[LWN Logo]

Date: Fri, 28 Apr 2000 18:51:44 -0400 (EDT)
From: Cristian Gafton <gafton@redhat.com>
To: redhat-watch-list@redhat.com
Subject: RHBA-2000-018: New kernel packages available for Red Hat Linux 6.2


---------------------------------------------------------------------
                   Red Hat, Inc. Bug Fix Advisory

Synopsis:          Updated kernel available for Red Hat Linux
Advisory ID:       RHBA-2000:018-10
Issue date:        2000-04-10
Updated on:        2000-04-28
Product:           Red Hat Linux
Keywords:          kernel agpgart megaraid networking
Cross references:  N/A
---------------------------------------------------------------------

1. Topic:

Several problems were discovered in the kernel shipped in Red Hat Linux 6.2.
Updated kernel packages are available for download now.

2. Relevant releases/architectures:

Red Hat Linux 6.2 - i386 alpha sparc

3. Problem description:

The following problems have been fixed in this kernel release:

1)  The agpgart.o module was omitted from the 6.2 kernel package. This
module is required for proper operation of i810 video chips.

2)  The AMI MegaRAID driver included in 6.2 requires firmware revision 3.10
or higher.  Data corruption and lockups can occur if version 3.10 or higher
is not used.  The megaraid.o module in this updated package refuses to load
if firmware 3.10 or higher is not present.

3) AF_UNIX fix addresses a problem in which any user on the system could
perform a DoS

4) Exec bug fixes a problem where any user on the system could open any file
or device for side effects on open()

5) Masquerading bug fixes protect against bugs in the UDP code that allow an
attacker to scan and build paths for packet arrival. This is configurable,
because the non security behaviour is useful for some games. This also stops
people from building attacks using a compromised ftp server to build back
channels at server ports on the masquerrading host.

6) Ext2 filesystem bug fixes the error recovery on bad blocks in
directories, which could lead to unpredictable results when continuing to
read a directory after an IO failure. Also fixes a bug where it was possible
to get garbage returned from readdir() if you were reading directory
information into a user buffer which wasn't swapped into physical memory,
and you had multiple threads doing readdir() and seek() on the same file
descriptor.

7) A kernel nfsd denial of service exposure is now fixed.

8) [Sparc only] Several denial of service attacks by local users on Sparc
machines are now patched.

4. Solution:

Upgrade to kernel-2.2.14-12.

The procedure for upgrading the kernel is documented at:

http://www.redhat.com/support/docs/howto/kernel-upgrade/kernel-upgrade.html

Please read the directions for your architecture carefully before proceeding
with the kernel upgrade.

5. Bug IDs fixed (http://bugzilla.redhat.com/bugzilla for more info):

10409 - agp driver not build


6. Obsoleted by:

N/A

7. Conflicts with:

N/A

8. RPMs required:

Red Hat Linux 6.2

intel (i386, i586 and i686 optimized kernels):
ftp://updates.redhat.com/6.2/i386/kernel-2.2.14-12.i386.rpm
ftp://updates.redhat.com/6.2/i386/kernel-smp-2.2.14-12.i386.rpm
ftp://updates.redhat.com/6.2/i386/kernel-headers-2.2.14-12.i386.rpm
ftp://updates.redhat.com/6.2/i386/kernel-source-2.2.14-12.i386.rpm
ftp://updates.redhat.com/6.2/i386/kernel-doc-2.2.14-12.i386.rpm
ftp://updates.redhat.com/6.2/i386/kernel-pcmcia-cs-2.2.14-12.i386.rpm
ftp://updates.redhat.com/6.2/i586/kernel-2.2.14-12.i586.rpm
ftp://updates.redhat.com/6.2/i586/kernel-smp-2.2.14-12.i586.rpm
ftp://updates.redhat.com/6.2/i686/kernel-2.2.14-12.i686.rpm
ftp://updates.redhat.com/6.2/i686/kernel-smp-2.2.14-12.i686.rpm

alpha:
ftp://updates.redhat.com/6.2/alpha/kernel-2.2.14-12.alpha.rpm
ftp://updates.redhat.com/6.2/alpha/kernel-smp-2.2.14-12.alpha.rpm
ftp://updates.redhat.com/6.2/alpha/kernel-headers-2.2.14-12.alpha.rpm
ftp://updates.redhat.com/6.2/alpha/kernel-source-2.2.14-12.alpha.rpm
ftp://updates.redhat.com/6.2/alpha/kernel-doc-2.2.14-12.alpha.rpm

sparc:
ftp://updates.redhat.com/6.2/sparc/kernel-2.2.14-12.sparc.rpm
ftp://updates.redhat.com/6.2/sparc/kernel-smp-2.2.14-12.sparc.rpm
ftp://updates.redhat.com/6.2/sparc/kernel-headers-2.2.14-12.sparc.rpm
ftp://updates.redhat.com/6.2/sparc/kernel-source-2.2.14-12.sparc.rpm
ftp://updates.redhat.com/6.2/sparc/kernel-doc-2.2.14-12.sparc.rpm

sources:
ftp://updates.redhat.com/6.2/SRPMS/kernel-2.2.14-12.src.rpm

9. Verification:

MD5 sum                           Package Name
--------------------------------------------------------------------------
c89d484320c146ea34959b29eecc97a2  6.2/SRPMS/kernel-2.2.14-12.src.rpm
c8ff378080dbe8b80ff12a917b87087d  6.2/alpha/kernel-2.2.14-12.alpha.rpm
cc66d5776c23b8e35213b11b9fef7df1  6.2/alpha/kernel-doc-2.2.14-12.alpha.rpm
578ac2f5e7f3d791b13d2366d0f3568c  6.2/alpha/kernel-headers-2.2.14-12.alpha.rpm
c7ab6ebfcb8da46c3600a0c0b23bb9ae  6.2/alpha/kernel-smp-2.2.14-12.alpha.rpm
4159b1b9b13c45a00bd2198e183c01ff  6.2/alpha/kernel-source-2.2.14-12.alpha.rpm
1f2735d819c192e8a85d6fe31ad769f4  6.2/i386/kernel-2.2.14-12.i386.rpm
9e52cbb798bc1938d9daaa6e88e0dd14  6.2/i386/kernel-doc-2.2.14-12.i386.rpm
8e86ae48bc41f3dd96908af004a4116c  6.2/i386/kernel-headers-2.2.14-12.i386.rpm
ba03fafbec6373887003bc49b82a1786  6.2/i386/kernel-pcmcia-cs-2.2.14-12.i386.rpm
291cdd4571c36e4f241eb5bdfc5c7131  6.2/i386/kernel-smp-2.2.14-12.i386.rpm
395f90591ae401df818c2472786d76f7  6.2/i386/kernel-source-2.2.14-12.i386.rpm
6d129d9bea0099f8af1c586a690571e8  6.2/i586/kernel-2.2.14-12.i586.rpm
02c7db1b6f91612827d5fc358a0c4b56  6.2/i586/kernel-smp-2.2.14-12.i586.rpm
13b5e3cab890e0a7940d1eebf26fe9b3  6.2/i686/kernel-2.2.14-12.i686.rpm
4b70292e101005947c0b2e49070c3be3  6.2/i686/kernel-smp-2.2.14-12.i686.rpm
d6bf517e60a5c821440c72a15ec43b67  6.2/sparc/kernel-2.2.14-12.sparc.rpm
60221961c206f8238da7275fd34d6a41  6.2/sparc/kernel-doc-2.2.14-12.sparc.rpm
7fa5fcf38df5636f7657b68eb5e3af0e  6.2/sparc/kernel-headers-2.2.14-12.sparc.rpm
3835ec733154d69e23493f97706128ee  6.2/sparc/kernel-smp-2.2.14-12.sparc.rpm
8d21f109ed1b58f97c2f5119253a06ee  6.2/sparc/kernel-source-2.2.14-12.sparc.rpm

These packages are GPG signed by Red Hat, Inc. for security.  Our key
is available at:
    http://www.redhat.com/corp/contact.html

You can verify each package with the following command:
    rpm --checksig  <filename>

If you only wish to verify that each package has not been corrupted or
tampered with, examine only the md5sum with the following command:
    rpm --checksig --nogpg <filename>

10. References:

http://www.redhat.com/support/docs/howto/kernel-upgrade/kernel-upgrade.html

Cristian
--
----------------------------------------------------------------------
Cristian Gafton     --     gafton@redhat.com      --     Red Hat, Inc.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
  "How could this be a problem in a country where we have Intel and 
   Microsoft?"  --Al Gore on Y2K


-- 
         To unsubscribe: mail redhat-watch-list-request@redhat.com with 
                       "unsubscribe" as the Subject.