Date: Fri, 04 Jun 1999 08:56:19 -0500 From: yocum@fnal.gov To: linux-security@redhat.com Subject: [linux-security] Forw: 2.2.x kernel vulnerability below. Dan ___________________________________________________________________________ Dan Yocum | Phone: (630) 840-8525 Linux/Unix System Administrator | Fax: (630) 840-6345 Computing Division OSS/FSS | email: yocum@fnal.gov .~. L Fermi National Accelerator Lab | WWW: www-oss.fnal.gov/~yocum/ /V\ I P.O. Box 500 | // \\ N Batavia, IL 60510 | "TANSTAAFL" /( )\ U ________________________________|_________________________________ ^`~'^__X_ ------- Forwarded Message Return-Path: redhat-watch-list-request@redhat.com Received: from lists.redhat.com (lists.redhat.com [199.183.24.247]) by sapphire.fnal.gov (8.8.7/8.8.7) with SMTP id RAA03283 for <yocum@sapphire.fnal.gov>; Wed, 2 Jun 1999 17:46:24 -0500 Received: (qmail 8454 invoked by uid 501); 2 Jun 1999 23:31:15 -0000 Resent-Date: 2 Jun 1999 23:31:15 -0000 Resent-Cc: recipient list not shown: ; MBOX-Line: From redhat-watch-list-request@redhat.com Wed Jun 2 19:31:14 1999 Date: Wed, 2 Jun 1999 16:56:41 -0400 From: Matt Wilson <msw@redhat.com> To: redhat-watch-list@redhat.com Cc: BUGTRAQ@NETSPACE.ORG Subject: [SECURITY] New kernel packages available Message-ID: <19990602165635.A1034@erwin.devel.redhat.com> Mime-Version: 1.0 Content-Type: multipart/signed; boundary=9amGYk9869ThD9tj; micalg=pgp-md5; protocol="application/pgp-signature" X-Mailer: Mutt 0.95.5i Approved: djb@redhat.com Resent-Message-ID: <"zk5vI3.0.U22.2xRLt"@lists.redhat.com> Resent-From: redhat-watch-list@redhat.com Reply-To: redhat-watch-list@redhat.com X-Mailing-List: <redhat-watch-list@redhat.com> archive/latest/28 X-Loop: redhat-watch-list@redhat.com Precedence: list Resent-Sender: redhat-watch-list-request@redhat.com X-URL: http://www.redhat.com - --9amGYk9869ThD9tj Content-Type: text/plain; charset=us-ascii New packages that correct a vulnerability in the kernels that shipped with Red Hat Linux 6.0 are now available. When exploited this vulnerability allows remote users to crash machines running 2.2.x kernels. Thanks to Piotr Wilkin for reporting the problem and to Alan Cox for the fix. Red Hat Software recommends that all users with networked machines upgrade to this release. The procedure for upgrading the kernel is documented at http://www.redhat.com/corp/support/docs/kernel-upgrade/kernel-upgrade.html Please read the entire section for your architecture before upgrading. Red Hat Linux 6.0 ================= Intel - ----- rpm -ivh ftp://updates.redhat.com/6.0/i386/kernel-2.2.5-22.i386.rpm rpm -ivh ftp://updates.redhat.com/6.0/i386/kernel-2.2.5-22.i586.rpm rpm -ivh ftp://updates.redhat.com/6.0/i386/kernel-smp-2.2.5-22.i586.rpm rpm -ivh ftp://updates.redhat.com/6.0/i386/kernel-2.2.5-22.i686.rpm rpm -ivh ftp://updates.redhat.com/6.0/i386/kernel-smp-2.2.5-22.i686.rpm Alpha - ----- rpm -ivh ftp://updates.redhat.com/6.0/alpha/kernel-2.2.5-22.alpha.rpm rpm -ivh ftp://updates.redhat.com/6.0/alpha/kernel-smp-2.2.5-22.alpha.rpm SPARC/UltraSPARC - ---------------- Note: These packages obsolete the earlier kernel-2.2.5-21 release for SPARC. The problems fixed by the 2.2.5-21 release are also fixed in 2.2.5-22. rpm -ivh ftp://updates.redhat.com/6.0/sparc/kernel-2.2.5-22.sparc.rpm rpm -ivh ftp://updates.redhat.com/6.0/sparc/kernel-smp-2.2.5-22.sparc.rpm rpm -ivh ftp://updates.redhat.com/6.0/sparc/kernel-2.2.5-22.sparc64.rpm rpm -ivh ftp://updates.redhat.com/6.0/sparc/kernel-smp-2.2.5-22.sparc64.rpm Source RPM - ---------- rpm -Uvh ftp://updates.redhat.com/6.0/SRPMS/kernel-2.2.5-22.src.rpm =================================================================== Matt Wilson PGP public key: http://charlotte.redhat.com/~msw/pgp_public_key.asc - --9amGYk9869ThD9tj Content-Type: application/pgp-signature - -----BEGIN PGP SIGNATURE----- Version: 2.6.3a iQCVAwUBN1Wag1K2dzf8iSNpAQEB8AP/eBi3zLaICOmM1Bi1GW78GrtuIL1q5Kk6 K3Ehbdj0nb7NoHDTRCiIhLGUgCD8MtHZEEWeArAygSyw4tzL3jGaRdUUNfnHtKOl RvmtBex4NRqblqS1DtSWT3GhwBWQUG3uIqNtHyq3yozmU4rdeV6ujNdjp66FmnLa IFFRV6X94N0= =cFQB - -----END PGP SIGNATURE----- - --9amGYk9869ThD9tj-- - -- To unsubscribe: mail redhat-watch-list-request@redhat.com with "unsubscribe" as the Subject. ------- End of Forwarded Message -- ---------------------------------------------------------------------- Please refer to the information about this list as well as general information about Linux security at http://www.aoy.com/Linux/Security. ---------------------------------------------------------------------- To unsubscribe: mail -s unsubscribe linux-security-request@redhat.com < /dev/null