English | Deutsch | Español | Português
 UserID:
 Passwd:
new user
 About:   Dedicated  | Advanced  | Standard  | Recurring  | No Risk  | Desktop  | Basic  | Single  | Security Seal  | FAQ
  Price/Feature Summary  | Order  | New Vulnerabilities  | Confidentiality  | Vulnerability Search
 Vulnerability   
Search   
    Search 143769 CVE descriptions
and 71225 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- --------------------------------------------------------------------------
Trustix Secure Linux Security Advisory #2005-0011

Package name:      kernel
Summary:           Various security bugs
Date:              2005-04-05
Affected versions: Trustix Secure Linux 2.1
                   Trustix Secure Linux 2.2
                   Trustix Operating System - Enterprise Server 2

- --------------------------------------------------------------------------
Package description:
  The kernel package contains the Linux kernel (vmlinuz), the core of your
  Trustix Secure Linux operating system.  The kernel handles the basic
  functions of the operating system:  memory allocation, process allocation,
  device input and output, etc.


Problem description:
  Mathieu Lafon didcovered an information leak in the ext2 mkdir() function
  where random kernel memory is written to disk.

  The Common Vulnerabilities and Exposures project (cve.mitre.org) has
  assigned the name CAN-2005-0400 to this issue.


  Herbert Xu discovered a potential DOS in load_elf_library.

  The Common Vulnerabilities and Exposures project (cve.mitre.org) has
  assigned the name CAN-2005-0749 to this issue.


  Ilja van Sprundel discovered an exploitable integer overflow in
  af_bluetooth which could lead to priviliege escalation.

  The Common Vulnerabilities and Exposures project (cve.mitre.org) has
  assigned the name CAN-2005-0750 to this issue.


Action:
  We recommend that all systems with this package installed be upgraded.
  Please note that if you do not need the functionality provided by this
  package, you may want to remove it from your system.


Location:
  All Trustix Secure Linux updates are available from
  <URI:http://http.trustix.org/pub/trustix/updates/>
  <URI:ftp://ftp.trustix.org/pub/trustix/updates/>


About Trustix Secure Linux:
  Trustix Secure Linux is a small Linux distribution for servers. With focus
  on security and stability, the system is painlessly kept safe and up to
  date from day one using swup, the automated software updater.


Automatic updates:
  Users of the SWUP tool can enjoy having updates automatically
  installed using 'swup --upgrade'.


Questions?
  Check out our mailing lists:
  <URI:http://www.trustix.org/support/>


Verification:
  This advisory along with all Trustix packages are signed with the
  TSL sign key.
  This key is available from:
  <URI:http://www.trustix.org/TSL-SIGN-KEY>

  The advisory itself is available from the errata pages at
  <URI:http://www.trustix.org/errata/trustix-2.1/> and
  <URI:http://www.trustix.org/errata/trustix-2.2/>
  or directly at
  <URI:http://www.trustix.org/errata/2005/0011/>


MD5sums of the packages:
- --------------------------------------------------------------------------
5a101df55c1b7913557af4f6973de263  2.2/rpms/kernel-2.4.30-2tr.i586.rpm
8168ff203ce1d9d8abfac4e8ea43bc56  2.2/rpms/kernel-BOOT-2.4.30-2tr.i586.rpm
2c7f4c7f9a7b6f4046712aa11bc54a81  2.2/rpms/kernel-doc-2.4.30-2tr.i586.rpm
de8a41479e466904e1e4ac48f404d15d  2.2/rpms/kernel-smp-2.4.30-2tr.i586.rpm
09bc2ed6711f8cd78eacd4231b10c3a2  2.2/rpms/kernel-source-2.4.30-2tr.i586.rpm
6443f710872c3c70f7bcc3b4ed14d20c  2.2/rpms/kernel-utils-2.4.30-2tr.i586.rpm

1b56583fb5e9c9c6feb7bd2210be9f4b  2.1/rpms/kernel-2.4.30-1tr.i586.rpm
3d56c6e78d2efef344fc40d0909dc0ed  2.1/rpms/kernel-BOOT-2.4.30-1tr.i586.rpm
b8587c2e64c1f78f3dc0f450fa7958f9  2.1/rpms/kernel-doc-2.4.30-1tr.i586.rpm
e2eca2719a9cb1243ba6e67dc59d8fde  2.1/rpms/kernel-firewall-2.4.30-1tr.i586.rpm
28469f57323a08a810315e8120bf212e  2.1/rpms/kernel-firewallsmp-2.4.30-1tr.i586.rpm
7df6788b4799278b7f573ca6c32cd2b2  2.1/rpms/kernel-smp-2.4.30-1tr.i586.rpm
f54c959f4c7bbd08ff1d8d6f4fcf3e8e  2.1/rpms/kernel-source-2.4.30-1tr.i586.rpm
15358a847f862cf00d9130682e58844d  2.1/rpms/kernel-utils-2.4.30-1tr.i586.rpm
- --------------------------------------------------------------------------


Trustix Security Team

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.6 (GNU/Linux)

iD8DBQFCUpovi8CEzsK9IksRAjTyAJ9vFZ/l4PKsPKtptwp7swMpR5n3nQCcD/9D
kr7wqn50Gvl5Fn5W+ZxNXLU=
=Cbpv
-----END PGP SIGNATURE-----

New User Registration
Email:
UserID:
Passwd:
Please email me your monthly newsletters, informing the latest services, improvements & surveys.
Please email me a vulnerability test announcement whenever a new test is added.
   Privacy
Registered User Login
 
UserID:   
Passwd:  

 Forgot userid or passwd?
Email/Userid:




Home | About Us | Contact Us | Partner Programs | Developer APIs | Privacy | Mailing Lists | Abuse
Security Audits | Managed DNS | Network Monitoring | Site Analyzer | Internet Research Reports
Web Probe

© 1998-2019 E-Soft Inc. All rights reserved.