[SECURITY] Fedora Core 6 Update: kernel-2.6.20-1.2925.fc6
Chuck Ebbert
cebbert at redhat.com
Wed Mar 14 20:19:42 UTC 2007
---------------------------------------------------------------------
Fedora Update Notification
FEDORA-2007-335
2007-03-14
---------------------------------------------------------------------
Product : Fedora Core 6
Name : kernel
Version : 2.6.20
Release : 1.2925.fc6
Summary : The Linux kernel (the core of the Linux operating system)
Description :
The kernel package contains the Linux kernel (vmlinuz), the core of any
Linux operating system. The kernel handles the basic functions
of the operating system: memory allocation, process allocation, device
input and output, etc.
---------------------------------------------------------------------
Update Information:
Rebased to kernel 2.6.20.3-rc1:
http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.20
http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.20.1
(The CVE fix in 2.6.20.1 is already in
kernel-2.6.19-1.2911.6.5.fc6.)
http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.20.2
Changelog for 2.6.20.3 is not available yet.
This release does not include Xen kernels.
CVE-2007-0005:
A vulnerability has been reported in the Linux Kernel, which
potentially can be exploited by malicious, local users to
cause a DoS (Denial of Service) or gain escalated privileges.
The vulnerability is caused due to boundary errors within
the "read()" and "write()" functions of the Omnikey CardMan
4040 driver. This can be exploited to cause a buffer
overflow and may allow the execution of arbitrary code with
kernel privileges.
CVE-2007-1000:
A vulnerability has been reported in the Linux Kernel, which
can be exploited by malicious, local users to cause a DoS
(Denial of Service) or disclose potentially sensitive
information.
The vulnerability is due to a NULL pointer dereference
within the "ipv6_getsockopt_sticky()" function in
net/ipv6/ipv6_sockglue.c. This can be exploited to crash the
kernel or disclose kernel memory.
---------------------------------------------------------------------
* Sat Mar 10 2007 Chuck Ebbert <cebbert at redhat.com>
- 2.6.20.3-rc1
- removed (now in 2.6.20.3-rc1):
1787: linux-2.6-net_bcm43xx_1GB_DMA_fix.patch
1793: linux-2.6-nf_conntrack_fix_cleanup.patch
- backported the latest utrace
* Fri Mar 9 2007 Chuck Ebbert <cebbert at redhat.com>
- 2.6.20.2
- removed (because they are in 2.6.20.2)
1792: linux-2.6-cardman_buffer_overflow.patch (CVE-2007-0005)
1794: linux-2.6-x86_64_survive_no_irq_for_vector.patch
- updated
linux-2.6-gfs2-update.patch (Steve Whitehouse)
- added
1792: linux-2.6-20_git-serio-keyboard.patch
1794: linux-2.6-20_ia64_chip_mask.patch (Prarit)
* Wed Mar 7 2007 Chuck Ebbert <cebbert at redhat.com>
- 2.6.20.2-rc1
- Additional fixes:
1787: linux-2.6-net_bcm43xx_1GB_DMA_fix.patch
1790: linux-2.6-jfs_fix_deadlock.patch
1791: linux-2.6-git-serio-1e4865f8d469b1.patch
1792: linux-2.6-cardman_buffer_overflow.patch (CVE-2007-0005)
1793: linux-2.6-nf_conntrack_fix_cleanup.patch
1794: linux-2.6-x86_64_survive_no_irq_for_vector.patch
---------------------------------------------------------------------
This update can be downloaded from:
http://download.fedora.redhat.com/pub/fedora/linux/core/updates/6/
1e96966eca140860a2f07e917ccfbbfc6b6f9d33 SRPMS/kernel-2.6.20-1.2925.fc6.src.rpm
1e96966eca140860a2f07e917ccfbbfc6b6f9d33 noarch/kernel-2.6.20-1.2925.fc6.src.rpm
2e8f4c85f66b6f9b4893386e05e4202dc091e1a6 ppc/kernel-smp-2.6.20-1.2925.fc6.ppc.rpm
cdeaaa46cc706a4e591787611f4fb262360ff331 ppc/kernel-devel-2.6.20-1.2925.fc6.ppc.rpm
a2be388980f7d24871e62de6f82bab69e88f1e6d ppc/kernel-2.6.20-1.2925.fc6.ppc.rpm
c40384a238e35bacd350276ca03bb9239dcab31f ppc/kernel-smp-devel-2.6.20-1.2925.fc6.ppc.rpm
ea3d9acf1473a7a11814b7fe5ab45dbc7b00bf32 ppc/kernel-headers-2.6.20-1.2925.fc6.ppc.rpm
3508dc83fe0335f27e405949a8dd0c88d9612480 ppc/debug/kernel-debuginfo-common-2.6.20-1.2925.fc6.ppc.rpm
eab1c97402fd0f65d949afba51a903a3ae09a8f1 ppc/debug/kernel-debuginfo-2.6.20-1.2925.fc6.ppc.rpm
9e09fa9eb8c79c7f5f9bb7fb90821da53aa1fa6c ppc/debug/kernel-smp-debuginfo-2.6.20-1.2925.fc6.ppc.rpm
17e0eb72fa42891cf2ef7ff77ee05d9e62542e86 ppc/kernel-doc-2.6.20-1.2925.fc6.noarch.rpm
98556c2c70ed2edb8183426cfa747952b6145507 x86_64/debug/kernel-debuginfo-2.6.20-1.2925.fc6.x86_64.rpm
85bcbb0bdd651262fb87319faec521b42d6b5853 x86_64/debug/kernel-kdump-debuginfo-2.6.20-1.2925.fc6.x86_64.rpm
bf4746470df73b6a128b43768756261c2d69f01c x86_64/kernel-headers-2.6.20-1.2925.fc6.x86_64.rpm
f50f3ccbe51df955fcdf8a58388dfb432d333d0e x86_64/kernel-debug-devel-2.6.20-1.2925.fc6.x86_64.rpm
6604a438f446e169587b3466858f87bcacf701e3 x86_64/kernel-debug-2.6.20-1.2925.fc6.x86_64.rpm
c7a9df00ca676ce8316c25c6e57ccb7dabeb1be6 x86_64/debug/kernel-debuginfo-common-2.6.20-1.2925.fc6.x86_64.rpm
cbc9955b0d0c95097ab55e265f6b1464017309d7 x86_64/debug/kernel-debug-debuginfo-2.6.20-1.2925.fc6.x86_64.rpm
1c495a4e7431fed52310e5f58af71b10863f0e83 x86_64/kernel-kdump-2.6.20-1.2925.fc6.x86_64.rpm
d4e4154269165be26ad5a89d35a76678f12e778e x86_64/kernel-2.6.20-1.2925.fc6.x86_64.rpm
2fdd4aead110774f09b1d9607f3b8b162f988635 x86_64/kernel-kdump-devel-2.6.20-1.2925.fc6.x86_64.rpm
ce0049ca4afe15722966076fc4313a6366b20f61 x86_64/kernel-devel-2.6.20-1.2925.fc6.x86_64.rpm
17e0eb72fa42891cf2ef7ff77ee05d9e62542e86 x86_64/kernel-doc-2.6.20-1.2925.fc6.noarch.rpm
233064977dde3cf55c5cc73ef3bd2520c85509b6 i386/kernel-headers-2.6.20-1.2925.fc6.i386.rpm
f7d908662538ea799d888bbae2e4d3bbb296e826 i386/kernel-devel-2.6.20-1.2925.fc6.i586.rpm
c6f810925d04a39285d453a2ac93ca4f61cddf6f i386/debug/kernel-debuginfo-common-2.6.20-1.2925.fc6.i586.rpm
45dae96a36c542deca23ead5350af1b375524ea0 i386/kernel-2.6.20-1.2925.fc6.i586.rpm
35f042a2b1dc645d3753a0e5b6ee276a798cfd73 i386/debug/kernel-debuginfo-2.6.20-1.2925.fc6.i586.rpm
7e4cef2b388734b9098b1c8c7cc72c9805260b08 i386/debug/kernel-debug-debuginfo-2.6.20-1.2925.fc6.i686.rpm
b424b5a9f8589490f9bc29ff46fcda7d6d281ed3 i386/debug/kernel-debuginfo-2.6.20-1.2925.fc6.i686.rpm
790be9df7579206c4faccd547a614eaed6e19048 i386/kernel-PAE-debug-2.6.20-1.2925.fc6.i686.rpm
502000ec6f36d387fca23a50c69a97ef39fa4738 i386/kernel-devel-2.6.20-1.2925.fc6.i686.rpm
00bde4c5281c6375bea34c18e9602e51077f83da i386/kernel-2.6.20-1.2925.fc6.i686.rpm
afe3e6a87a5ca9163b3fb40489d988a076fdf0f4 i386/kernel-kdump-devel-2.6.20-1.2925.fc6.i686.rpm
23270de87d481b4f19b74a30b8196e87501686b8 i386/kernel-PAE-debug-devel-2.6.20-1.2925.fc6.i686.rpm
7578fb34ee14f54a6989c71564204564c931ec30 i386/kernel-PAE-2.6.20-1.2925.fc6.i686.rpm
c5232a8d64e0f37f4e87ba6176a83f496b1cfe71 i386/kernel-debug-2.6.20-1.2925.fc6.i686.rpm
4e0a1d64766d6db0d452809c2466ad856013e4e8 i386/kernel-PAE-devel-2.6.20-1.2925.fc6.i686.rpm
0504cbff19dc6df18d66c153c9fa9615205de20b i386/debug/kernel-PAE-debug-debuginfo-2.6.20-1.2925.fc6.i686.rpm
76cf4bb6784c09056990f442a2dfa6094437ebe2 i386/kernel-kdump-2.6.20-1.2925.fc6.i686.rpm
eec6c8a2444f87b645514ab8e02816d819192a87 i386/debug/kernel-PAE-debuginfo-2.6.20-1.2925.fc6.i686.rpm
46abd913f7c1339c74bef1283b55a333dfc97fb6 i386/debug/kernel-debuginfo-common-2.6.20-1.2925.fc6.i686.rpm
eefa86c1893349601e8e27f5439fc0d6077ecaee i386/kernel-debug-devel-2.6.20-1.2925.fc6.i686.rpm
7dfb5bb8147ab1e091fb98f5abdc07a6e827b904 i386/debug/kernel-kdump-debuginfo-2.6.20-1.2925.fc6.i686.rpm
17e0eb72fa42891cf2ef7ff77ee05d9e62542e86 i386/kernel-doc-2.6.20-1.2925.fc6.noarch.rpm
This update can be installed with the 'yum' update program. Use 'yum update
package-name' at the command line. For more information, refer to 'Managing
Software with yum,' available at http://fedora.redhat.com/docs/yum/.
---------------------------------------------------------------------
More information about the Fedora-package-announce
mailing list