Full Disclosure mailing list archives
[TURBOLINUX SECURITY INFO] 13/Dec/2004
From: Turbolinux <security-announce () turbolinux co jp>
Date: Mon, 13 Dec 2004 17:50:37 +0900
To: security-announce () turbolinux co jp Message-Id: <200412131750.49195.security-announce () turbolinux co jp> X-ML-Name: server-users-e X-Mail-Count: 00039 X-MLServer: fml [fml 4.0 STABLE (20040215/4.0.4_BETA)](fml commands only mode); post only (only members can post) X-ML-Info: If you have a question, send e-mail with the body "help" (without quotes) to the address server-users-e-ctl () turbolinux co jp; help=<mailto:server-users-e-ctl () turbolinux co jp?body=help> User-Agent: KMail/1.5.4 Content-Disposition: inline X-MIME-Autoconverted: from quoted-printable to 8bit by meigetsu.turbolinux.co.jp id iBD8ooH5014039 Mime-Version: 1.0 Content-Type: Text/Plain; charset="us-ascii" Content-Transfer-Encoding: 8bit Content-Description: clearsigned data Precedence: bulk Lines: 159 List-Id: server-users-e.turbolinux.co.jp List-Software: fml [fml 4.0 STABLE (20040215/4.0.4_BETA)] List-Post: <mailto:server-users-e () turbolinux co jp> List-Owner: <mailto:server-users-e-admin () turbolinux co jp> List-Help: <mailto:server-users-e-ctl () turbolinux co jp?body=help> List-Unsubscribe: <mailto:server-users-e-ctl () turbolinux co jp?body=unsubscribe> Resent-From: security-announce () turbolinux co jp Resent-To: server-users-e () turbolinux co jp (moderated) Resent-Date: Mon, 13 Dec 2004 17:51:58 +0900 Resent-Message-Id: <200412131751.FMLAAB14047.server-users-e () turbolinux co jp> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 This is an announcement only email list for the x86 architecture. ============================================================ Turbolinux Security Announcement 13/Dec/2004 ============================================================ The following page contains the security information of Turbolinux Inc. - Turbolinux Security Center http://www.turbolinux.com/security/ (1) kernel -> Security & Bugfix =========================================================== * kernel -> Security & Bugfix =========================================================== More information: The kernel package contains the Linux kernel -- the core of the Linux operating system. The following have been addressed: - Numerous issues in the Linux ELF binary loader - Issues relating to IDE DMA transfers which prevent installation on machines with SiS chipsets using the SiS 962/963 IDE controller - Null pointer dereferencing in the SG driver - Kernel panic in the SG module caused by successive loading/unloading of SCSI LLD kernel modules (i.e., successive calls to insmod/rmmod) - Race condition in the usb-ehci module - Deadlock condition in the memory manager with certain application-level invocations of mutex_lock - Quirks in the snd-intel8x0 module on some HP machines - Kernel oops on USB CD devices - A problem causing processes to be killed with "Out of Memory" errors The following have been added/updated: - 3c59x driver - aic7xxx driver - aic79xx driver - ndisdriver (0.12) driver - Support for 82597EX_LR by ixgb - megaraid (v2.20.4.1) driver - ext3 and xfs filesystem bug fixes and updates Impact: Affected Products: - Turbolinux 10 Server Solution: Please use the turbopkg (zabom) tool to apply the necessary updates. From KDE, click the K-menu (usually with the Turbolinux logo) and run Turbo Update. From the command line, use the commands below. --------------------------------------------- # turboupdate or # zabom -u kernel kernel-extramodules kernel-headers kernel-numa \ kernel-pcmcia-cs kernel-smp kernel-smp64G kernel-source --------------------------------------------- <Turbolinux 10 Server> Source Packages Size : MD5 ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/10/updates/SRPMS/kernel-2.6.8-3.src.rpm 55161164 0ca8e635c4ddbb235f2f83fc0acf7593 Binary Packages Size : MD5 ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/10/updates/RPMS/kernel-2.6.8-3.i586.rpm 16448993 a4529057b9c3b6bf019806883e1331cd ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/10/updates/RPMS/kernel-extramodules-2.6.8-3.i586.rpm 6838609 63f0d926c8183cd41543ec13eabe674a ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/10/updates/RPMS/kernel-headers-2.6.8-3.i586.rpm 1894893 b3a3002daf1db85a46e3556470aa195f ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/10/updates/RPMS/kernel-numa-2.6.8-3.i586.rpm 16248001 bb0f877d54a012e84028d45427ce9b6d ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/10/updates/RPMS/kernel-pcmcia-cs-2.6.8-3.i586.rpm 334019 417d3e3c63b8529fa23ad49ec409583e ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/10/updates/RPMS/kernel-smp-2.6.8-3.i586.rpm 16216652 b8a05fec8bf1da3a5303e993923e55eb ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/10/updates/RPMS/kernel-smp64G-2.6.8-3.i586.rpm 16205367 87e1a7a968d46d035e29d6476adf9a62 ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/10/updates/RPMS/kernel-source-2.6.8-3.i586.rpm 32759397 2099739a50e643ec02348732051a6147 Notice: You must reboot your system for this (kernel) update to take effect. References: CVE [CAN-2004-1070] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1070 [CAN-2004-1071] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1071 [CAN-2004-1072] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1072 [CAN-2004-1073] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1073 [CAN-2004-1074] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1074 * You may need to update the turbopkg tool before applying the update. Please refer to the following URL for detailed information. http://www.turbolinux.com/download/zabom.html http://www.turbolinux.com/download/zabomupdate.html Package Update Path http://www.turbolinux.com/update/ ============================================================ * To obtain the public key Here is the public key http://www.turbolinux.com/security/ * To unsubscribe from the list If you ever want to remove yourself from this mailing list, you can send a message to <server-users-e-ctl () turbolinux co jp> with the word `unsubscribe' in the body (don't include the quotes). unsubscribe * To change your email address If you ever want to chage email address in this mailing list, you can send a message to <server-users-e-ctl () turbolinux co jp> with the following command in the message body: chaddr 'old address' 'new address' If you have any questions or problems, please contact <supp_info () turbolinux co jp> Thank you! -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.6 (GNU/Linux) iD8DBQFBvVflK0LzjOqIJMwRAugXAJ4kdTgEmP7fNlQaldp36E244r7VlACcCdg7 qpyUBeD83kSOS83W0a6DJKo= =Hn8D -----END PGP SIGNATURE----- _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- [TURBOLINUX SECURITY INFO] 13/Dec/2004 Turbolinux (Dec 13)