drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Ausführen beliebiger Kommandos im Kernel
Name: |
Ausführen beliebiger Kommandos im Kernel |
|
ID: |
SSA:2009-231-01 |
|
Distribution: |
Slackware |
|
Plattformen: |
Slackware 12.2 |
|
Datum: |
Do, 20. August 2009, 04:12 |
|
Referenzen: |
Keine Angabe |
|
Applikationen: |
Linux |
|
Originalnachricht |
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
[slackware-security] kernel [updated] (SSA:2009-231-01)
This is a followup to the SSA:2009-230-01 advisory noting some errata.
The generic SMP kernel update for Slackware 12.2 was built using the .config for a huge kernel, not a generic one. The kernel previously published as kernel-generic-smp and in the gemsmp.s directory works and is secure, but is larger than it needs to be. It has been replaced in the Slackware 12.2 patches with a generic SMP kernel.
A new svgalib_helper package (compiled for a 2.6.27.31 kernel) was added to the Slackware 12.2 /patches.
An error was noticed in the SSA:2009-230-01 advisory concerning the packages for Slackware -current 32-bit. The http links given refer to packages with a -1 build version. The actual packages have a build number of -2.
Here are the details from the Slackware 12.2 ChangeLog: +--------------------------+ patches/packages/linux-2.6.27.31/kernel-modules-smp-2.6.27.31_smp-i686-2.tgz: Rebuilt the modules using the config-generic-smp-2.6.27.31-smp .config. patches/packages/linux-2.6.27.31/kernel-generic-smp-2.6.27.31_smp-i686-2.tgz: Fixed the .config to use config-generic-smp-2.6.27.31-smp. The config-generic-huge-2.6.27.31-smp was mistakenly used for build -1. Thanks to Chuck56 for the report. patches/packages/linux-2.6.27.31/kernel-source-2.6.27.31_smp-noarch-2.tgz: Changed the included .config to the config-generic-smp-2.6.27.31-smp version. patches/packages/svgalib_helper-1.9.25_2.6.27.31-i486-1_slack12.2.tgz: Recompiled for 2.6.27.31. +--------------------------+
Where to find the new packages: +-----------------------------+
HINT: Getting slow download speeds from ftp.slackware.com? Give slackware.osuosl.org a try. This is another primary FTP site for Slackware that can be considerably faster than downloading directly from ftp.slackware.com.
Thanks to the friendly folks at the OSU Open Source Lab (http://osuosl.org) for donating additional FTP and rsync hosting to the Slackware project! :-)
Also see the "Get Slack" section on http://slackware.com for additional mirror sites near you.
Updated kernel packages for Slackware 12.2 may be found here: kernel-modules-smp-2.6.27.31_smp-i686-2.tgz kernel-generic-smp-2.6.27.31_smp-i686-2.tgz kernel-source-2.6.27.31_smp-noarch-2.tgz
Signatures: +---------+
All packages are signed with the Slackware Security Team GPG signature for verification of authenticity. File may also be checked with the CHECKSUMS.md5 file provided in each Slackware directory tree, which is also signed with the Slackware GPG key.
Installation instructions: +------------------------+
Upgrade the kernel packages as root, rebuild the initrd with mkinitrd, and reinstall LILO. For details on the process of updating the Slackware 12.2 kernels, see the README file in /patches/packages/linux-2.6.27.31/.
+-----+
Slackware Linux Security Team http://slackware.com/gpg-key security@slackware.com
+------------------------------------------------------------------------+ | To leave the slackware-security mailing list: | +------------------------------------------------------------------------+ | Send an email to majordomo@slackware.com with this text in the body of | | the email message: | | | | unsubscribe slackware-security | | | | You will get a confirmation message back containing instructions to | | complete the process. Please do not reply to this email address. | +------------------------------------------------------------------------+ -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux)
iEYEARECAAYFAkqMrhwACgkQakRjwEAQIjMDMQCfUr9aBgojfZPF2e7osXkiy2FC bmwAnRA8P0oJ3jDsoj/Qpo9PB9OQGcza =jBXs -----END PGP SIGNATURE-----
|
|
|
|