[Aurora-sparc-security] [SECURITY] kernel security update
Tom 'spot' Callaway
tcallawa at redhat.com
Wed Sep 24 17:33:33 EDT 2003
2003-10-24
The Aurora SPARC Linux Project is releasing
kernel-2.4.20-2.31sparc
as a security update. Earlier releases of the kernel had a
ptrace-related vulnerability which can lead to elevated (root)
privileges. Since a Linux/SPARC exploit for this was published this
morning to this mailing list, all users of Aurora are STRONGLY advised
to upgrade to these errata packages which contain a patch and are not
vulnerable to this issue.
In addition, the famed "swapon segfault" bug that affects sparc32 is
resolved in this errata.
The updated packages can be found at
http://auroralinux.org/pub/updates/1.0/
SRPM:
kernel-2.4.20-2.31sparc.src.rpm
MD5SUM: 63c0434b41ee386af8544d985cc97b1d
sparc:
kernel-2.4.20-2.31sparc.sparc.rpm
MD5SUM: 8d7ba0aa34fc35f2c1788f16c816ff4f
kernel-BOOT-2.4.20-2.31sparc.sparc.rpm
MD5SUM: f6398c74ea10e7d3971008e3bd827c96
kernel-doc-2.4.20-2.31sparc.sparc.rpm
MD5SUM: 7807c461e8994fd6d02a2074b6250d2f
kernel-smp-2.4.20-2.31sparc.sparc.rpm
MD5SUM: 79e7dc4f448da38b807028c4ffa13f00
kernel-source-2.4.20-2.31sparc.sparc.rpm
MD5SUM: f689f60c6e0f1b270b07318324d90d0c
sparc64:
kernel-2.4.20-2.31sparc.sparc64.rpm
MD5SUM: 33cdca2806cc60a5cde17bf97812e6fa
kernel-BOOT-2.4.20-2.31sparc.sparc64.rpm
MD5SUM: c58b1f34ec0ee37bb9cc007c080f75e0
kernel-smp-2.4.20-2.31sparc.sparc64.rpm
MD5SUM: d11c4072d05eb8376654f6525ed9084d
More information can be found in Red Hat's advisory:
https://rhn.redhat.com/errata/RHSA-2003-103.html
~spot
---
Tom "spot" Callaway <tcallawa(a)redhat*com> LCA, RHCE
Red Hat Sales Engineer || Aurora SPARC Linux Project Leader
"The author's mathematical treatment of the conception of purpose is
novel and highly ingenious, but heretical and, so far as the present
social order is concerned, dangerous and potentially subversive. Not to
be published." -- Aldous Huxley
More information about the Aurora-sparc-security
mailing list