[Subject Prev][Subject Next][Thread Prev][Thread Next][Subject Index][Thread Index]

(fwd) Trustix Security Advisory #2001-0003 - kernel

To: linux-delhi@xxxxxxxxxxxxxxxxxxxxx, linux-india-help@xxxxxxxxxxxxxxxxxxxxx
Subject: (fwd) Trustix Security Advisory #2001-0003 - kernel
From: Raju Mathur <raju@xxxxxxxxxxxxxxx>
Date: Fri, 6 Apr 2001 14:36:17 +0530 (IST)
Reply-to: raju@xxxxxxxxxxxxxxx

[Please upgrade to 2.2.19 if you're using any versions of kernel
2.2.x.  All distributions using 2.2.x are vulnerable -- Raju]

This is an RFC 1153 digest.
(1 message)
----------------------------------------------------------------------

Return-Path: <BUGTRAQ@xxxxxxxxxxxxxxxxx>
Approved-By: aleph1@xxxxxxxxxxxxxxxxx
Delivered-To: bugtraq@xxxxxxxxxxxxxxxxxxxxxxx
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
User-Agent: Mutt/1.2.5i
Message-ID:  <20010405175944.A6584@xxxxxxxxxxxxxxxxxxx>
Reply-To: tsl@xxxxxxxxxxx
X-To:         tsl-announce@xxxxxxxxxxx
X-cc:         linuxlist@xxxxxxxxxxxxxxxxxx
From: tsl@xxxxxxxxxxx
Sender: Bugtraq List <BUGTRAQ@xxxxxxxxxxxxxxxxx>
To: BUGTRAQ@xxxxxxxxxxxxxxxxx
Subject:      Trustix Security Advisory #2001-0003 - kernel
Date:         Thu, 5 Apr 2001 17:59:44 +0200

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- --------------------------------------------------------------------------
Trustix Secure Linux Security Advisory #2001-0003

Package name:      kernel
Severity:          Local root exploit
Date:              2001-04-05
Affected versions: TSL 1.01, 1.1, 1.2

- --------------------------------------------------------------------------

Problem description:
	Some time ago, a vulnerability was discovered that allowed for root
	access through ptrace call in the linux kernel.  This was
        originally considered fixed in a previous patch, but as it turns
        out, it wasn't. This is fixed in kernel version 2.2.19.

Action:
  We recommend all systems which has this package installed to be upgraded.
  Please see the Kernel Upgrade Howto, available from
  <URL:http://www.trustix.net/doc/kernel-upgrade/kernel-upgrade.html>
  for more information on how to upgrade your TSL kernel.

Location:
  All TSL updates are available from
  <URL:http://www.trustix.net/pub/Trustix/updates/>
  <URL:ftp://ftp.trustix.net/pub/Trustix/updates/>

Users of the SWUP tool, can enjoy having the security updates
automatically installed using 'swup --upgrade'.

Get SWUP from:
ftp://ftp.trustix.net/pub/Trustix/software/swup/

Note that you may not want to use SWUP to do unattended kernel upgrades,
and it does not do so by default.

Questions?
Check out our mailinglists:
http://www.trustix.net/support/


Verification:
This advisory is signed with the TSL sign key.  It is available from:
http://www.trustix.net/TSL-GPG-KEY


Trustix Security Team

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.4 (GNU/Linux)
Comment: For info see http://www.gnupg.org

iD8DBQE6zI25wRTcg4BxxS0RAnTXAJ9e/T9ysKpK9TQnXhP7V2aXsCiArgCdF12s
K17kWuT59qtzxW64YMduZFQ=
=m9sm
-----END PGP SIGNATURE-----
--
Trustix Secure Linux Advisor
Homepage:           http://www.trustix.net/
Errata:             http://www.trustix.net/errata/
Automatic updates:  http://www.trustix.net/pub/Trustix/software/swup/

------------------------------

End of this Digest
******************

-- 
Raju Mathur          raju@xxxxxxxxxxxxx           http://kandalaya.org/

Prev by Subject: (fwd) Samba 2.0.8 security fix
Next by Subject: Fwd: <nettime> Review of the CODE conference (Cambridge/UK, April 5-6, 2001)
Previous by thread: Re: [LIH] Re: (fwd) [SECURITY] [DSA 045-1] ntp remote root exploit fixed
Next by thread: query on solaris
Index(es):
- Subject
- Thread