-hugemem-devel-2.6.9-67.0.22.EL.i686.rpm
kernel-smp-2.6.9-67.0.22.EL.i686.rpm
kernel-smp-devel-2.6.9-67.0.22.EL.i686.rpm
kernel-xenU-2.6.9-67.0.22.EL.i686.rpm
kernel-xenU-devel-2.6.9-67.0.22.EL.i686.rpm

noarch:
kernel-doc-2.6.9-67.0.22.EL.noarch.rpm

x86_64:
kernel-2.6.9-67.0.22.EL.x86_64.rpm
kernel-debuginfo-2.6.9-67.0.22.EL.x86_64.rpm
kernel-devel-2.6.9-67.0.22.EL.x86_64.rpm
kernel-largesmp-2.6.9-67.0.22.EL.x86_64.rpm
kernel-largesmp-devel-2.6.9-67.0.22.EL.x86_64.rpm
kernel-smp-2.6.9-67.0.22.EL.x86_64.rpm
kernel-smp-devel-2.6.9-67.0.22.EL.x86_64.rpm
kernel-xenU-2.6.9-67.0.22.EL.x86_64.rpm
kernel-xenU-devel-2.6.9-67.0.22.EL.x86_64.rpm

Red Hat Enterprise Linux ES version 4:

Source:
ftp://updates.redhat.com/enterprise/4ES/en/os/SRPMS/kernel-2.6.9-67.0.22.EL.src.rpm

i386:
kernel-2.6.9-67.0.22.EL.i686.rpm
kernel-debuginfo-2.6.9-67.0.22.EL.i686.rpm
kernel-devel-2.6.9-67.0.22.EL.i686.rpm
kernel-hugemem-2.6.9-67.0.22.EL.i686.rpm
kernel-hugemem-devel-2.6.9-67.0.22.EL.i686.rpm
kernel-smp-2.6.9-67.0.22.EL.i686.rpm
kernel-smp-devel-2.6.9-67.0.22.EL.i686.rpm
kernel-xenU-2.6.9-67.0.22.EL.i686.rpm
kernel-xenU-devel-2.6.9-67.0.22.EL.i686.rpm

ia64:
kernel-2.6.9-67.0.22.EL.ia64.rpm
kernel-debuginfo-2.6.9-67.0.22.EL.ia64.rpm
kernel-devel-2.6.9-67.0.22.EL.ia64.rpm
kernel-largesmp-2.6.9-67.0.22.EL.ia64.rpm
kernel-largesmp-devel-2.6.9-67.0.22.EL.ia64.rpm

noarch:
kernel-doc-2.6.9-67.0.22.EL.noarch.rpm

x86_64:
kernel-2.6.9-67.0.22.EL.x86_64.rpm
kernel-debuginfo-2.6.9-67.0.22.EL.x86_64.rpm
kernel-devel-2.6.9-67.0.22.EL.x86_64.rpm
kernel-largesmp-2.6.9-67.0.22.EL.x86_64.rpm
kernel-largesmp-devel-2.6.9-67.0.22.EL.x86_64.rpm
kernel-smp-2.6.9-67.0.22.EL.x86_64.rpm
kernel-smp-devel-2.6.9-67.0.22.EL.x86_64.rpm
kernel-xenU-2.6.9-67.0.22.EL.x86_64.rpm
kernel-xenU-devel-2.6.9-67.0.22.EL.x86_64.rpm

Red Hat Enterprise Linux WS version 4:

Source:
ftp://updates.redhat.com/enterprise/4WS/en/os/SRPMS/kernel-2.6.9-67.0.22.EL.src.rpm

i386:
kernel-2.6.9-67.0.22.EL.i686.rpm
kernel-debuginfo-2.6.9-67.0.22.EL.i686.rpm
kernel-devel-2.6.9-67.0.22.EL.i686.rpm
kernel-hugemem-2.6.9-67.0.22.EL.i686.rpm
kernel-hugemem-devel-2.6.9-67.0.22.EL.i686.rpm
kernel-smp-2.6.9-67.0.22.EL.i686.rpm
kernel-smp-devel-2.6.9-67.0.22.EL.i686.rpm
kernel-xenU-2.6.9-67.0.22.EL.i686.rpm
kernel-xenU-devel-2.6.9-67.0.22.EL.i686.rpm

ia64:
kernel-2.6.9-67.0.22.EL.ia64.rpm
kernel-debuginfo-2.6.9-67.0.22.EL.ia64.rpm
kernel-devel-2.6.9-67.0.22.EL.ia64.rpm
kernel-largesmp-2.6.9-67.0.22.EL.ia64.rpm
kernel-largesmp-devel-2.6.9-67.0.22.EL.ia64.rpm

noarch:
kernel-doc-2.6.9-67.0.22.EL.noarch.rpm

x86_64:
kernel-2.6.9-67.0.22.EL.x86_64.rpm
kernel-debuginfo-2.6.9-67.0.22.EL.x86_64.rpm
kernel-devel-2.6.9-67.0.22.EL.x86_64.rpm
kernel-largesmp-2.6.9-67.0.22.EL.x86_64.rpm
kernel-largesmp-devel-2.6.9-67.0.22.EL.x86_64.rpm
kernel-smp-2.6.9-67.0.22.EL.x86_64.rpm
kernel-smp-devel-2.6.9-67.0.22.EL.x86_64.rpm
kernel-xenU-2.6.9-67.0.22.EL.x86_64.rpm
kernel-xenU-devel-2.6.9-67.0.22.EL.x86_64.rpm

These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
https://www.redhat.com/security/team/key/#package

7. References:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2136
http://www.redhat.com/security/updates/classification/#important

8. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact
details at https://www.redhat.com/security/team/contact/

Copyright 2008 Red Hat, Inc.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.4 (GNU/Linux)

iD8DBQFIhzLCXlSAg2UNWIIRAmwOAJ96HdACdEqmx+9KrjC7I8 Qbg0NJGgCffMWN
2maO73NvbzcIEFAv43RE10M=
=vrNg
-----END PGP SIGNATURE-----


--
Enterprise-watch-list mailing list
Enterprise-watch-list@redhat.com
https://www.redhat.com/mailman/listinfo/enterprise-watch-list
 
Old 08-04-2008, 06:12 PM
 
Default Important: kernel security and bug fix update

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

================================================== ===================
Red Hat Security Advisory

Synopsis: Important: kernel security and bug fix update
Advisory ID: RHSA-2008:0612-01
Product: Red Hat Enterprise Linux
Advisory URL: https://rhn.redhat.com/errata/RHSA-2008-0612.html
Issue date: 2008-08-04
CVE Names: CVE-2008-2136 CVE-2008-1294 CVE-2008-2812
================================================== ===================

1. Summary:

Updated kernel packages that fix various security issues and several bugs
are now available for Red Hat Enterprise Linux 5.

This update has been rated as having important security impact by the Red
Hat Security Response Team.

2. Relevant releases/architectures:

Red Hat Enterprise Linux Desktop (v. 5 client) - i386, noarch, x86_64
Red Hat Enterprise Linux (v. 5 server) - i386, ia64, noarch, ppc, s390x, x86_64

3. Description:

The kernel packages contain the Linux kernel, the core of any Linux
operating system.

These updated packages fix the following security issues:

* a possible kernel memory leak was found in the Linux kernel Simple
Internet Transition (SIT) INET6 implementation. This could allow a local
unprivileged user to cause a denial of service. (CVE-2008-2136, Important)

* a flaw was found in the Linux kernel setrlimit system call, when setting
RLIMIT_CPU to a certain value. This could allow a local unprivileged user
to bypass the CPU time limit. (CVE-2008-1294, Moderate)

* multiple NULL pointer dereferences were found in various Linux kernel
network drivers. These drivers were missing checks for terminal validity,
which could allow privilege escalation. (CVE-2008-2812, Moderate)

These updated packages fix the following bugs:

* the GNU libc stub resolver is a minimal resolver that works with Domain
Name System (DNS) servers to satisfy requests from applications for names.
The GNU libc stub resolver did not specify a source UDP port, and therefore
used predictable port numbers. This could have made DNS spoofing attacks
easier.

The Linux kernel has been updated to implement random UDP source ports
where none are specified by an application. This allows applications, such
as those using the GNU libc stub resolver, to use random UDP source ports,
helping to make DNS spoofing attacks harder.

* when using certain hardware, a bug in UART_BUG_TXEN may have caused
incorrect hardware detection, causing data flow to "/dev/ttyS1" to hang.

* a 50-75% drop in NFS server rewrite performance, compared to Red Hat
Enterprise Linux 4.6, has been resolved.

* due a bug in the fast userspace mutex code, while one thread fetched a
pointer, another thread may have removed it, causing the first thread to
fetch the wrong pointer, possibly causing a system crash.

* on certain Hitachi hardware, removing the "uhci_hcd" module caused a
kernel oops, and the following error:

BUG: warning at arch/ia64/kernel/iosapic.c:1001/iosapic_unregister_intr()

Even after the "uhci_hcd" module was reloaded, there was no access to USB
devices. As well, on systems that have legacy interrupts,
"acpi_unregister_gsi" incorrectly called "iosapci_unregister_intr()",
causing warning messages to be logged.

* when a page was mapped with mmap(), and "PROT_WRITE" was the only
"prot" argument, the first read of that page caused a segmentation fault.
If the page was read after it was written to, no fault occurred. This was
incompatible with the Red Hat Enterprise Linux 4 behavior.

* due to a NULL pointer dereference in powernowk8_init(), a panic may
have occurred.

* certain error conditions handled by the bonding sysfs interface could
have left rtnl_lock() unbalanced, either by locking and returning without
unlocking, or by unlocking when it did not lock, possibly causing a
"kernel: RTNL: assertion failed at net/core/fib_rules.c" error.

* the kernel currently expects a maximum of six Machine Check Exception
(MCE) banks to be exposed by a CPU. Certain CPUs have 7 or more, which may
have caused the MCE to be incorrectly reported.

* a race condition in UNIX domain sockets may have caused recv() to return
zero. For clusters, this may have caused unexpected failovers.

* msgrcv() frequently returned an incorrect "ERESTARTNOHAND (514)" error
number.

* on certain Intel Itanium-based systems, when kdump was configured to halt
the system after a dump operation, after the "System halted." output, the
kernel continued to output endless "soft lockup" messages.

Red Hat Enterprise Linux 5 users are advised to upgrade to these updated
packages, which contain backported patches to resolve these issues.

4. Solution:

Before applying this update, make sure that all previously-released
errata relevant to your system have been applied.

This update is available via Red Hat Network. Details on how to use
the Red Hat Network to apply this update are available at
http://kbase.redhat.com/faq/FAQ_58_10188

5. Bugs fixed (http://bugzilla.redhat.com/):

437114 - CVE-2008-1294 kernel: setrlimit(RLIMIT_CPUINFO) with zero value doesn't inherit properly across children
437121 - CVE-2008-1294 kernel: setrlimit(RLIMIT_CPUINFO) with zero value doesn't inherit properly across children [rhel-5.2.z]
443071 - [Stratus 5.2.z][1/2] ttyS1 lost interrupt and it stops transmitting [rhel-5.2.z]
446031 - CVE-2008-2136 kernel: sit memory leak
446038 - CVE-2008-2136 kernel: sit: exploitable remote memory leak [rhel-5.2.z]
448685 - 50-75 % drop in nfs-server rewrite performance compared to rhel 4.6+ [rhel-5.2.z]
450336 - Kernel crash on futex [rhel-5.2.z]
450337 - [RHEL5] BUG: warning at arch/ia64/kernel/iosapic.c:1001/iosapic_unregiste
450758 - mmap() with PROT_WRITE on RHEL5 incompatible with RHEL4.
450866 - RHEL 5.3 NULL pointer dereferenced in powernowk8_init
451939 - bonding driver can leave rtnl_lock unbalanced
451941 - RHEL 5.3 extend MCE banks support for Dunnington, Nehalem, and beyond
452231 - [RHEL5.1] In unix domain sockets, recv() may incorrectly return zero
452482 - CVE-2008-2826 kernel: sctp: sctp_getsockopt_local_addrs_old() potential overflow [rhel-5.2.z]
453419 - CVE-2008-2812 kernel: NULL ptr dereference in multiple network drivers due to missing checks in tty code
453425 - CVE-2008-2812 kernel: NULL ptr dereference in multiple network drivers due to missing checks in tty code [rhel-5.2.z]
454566 - kernel: randomize udp port allocation
454571 - kernel: randomize udp port allocation [rhel-5.2.z]
455256 - [Stratus 5.2.z][2/2] ttyS1 lost interrupt and it stops transmitting
455278 - The msgrcv() syscall fails with error number 514 (ERESTARTNOHAND).
456117 - [REG][5.3] Soft lockup is detected

6. Package List:

Red Hat Enterprise Linux Desktop (v. 5 client):

Source:
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Client/en/os/SRPMS/kernel-2.6.18-92.1.10.el5.src.rpm

i386:
kernel-2.6.18-92.1.10.el5.i686.rpm
kernel-PAE-2.6.18-92.1.10.el5.i686.rpm
kernel-PAE-debuginfo-2.6.18-92.1.10.el5.i686.rpm
kernel-PAE-devel-2.6.18-92.1.10.el5.i686.rpm
kernel-debug-2.6.18-92.1.10.el5.i686.rpm
kernel-debug-debuginfo-2.6.18-92.1.10.el5.i686.rpm
kernel-debug-devel-2.6.18-92.1.10.el5.i686.rpm
kernel-debuginfo-2.6.18-92.1.10.el5.i686.rpm
kernel-debuginfo-common-2.6.18-92.1.10.el5.i686.rpm
kernel-devel-2.6.18-92.1.10.el5.i686.rpm
kernel-headers-2.6.18-92.1.10.el5.i386.rpm
kernel-xen-2.6.18-92.1.10.el5.i686.rpm
kernel-xen-debuginfo-2.6.18-92.1.10.el5.i686.rpm
kernel-xen-devel-2.6.18-92.1.10.el5.i686.rpm

noarch:
kernel-doc-2.6.18-92.1.10.el5.noarch.rpm

x86_64:
kernel-2.6.18-92.1.10.el5.x86_64.rpm
kernel-debug-2.6.18-92.1.10.el5.x86_64.rpm
kernel-debug-debuginfo-2.6.18-92.1.10.el5.x86_64.rpm
kernel-debug-devel-2.6.18-92.1.10.el5.x86_64.rpm
kernel-debuginfo-2.6.18-92.1.10.el5.x86_64.rpm
kernel-debuginfo-common-2.6.18-92.1.10.el5.x86_64.rpm
kernel-devel-2.6.18-92.1.10.el5.x86_64.rpm
kernel-headers-2.6.18-92.1.10.el5.x86_64.rpm
kernel-xen-2.6.18-92.1.10.el5.x86_64.rpm
kernel-xen-debuginfo-2.6.18-92.1.10.el5.x86_64.rpm
kernel-xen-devel-2.6.18-92.1.10.el5.x86_64.rpm

Red Hat Enterprise Linux (v. 5 server):

Source:
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Server/en/os/SRPMS/kernel-2.6.18-92.1.10.el5.src.rpm

i386:
kernel-2.6.18-92.1.10.el5.i686.rpm
kernel-PAE-2.6.18-92.1.10.el5.i686.rpm
kernel-PAE-debuginfo-2.6.18-92.1.10.el5.i686.rpm
kernel-PAE-devel-2.6.18-92.1.10.el5.i686.rpm
kernel-debug-2.6.18-92.1.10.el5.i686.rpm
kernel-debug-debuginfo-2.6.18-92.1.10.el5.i686.rpm
kernel-debug-devel-2.6.18-92.1.10.el5.i686.rpm
kernel-debuginfo-2.6.18-92.1.10.el5.i686.rpm
kernel-debuginfo-common-2.6.18-92.1.10.el5.i686.rpm
kernel-devel-2.6.18-92.1.10.el5.i686.rpm
kernel-headers-2.6.18-92.1.10.el5.i386.rpm
kernel-xen-2.6.18-92.1.10.el5.i686.rpm
kernel-xen-debuginfo-2.6.18-92.1.10.el5.i686.rpm
kernel-xen-devel-2.6.18-92.1.10.el5.i686.rpm

ia64:
kernel-2.6.18-92.1.10.el5.ia64.rpm
kernel-debug-2.6.18-92.1.10.el5.ia64.rpm
kernel-debug-debuginfo-2.6.18-92.1.10.el5.ia64.rpm
kernel-debug-devel-2.6.18-92.1.10.el5.ia64.rpm
kernel-debuginfo-2.6.18-92.1.10.el5.ia64.rpm
kernel-debuginfo-common-2.6.18-92.1.10.el5.ia64.rpm
kernel-devel-2.6.18-92.1.10.el5.ia64.rpm
kernel-headers-2.6.18-92.1.10.el5.ia64.rpm
kernel-xen-2.6.18-92.1.10.el5.ia64.rpm
kernel-xen-debuginfo-2.6.18-92.1.10.el5.ia64.rpm
kernel-xen-devel-2.6.18-92.1.10.el5.ia64.rpm

noarch:
kernel-doc-2.6.18-92.1.10.el5.noarch.rpm

ppc:
kernel-2.6.18-92.1.10.el5.ppc64.rpm
kernel-debug-2.6.18-92.1.10.el5.ppc64.rpm
kernel-debug-debuginfo-2.6.18-92.1.10.el5.ppc64.rpm
kernel-debug-devel-2.6.18-92.1.10.el5.ppc64.rpm
kernel-debuginfo-2.6.18-92.1.10.el5.ppc64.rpm
kernel-debuginfo-common-2.6.18-92.1.10.el5.ppc64.rpm
kernel-devel-2.6.18-92.1.10.el5.ppc64.rpm
kernel-headers-2.6.18-92.1.10.el5.ppc.rpm
kernel-headers-2.6.18-92.1.10.el5.ppc64.rpm
kernel-kdump-2.6.18-92.1.10.el5.ppc64.rpm
kernel-kdump-debuginfo-2.6.18-92.1.10.el5.ppc64.rpm
kernel-kdump-devel-2.6.18-92.1.10.el5.ppc64.rpm

s390x:
kernel-2.6.18-92.1.10.el5.s390x.rpm
kernel-debug-2.6.18-92.1.10.el5.s390x.rpm
kernel-debug-debuginfo-2.6.18-92.1.10.el5.s390x.rpm
kernel-debug-devel-2.6.18-92.1.10.el5.s390x.rpm
kernel-debuginfo-2.6.18-92.1.10.el5.s390x.rpm
kernel-debuginfo-common-2.6.18-92.1.10.el5.s390x.rpm
kernel-devel-2.6.18-92.1.10.el5.s390x.rpm
kernel-headers-2.6.18-92.1.10.el5.s390x.rpm
kernel-kdump-2.6.18-92.1.10.el5.s390x.rpm
kernel-kdump-debuginfo-2.6.18-92.1.10.el5.s390x.rpm
kernel-kdump-devel-2.6.18-92.1.10.el5.s390x.rpm

x86_64:
kernel-2.6.18-92.1.10.el5.x86_64.rpm
kernel-debug-2.6.18-92.1.10.el5.x86_64.rpm
kernel-debug-debuginfo-2.6.18-92.1.10.el5.x86_64.rpm
kernel-debug-devel-2.6.18-92.1.10.el5.x86_64.rpm
kernel-debuginfo-2.6.18-92.1.10.el5.x86_64.rpm
kernel-debuginfo-common-2.6.18-92.1.10.el5.x86_64.rpm
kernel-devel-2.6.18-92.1.10.el5.x86_64.rpm
kernel-headers-2.6.18-92.1.10.el5.x86_64.rpm
kernel-xen-2.6.18-92.1.10.el5.x86_64.rpm
kernel-xen-debuginfo-2.6.18-92.1.10.el5.x86_64.rpm
kernel-xen-devel-2.6.18-92.1.10.el5.x86_64.rpm

These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
https://www.redhat.com/security/team/key/#package

7. References:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2136
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1294
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2812
http://www.redhat.com/security/updates/classification/#important

8. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact
details at https://www.redhat.com/security/team/contact/

Copyright 2008 Red Hat, Inc.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.4 (GNU/Linux)

iD8DBQFIl0acXlSAg2UNWIIRAmx7AJ9EqbxKVtyHNB6hgSwnNP JtlN/2TACeOrhL
s93hx8mgC+E8SOSj99TwQKM=
=hgzc
-----END PGP SIGNATURE-----


--
Enterprise-watch-list mailing list
Enterprise-watch-list@redhat.com
https://www.redhat.com/mailman/listinfo/enterprise-watch-list
 

Thread Tools




All times are GMT. The time now is 12:46 PM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.
Copyright 2007 - 2008, www.linux-archive.org