[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

UNIRAS Brief - 295/06 - Fedora Update Notification: FEDORA-2006-421 - kernel-2.6.16-1.2096_FC5



-----BEGIN PGP SIGNED MESSAGE-----

- ----------------------------------------------------------------------------------
   UNIRAS (UK Govt CERT) Briefing Notice - 295/06 dated 20.04.06  Time: 14:05  
  UNIRAS is part of NISCC (National Infrastructure Security Co-ordination Centre)
- ---------------------------------------------------------------------------------- 
  UNIRAS material is also available from its website at www.uniras.gov.uk and
         Information about NISCC is available from www.niscc.gov.uk
- ----------------------------------------------------------------------------------

Title
=====

Fedora Update Notification: FEDORA-2006-421 - kernel-2.6.16-1.2096_FC5

Detail
====== 

The kernel package contains the Linux kernel (vmlinuz), the core of any
Linux operating system.  The kernel handles the basic functions
of the operating system:  memory allocation, process allocation, device
input and output, etc.

- ---------------------------------------------------------------------
Fedora Update Notification
FEDORA-2006-421
2006-04-19
- ---------------------------------------------------------------------

Product     : Fedora Core 5
Name        : kernel
Version     : 2.6.16                      
Release     : 1.2096_FC5                  
Summary     : The Linux kernel (the core of the Linux operating system)
Description :
The kernel package contains the Linux kernel (vmlinuz), the core of any
Linux operating system.  The kernel handles the basic functions
of the operating system:  memory allocation, process allocation, device
input and output, etc.

- ---------------------------------------------------------------------
Update Information:

This update includes a number of security issues that have been
fixed upstream over the last week or so.

i386/x86-64: Fix x87 information leak between processes
(CVE-2006-1056)
ip_route_input panic fix (CVE-2006-1525)
fix MADV_REMOVE vulnerability (CVE-2006-1524)
shmat: stop mprotect from giving write permission to a
readonly attachment (CVE-2006-1524)
Fix MPBL0010 driver insecure sysfs permissions
x86_64: When user could have changed RIP always force IRET
(CVE-2006-0744)
Fix RCU signal handling
Keys: Fix oops when adding key to non-keyring (CVE-2006-1522)
sysfs: zero terminate sysfs write buffers (CVE-2006-1055)

It also includes various other fixes from the -stable tree.
Full changelogs are available from:

http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.16.9
http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.16.8
http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.16.7
http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.16.6
http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.16.5
http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.16.4
http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.16.3
http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.16.2

- ---------------------------------------------------------------------
* Wed Apr 19 2006 David Woodhouse <dwmw2@xxxxxxxxxx>
- - 2.6.16.9
* Wed Apr 19 2006 David Woodhouse <dwmw2@xxxxxxxxxx>
- - 2.6.16.8
* Tue Apr 18 2006 Dave Jones <davej@xxxxxxxxxx>
- - 2.6.16.7
- - Add missing %preuninstall for -kdump kernels. (#189100)
* Mon Apr 17 2006 Dave Jones <davej@xxxxxxxxxx>
- - 2.6.16.6
- - Disable the SMP alternatives patch for now.
- - Revive Xen.
* Mon Apr 17 2006 David Woodhouse <dwmw2@xxxxxxxxxx>
- - Add include/{mtd,rdma,keys} directories to kernel-devel package
* Sun Apr 16 2006 Dave Jones <davej@xxxxxxxxxx>
- - 2.6.16.5
* Fri Apr  7 2006 Dave Jones <davej@xxxxxxxxxx>
- - 2.6.16.2
* Tue Apr  4 2006 Dave Jones <davej@xxxxxxxxxx>
- - Reenable non-standard serial ports. (#187466)
- - Reenable snd-es18xx for x86-32 (#187733)
* Sun Apr  2 2006 David Woodhouse <dwmw2@xxxxxxxxxx>
- - Alternative (and optional) disable for R300 DRI.
* Fri Mar 31 2006 David Woodhouse <dwmw2@xxxxxxxxxx>
- - Send standard WEXT events on softmac assoc/disassociation.
* Mon Mar 27 2006 Dave Jones <davej@xxxxxxxxxx>
- - Enable SMP alternatives for x86/x86-64
- - Temporarily disable Xen.
- - Re-add kernel-smp-586

- ---------------------------------------------------------------------
This update can be downloaded from:
  http://download.fedora.redhat.com/pub/fedora/linux/core/updates/5/

1b154600afd2a807861f4c345c9a0ba91fbf5989  SRPMS/kernel-2.6.16-1.2096_FC5.src.rpm
1906067ca5433c7761c6a76a39c11e32a5b46b20  ppc/kernel-2.6.16-1.2096_FC5.ppc.rpm
3c8d8545d0495e65e9c00b516dddebf06ef2a0b5  ppc/kernel-devel-2.6.16-1.2096_FC5.ppc.rpm
64ae6db0caf5775a3e11436df8e5b5c4e7815777  ppc/kernel-smp-2.6.16-1.2096_FC5.ppc.rpm
4de1464a2f01291ce5e2b484290f7b10b6efecf6  ppc/kernel-smp-devel-2.6.16-1.2096_FC5.ppc.rpm
9f2d4c3a4621fe100a877eb042c9fe20d278fbc4  ppc/debug/kernel-debuginfo-2.6.16-1.2096_FC5.ppc.rpm
4db11e08971a9811a8c44a620525fb5adefc35a7  ppc/kernel-doc-2.6.16-1.2096_FC5.noarch.rpm
8c965c4c24d66cfc44fccb9a6ee01228765bde46  x86_64/kernel-2.6.16-1.2096_FC5.x86_64.rpm
02e10a26f452e0e23d1a40675366d9ad913498af  x86_64/kernel-devel-2.6.16-1.2096_FC5.x86_64.rpm
f355aa8afad6ac16d8d6e8c3327f4000ee1b64c8  x86_64/kernel-xen0-2.6.16-1.2096_FC5.x86_64.rpm
cbb322ec528eb7ec6993cdf30479fffb98ecd85e  x86_64/kernel-xen0-devel-2.6.16-1.2096_FC5.x86_64.rpm
b053231f89ecbf26478b60c605631d87bed41f25  x86_64/kernel-xenU-2.6.16-1.2096_FC5.x86_64.rpm
c6a74c4bca9685f0891d27a0577cb668bb5a4432  x86_64/kernel-xenU-devel-2.6.16-1.2096_FC5.x86_64.rpm
17b8772c65f05dd5fb41266a83fed31cc25549ee  x86_64/kernel-kdump-2.6.16-1.2096_FC5.x86_64.rpm
99083e54cd03824b7be0b6b978547166ab9abd4b  x86_64/kernel-kdump-devel-2.6.16-1.2096_FC5.x86_64.rpm
07f7e8f40fbf27e5266f74cff7628ebca0fbe493  x86_64/debug/kernel-debuginfo-2.6.16-1.2096_FC5.x86_64.rpm
4db11e08971a9811a8c44a620525fb5adefc35a7  x86_64/kernel-doc-2.6.16-1.2096_FC5.noarch.rpm
d8f1175d9a9810352ba9cca993d1a82dec945631  i386/kernel-2.6.16-1.2096_FC5.i586.rpm
9f01c5a2b65cf99d041195a82158d052bd751a96  i386/kernel-devel-2.6.16-1.2096_FC5.i586.rpm
43f54d92da6e2335f4e8f8b3aa989eccd8d37fb6  i386/kernel-smp-2.6.16-1.2096_FC5.i586.rpm
715cdc3a54439423bcad241e538c35b68de2a024  i386/kernel-smp-devel-2.6.16-1.2096_FC5.i586.rpm
8ba1e12fd323b2d260db430b20824ce0d3f98eae  i386/debug/kernel-debuginfo-2.6.16-1.2096_FC5.i586.rpm
c882dc2ed404175bd302d157385475ddc5bd5c6d  i386/kernel-2.6.16-1.2096_FC5.i686.rpm
9a587bdf25a17749d05681fdf4de98c744868224  i386/kernel-devel-2.6.16-1.2096_FC5.i686.rpm
1b088bc589b96cf64eb76315d0594682484e49ad  i386/kernel-smp-2.6.16-1.2096_FC5.i686.rpm
a3eea3d7e27ac25626943f53b71efbc116c54a31  i386/kernel-smp-devel-2.6.16-1.2096_FC5.i686.rpm
971ff3b72428b8271ee7209e729e0c9aab6732a3  i386/kernel-xen0-2.6.16-1.2096_FC5.i686.rpm
020b2cf22b5f07da7814e87ef486704e2ca5b79a  i386/kernel-xen0-devel-2.6.16-1.2096_FC5.i686.rpm
40addfb96fbcbf0057143c0924540e3c2202893c  i386/kernel-xenU-2.6.16-1.2096_FC5.i686.rpm
8d1aecc8b068b3af03588bda31571ef7e01e7ec6  i386/kernel-xenU-devel-2.6.16-1.2096_FC5.i686.rpm
254fd25a9bff3ff70672e522977b65fe320055af  i386/kernel-kdump-2.6.16-1.2096_FC5.i686.rpm
3c079c0bfaa0c986976805de62d808f19b6d5de9  i386/kernel-kdump-devel-2.6.16-1.2096_FC5.i686.rpm
fa18115b142013c488d317c0e72f66ece2de8ee8  i386/debug/kernel-debuginfo-2.6.16-1.2096_FC5.i686.rpm
4db11e08971a9811a8c44a620525fb5adefc35a7  i386/kernel-doc-2.6.16-1.2096_FC5.noarch.rpm

This update can be installed with the 'yum' update program.  Use 'yum update
package-name' at the command line.  For more information, refer to 'Managing
Software with yum,' available at http://fedora.redhat.com/docs/yum/.
- ---------------------------------------------------------------------



- ----------------------------------------------------------------------------------

For additional information or assistance, please contact the HELP Desk by 
telephone or Not Protectively Marked information may be sent via 
EMail to: uniras@xxxxxxxxxxxx

Office Hours:
Mon - Fri: 08:30 - 17:00 Hrs
Tel: +44 (0) 870 487 0748 Ext 4511
Fax: +44 (0) 870 487 0749

Outside of Office Hours:
On Call Duty Officer:
Tel: +44 (0) 870 487 0748 and follow the prompts

- ----------------------------------------------------------------------------------
UNIRAS wishes to acknowledge the contributions of Fedora for the information 
contained in this Briefing. 
- ----------------------------------------------------------------------------------
This Briefing contains the information released by the original author. Some 
of the information may have changed since it was released. If the vulnerability 
affects you, it may be prudent to retrieve the advisory from the site of the
original source to ensure that you receive the most current information concerning 
that problem.

Reference to any specific commercial product, process, or service by trade 
name, trademark manufacturer, or otherwise, does not constitute or imply 
its endorsement, recommendation, or favouring by UNIRAS or NISCC.  The views 
and opinions of authors expressed within this notice shall not be used for 
advertising or product endorsement purposes.

Neither UNIRAS or NISCC shall also accept responsibility for any errors 
or omissions contained within this briefing notice. In particular, they shall 
not be liable for any loss or damage whatsoever, arising from or in connection 
with the usage of information contained within this notice.

UNIRAS is a member of the Forum of Incident Response and Security Teams (FIRST) 
and has contacts with other international Incident Response Teams (IRTs) in 
order to foster cooperation and coordination in incident prevention, to prompt 
rapid reaction to incidents, and to promote information sharing amongst its 
members and the community at large. 
- ----------------------------------------------------------------------------------
<End of UNIRAS Briefing>

-----BEGIN PGP SIGNATURE-----
Version: PGP 8.1

iQCVAwUBREeGc4pao72zK539AQG8rAP+PXL7QVWVrVO5+eQty39PavrlZcV4+vEK
jxg0lxIN3X8Ky9s9kLmSwbmPM3yWTY/0k/N+i+Ivpi/TVn/h1bnvQqnwXVyKXrFd
3Y/mG+JJG5HvZRRTcGTloSloYTIorOLwmwOGYCRyuPX0Oq55LeIHCSNKOYHaLdde
Cg88NJrsKhQ=
=LPzb
-----END PGP SIGNATURE-----


______________________________________________________________________
This email has been scanned by the MessageLabs Email Security System.
For more information please visit http://www.messagelabs.com/email 
______________________________________________________________________

______________________________________________________________________
This email has been scanned by the MessageLabs Email Security System.
For more information please visit http://www.messagelabs.com/email 
______________________________________________________________________