Home page logo
/

fulldisclosure logo Full Disclosure mailing list archives

[TURBOLINUX SECURITY INFO] 13/Dec/2004
From: Turbolinux <security-announce () turbolinux co jp>
Date: Mon, 13 Dec 2004 17:50:37 +0900

To: security-announce () turbolinux co jp
Message-Id: <200412131750.49195.security-announce () turbolinux co jp>
X-ML-Name: server-users-e
X-Mail-Count: 00039
X-MLServer: fml [fml 4.0 STABLE (20040215/4.0.4_BETA)](fml commands only mode); post only (only members can post)
X-ML-Info: If you have a question, send e-mail with the body
        "help" (without quotes) to the address server-users-e-ctl () turbolinux co jp;
        help=<mailto:server-users-e-ctl () turbolinux co jp?body=help>
User-Agent: KMail/1.5.4
Content-Disposition: inline
X-MIME-Autoconverted: from quoted-printable to 8bit by meigetsu.turbolinux.co.jp id iBD8ooH5014039
Mime-Version: 1.0
Content-Type: Text/Plain;
  charset="us-ascii"
Content-Transfer-Encoding: 8bit
Content-Description: clearsigned data
Precedence: bulk
Lines: 159
List-Id: server-users-e.turbolinux.co.jp
List-Software: fml [fml 4.0 STABLE (20040215/4.0.4_BETA)]
List-Post: <mailto:server-users-e () turbolinux co jp>
List-Owner: <mailto:server-users-e-admin () turbolinux co jp>
List-Help: <mailto:server-users-e-ctl () turbolinux co jp?body=help>
List-Unsubscribe: <mailto:server-users-e-ctl () turbolinux co jp?body=unsubscribe>
Resent-From: security-announce () turbolinux co jp
Resent-To: server-users-e () turbolinux co jp (moderated)
Resent-Date: Mon, 13 Dec 2004 17:51:58 +0900
Resent-Message-Id: <200412131751.FMLAAB14047.server-users-e () turbolinux co jp>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

This is an announcement only email list for the x86 architecture.
============================================================
Turbolinux Security Announcement 13/Dec/2004
============================================================

The following page contains the security information of Turbolinux Inc.

 - Turbolinux Security Center
   http://www.turbolinux.com/security/

 (1) kernel -> Security & Bugfix

===========================================================
* kernel -> Security & Bugfix
===========================================================

 More information:
    The kernel package contains the Linux kernel -- the core of the Linux
    operating system.

      The following have been addressed:
      - Numerous issues in the Linux ELF binary loader
      - Issues relating to IDE DMA transfers which prevent installation on
        machines with SiS chipsets using the SiS 962/963 IDE controller
      - Null pointer dereferencing in the SG driver
      - Kernel panic in the SG module caused by successive loading/unloading
        of SCSI LLD kernel modules (i.e., successive calls to insmod/rmmod)
      - Race condition in the usb-ehci module
      - Deadlock condition in the memory manager with certain application-level
        invocations of mutex_lock
      - Quirks in the snd-intel8x0 module on some HP machines
      - Kernel oops on USB CD devices
      - A problem causing processes to be killed with "Out of Memory" errors 

      The following have been added/updated:
      - 3c59x driver
      - aic7xxx driver
      - aic79xx driver
      - ndisdriver (0.12) driver
      - Support for 82597EX_LR by ixgb
      - megaraid (v2.20.4.1) driver
      - ext3 and xfs filesystem bug fixes and updates

 Impact:

 Affected Products:
    - Turbolinux 10 Server

 Solution:
    Please use the turbopkg (zabom) tool to apply the necessary updates.

    From KDE, click the K-menu (usually with the Turbolinux logo) and run
    Turbo Update.

    From the command line, use the commands below.
 ---------------------------------------------
 # turboupdate
 or
 # zabom -u kernel kernel-extramodules kernel-headers kernel-numa \
                   kernel-pcmcia-cs kernel-smp kernel-smp64G kernel-source
 ---------------------------------------------


 <Turbolinux 10 Server>

   Source Packages
   Size : MD5

   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/10/updates/SRPMS/kernel-2.6.8-3.src.rpm
     55161164 0ca8e635c4ddbb235f2f83fc0acf7593

   Binary Packages
   Size : MD5

   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/10/updates/RPMS/kernel-2.6.8-3.i586.rpm
     16448993 a4529057b9c3b6bf019806883e1331cd
   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/10/updates/RPMS/kernel-extramodules-2.6.8-3.i586.rpm
      6838609 63f0d926c8183cd41543ec13eabe674a
   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/10/updates/RPMS/kernel-headers-2.6.8-3.i586.rpm
      1894893 b3a3002daf1db85a46e3556470aa195f
   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/10/updates/RPMS/kernel-numa-2.6.8-3.i586.rpm
     16248001 bb0f877d54a012e84028d45427ce9b6d
   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/10/updates/RPMS/kernel-pcmcia-cs-2.6.8-3.i586.rpm
       334019 417d3e3c63b8529fa23ad49ec409583e
   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/10/updates/RPMS/kernel-smp-2.6.8-3.i586.rpm
     16216652 b8a05fec8bf1da3a5303e993923e55eb
   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/10/updates/RPMS/kernel-smp64G-2.6.8-3.i586.rpm
     16205367 87e1a7a968d46d035e29d6476adf9a62
   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/10/updates/RPMS/kernel-source-2.6.8-3.i586.rpm
     32759397 2099739a50e643ec02348732051a6147


 Notice: You must reboot your system for this (kernel) update to take effect.

 References:

 CVE
   [CAN-2004-1070]
   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1070
   [CAN-2004-1071]
   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1071
   [CAN-2004-1072]
   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1072
   [CAN-2004-1073]
   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1073
   [CAN-2004-1074]
   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1074


 * You may need to update the turbopkg tool before applying the update.
Please refer to the following URL for detailed information.

  http://www.turbolinux.com/download/zabom.html
  http://www.turbolinux.com/download/zabomupdate.html

Package Update Path
http://www.turbolinux.com/update/

============================================================
 * To obtain the public key

Here is the public key

 http://www.turbolinux.com/security/

 * To unsubscribe from the list

If you ever want to remove yourself from this mailing list,
  you can send a message to <server-users-e-ctl () turbolinux co jp> with
the word `unsubscribe' in the body (don't include the quotes).

unsubscribe

 * To change your email address

If you ever want to chage email address in this mailing list,
  you can send a message to <server-users-e-ctl () turbolinux co jp> with
the following command in the message body:

  chaddr 'old address' 'new address'

If you have any questions or problems, please contact
<supp_info () turbolinux co jp>

Thank you!

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.6 (GNU/Linux)

iD8DBQFBvVflK0LzjOqIJMwRAugXAJ4kdTgEmP7fNlQaldp36E244r7VlACcCdg7
qpyUBeD83kSOS83W0a6DJKo=
=Hn8D
-----END PGP SIGNATURE-----




_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html


  By Date           By Thread  

Current thread:
  • [TURBOLINUX SECURITY INFO] 13/Dec/2004 Turbolinux (Dec 13)
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]