---------------------------------------------------------------------Fedora Update Notification
FEDORA-2005-013
2005-01-10
---------------------------------------------------------------------Product     : Fedora Core 3
Name        : kernel
Version     : 2.6.10
Release     : 1.737_FC3
Summary     : The Linux kernel (the core of the Linux operating system)
Description :
The kernel package contains the Linux kernel (vmlinuz), the core of any
Linux operating system.  The kernel handles the basic functions
of the operating system:  memory allocation, process allocation, device
input and output, etc.

This update rebases the kernel to match the upstream 2.6.10 release,
and adds a number of security fixes by means of adding the latest -ac patch.


CAN-2004-1235
  Paul Starzetz from isec.pl found a problem in the binary format loaders uselib()
  function that could lead to potential priveledge escalation.
  https://isec.pl/en/vulnerabilities/isec-0021-uselib.txt

NO-CAN-ASSIGNED
  Brad Spengler found several problems.
  - An integer overflow in the random poolsize sysctl handler.
  - SCSI ioctl integer overflow and information leak.
  - RLIMIT_MEMLOCK bypass and unprivileged user DoS.

NO-CAN-ASSIGNED
  Coverity Inc. found a number of bugs with their automated source checker
  in coda, xfs, network bridging, rose network protocol, and the sdla wan driver.
  
---------------------------------------------------------------------* Mon Jan 10 2005 Dave Jones 
- Disable slab debugging.

* Sat Jan 08 2005 Dave Jones 
- Periodic slab debug is incompatable with pagealloc debug.
  Disable the latter.
- Update to 2.6.10-ac8

* Fri Jan 07 2005 Dave Jones 
- Bump up to -ac7
- Another new card reader.

* Thu Jan 06 2005 Dave Jones 
- Rebase to 2.6.10-ac5

* Tue Jan 04 2005 Dave Jones 
- Rebase to 2.6.10-ac4
- Add periodic slab debug checker.

* Mon Jan 03 2005 Dave Jones 
- Drop patch which meant we needed a newer gcc. (#144035)
- Rebase to 2.6.10-ac2
- Enable SL82C104 IDE driver as built-in on PPC64 (#131033)

---------------------------------------------------------------------This update can be downloaded from:
  
3358578123d1f533f59551e3ae57c58d  SRPMS/kernel-2.6.10-1.737_FC3.src.rpm
fefab702da72d80a17f288a732314f2f  x86_64/kernel-2.6.10-1.737_FC3.x86_64.rpm
367a35017888dd291ae5d5e49d3d528f  x86_64/kernel-smp-2.6.10-1.737_FC3.x86_64.rpm
bdd8a314125cb1999b55c4f6f3cdb246  x86_64/debug/kernel-debuginfo-2.6.10-1.737_FC3.x86_64.rpm
f48db7fff38c51f651364fc58443c30d  x86_64/kernel-doc-2.6.10-1.737_FC3.noarch.rpm
36f98dd65ec1765c26770be7e6362a6f  i386/kernel-2.6.10-1.737_FC3.i586.rpm
a7122fda3dd50ac6adb24789fb6d1bba  i386/kernel-smp-2.6.10-1.737_FC3.i586.rpm
415412abd0857a5789da547af0825864  i386/debug/kernel-debuginfo-2.6.10-1.737_FC3.i586.rpm
909a1a29aa29773b1d9918e2a7614844  i386/kernel-2.6.10-1.737_FC3.i686.rpm
30cd263a60bc43a502ce768c2354dc07  i386/kernel-smp-2.6.10-1.737_FC3.i686.rpm
0d19dc4ba95ca24403c8cf8aab1333d4  i386/debug/kernel-debuginfo-2.6.10-1.737_FC3.i686.rpm
f48db7fff38c51f651364fc58443c30d  i386/kernel-doc-2.6.10-1.737_FC3.noarch.rpm

This update can also be installed with the Update Agent; you can
launch the Update Agent with the 'up2date' command.
-----------------------------------------------------------------------fedora-announce-list mailing list
fedora-announce-list@redhat.com
http://www.redhat.com/mailman/listinfo/fedora-announce-list

Fedora: kernel-2.6.10-1.737_FC3 update

January 10, 2005
This update rebases the kernel to match the upstream 2.6.10 release, and adds a number of security fixes by means of adding the latest -ac patch.

Summary

The kernel package contains the Linux kernel (vmlinuz), the core of any

Linux operating system. The kernel handles the basic functions

of the operating system: memory allocation, process allocation, device

input and output, etc.

This update rebases the kernel to match the upstream 2.6.10 release,

and adds a number of security fixes by means of adding the latest -ac patch.

CAN-2004-1235

Paul Starzetz from isec.pl found a problem in the binary format loaders uselib()

function that could lead to potential priveledge escalation.

https://isec.pl/en/vulnerabilities/isec-0021-uselib.txt

NO-CAN-ASSIGNED

Brad Spengler found several problems.

- An integer overflow in the random poolsize sysctl handler.

- SCSI ioctl integer overflow and information leak.

- RLIMIT_MEMLOCK bypass and unprivileged user DoS.

NO-CAN-ASSIGNED

Coverity Inc. found a number of bugs with their automated source checker

in coda, xfs, network bridging, rose network protocol, and the sdla wan driver.

- Disable slab debugging.

* Sat Jan 08 2005 Dave Jones

- Periodic slab debug is incompatable with pagealloc debug.

Disable the latter.

- Update to 2.6.10-ac8

* Fri Jan 07 2005 Dave Jones

- Bump up to -ac7

- Another new card reader.

* Thu Jan 06 2005 Dave Jones

- Rebase to 2.6.10-ac5

* Tue Jan 04 2005 Dave Jones

- Rebase to 2.6.10-ac4

- Add periodic slab debug checker.

* Mon Jan 03 2005 Dave Jones

- Drop patch which meant we needed a newer gcc. (#144035)

- Rebase to 2.6.10-ac2

- Enable SL82C104 IDE driver as built-in on PPC64 (#131033)

3358578123d1f533f59551e3ae57c58d SRPMS/kernel-2.6.10-1.737_FC3.src.rpm

fefab702da72d80a17f288a732314f2f x86_64/kernel-2.6.10-1.737_FC3.x86_64.rpm

367a35017888dd291ae5d5e49d3d528f x86_64/kernel-smp-2.6.10-1.737_FC3.x86_64.rpm

bdd8a314125cb1999b55c4f6f3cdb246 x86_64/debug/kernel-debuginfo-2.6.10-1.737_FC3.x86_64.rpm

f48db7fff38c51f651364fc58443c30d x86_64/kernel-doc-2.6.10-1.737_FC3.noarch.rpm

36f98dd65ec1765c26770be7e6362a6f i386/kernel-2.6.10-1.737_FC3.i586.rpm

a7122fda3dd50ac6adb24789fb6d1bba i386/kernel-smp-2.6.10-1.737_FC3.i586.rpm

415412abd0857a5789da547af0825864 i386/debug/kernel-debuginfo-2.6.10-1.737_FC3.i586.rpm

909a1a29aa29773b1d9918e2a7614844 i386/kernel-2.6.10-1.737_FC3.i686.rpm

30cd263a60bc43a502ce768c2354dc07 i386/kernel-smp-2.6.10-1.737_FC3.i686.rpm

0d19dc4ba95ca24403c8cf8aab1333d4 i386/debug/kernel-debuginfo-2.6.10-1.737_FC3.i686.rpm

f48db7fff38c51f651364fc58443c30d i386/kernel-doc-2.6.10-1.737_FC3.noarch.rpm

This update can also be installed with the Update Agent; you can

launch the Update Agent with the 'up2date' command.

fedora-announce-list@redhat.com

http://www.redhat.com/mailman/listinfo/fedora-announce-list

FEDORA-2005-013 2005-01-10 Name : kernel Version : 2.6.10 Release : 1.737_FC3 Summary : The Linux kernel (the core of the Linux operating system) Description : The kernel package contains the Linux kernel (vmlinuz), the core of any Linux operating system. The kernel handles the basic functions of the operating system: memory allocation, process allocation, device input and output, etc. This update rebases the kernel to match the upstream 2.6.10 release, and adds a number of security fixes by means of adding the latest -ac patch. CAN-2004-1235 Paul Starzetz from isec.pl found a problem in the binary format loaders uselib() function that could lead to potential priveledge escalation. https://isec.pl/en/vulnerabilities/isec-0021-uselib.txt NO-CAN-ASSIGNED Brad Spengler found several problems. - An integer overflow in the random poolsize sysctl handler. - SCSI ioctl integer overflow and information leak. - RLIMIT_MEMLOCK bypass and unprivileged user DoS. NO-CAN-ASSIGNED Coverity Inc. found a number of bugs with their automated source checker in coda, xfs, network bridging, rose network protocol, and the sdla wan driver. - Disable slab debugging. * Sat Jan 08 2005 Dave Jones - Periodic slab debug is incompatable with pagealloc debug. Disable the latter. - Update to 2.6.10-ac8 * Fri Jan 07 2005 Dave Jones - Bump up to -ac7 - Another new card reader. * Thu Jan 06 2005 Dave Jones - Rebase to 2.6.10-ac5 * Tue Jan 04 2005 Dave Jones - Rebase to 2.6.10-ac4 - Add periodic slab debug checker. * Mon Jan 03 2005 Dave Jones - Drop patch which meant we needed a newer gcc. (#144035) - Rebase to 2.6.10-ac2 - Enable SL82C104 IDE driver as built-in on PPC64 (#131033) 3358578123d1f533f59551e3ae57c58d SRPMS/kernel-2.6.10-1.737_FC3.src.rpm fefab702da72d80a17f288a732314f2f x86_64/kernel-2.6.10-1.737_FC3.x86_64.rpm 367a35017888dd291ae5d5e49d3d528f x86_64/kernel-smp-2.6.10-1.737_FC3.x86_64.rpm bdd8a314125cb1999b55c4f6f3cdb246 x86_64/debug/kernel-debuginfo-2.6.10-1.737_FC3.x86_64.rpm f48db7fff38c51f651364fc58443c30d x86_64/kernel-doc-2.6.10-1.737_FC3.noarch.rpm 36f98dd65ec1765c26770be7e6362a6f i386/kernel-2.6.10-1.737_FC3.i586.rpm a7122fda3dd50ac6adb24789fb6d1bba i386/kernel-smp-2.6.10-1.737_FC3.i586.rpm 415412abd0857a5789da547af0825864 i386/debug/kernel-debuginfo-2.6.10-1.737_FC3.i586.rpm 909a1a29aa29773b1d9918e2a7614844 i386/kernel-2.6.10-1.737_FC3.i686.rpm 30cd263a60bc43a502ce768c2354dc07 i386/kernel-smp-2.6.10-1.737_FC3.i686.rpm 0d19dc4ba95ca24403c8cf8aab1333d4 i386/debug/kernel-debuginfo-2.6.10-1.737_FC3.i686.rpm f48db7fff38c51f651364fc58443c30d i386/kernel-doc-2.6.10-1.737_FC3.noarch.rpm This update can also be installed with the Update Agent; you can launch the Update Agent with the 'up2date' command. fedora-announce-list@redhat.com http://www.redhat.com/mailman/listinfo/fedora-announce-list

Change Log

References

Update Instructions

Severity
Name : kernel
Version : 2.6.10
Release : 1.737_FC3
Summary : The Linux kernel (the core of the Linux operating system)

Related News

24.Key Code Esm H320
2 - 3 min read
The Akira ransomware group has extorted approximately $42 million from over 250 victims since January 1, 2024. The group initially focused on
5.ShakingHands Esm H320
2 - 3 min read
At The Linux Foundation's Open Source Summit North America , Linus Torvalds, the creator of Linux, discussed various topics related to Linux
30.Lock Globe Motherboard Esm H320
1 - 2 min read
The SPDX 3.0 release marks a significant milestone in software management, particularly for Linux admins, infosec professionals, internet security
11.Locks IsometricPattern Esm H320
2 - 3 min read
Open Source maintainers and developers have been warned about the continued wave of attacks aimed at project maintainers similar to those recently
28.Lock Globe Esm H320
1 - 2 min read
A resurgence of cyberattacks targeting Linux systems in Asian campaigns through the utilization of the Pupy Remote Access Trojan (RAT) has been
27.Tablet Connections Blocks Lock Esm H320
2 - 4 min read
Canonical has recently announced the Beta release of Ubuntu Linux 24.04 LTS , codenamed "Noble Numbat." This release aims to continue Ubuntu's
21.Globe RadiatingCode Esm H320
2 - 3 min read
The open-source movement has come a long way, from its origins in the 1960s and 1970s to becoming an integral part of organizations worldwide.
13.Lock StylizedMotherboard Esm H320
2 - 3 min read
The Rust-based Edera project demonstrates a unique approach to container security that addresses cloud-native computing challenges. Let's examine
Sign Up

Get the Latest News & Insights

Sign up to get the latest security news affecting Linux and open source delivered straight to your inbox.

© 2024 Guardian Digital, Inc All Rights Reserved