Tuesday, February 12, 2008

Security Fix: Kernel

All kernels in -Current as well as in -Stable has been upgraded to the latest version which has been patched to fix splice vulnerabilities that affected all kernel version from 2.6.17 and above. The -Current gets 2.6.23.26 while the -Stable gets the patch for 2.6.21.15.

Here's the changelog:
Mon Feb 11 17:47:58 CST 2008
a/kernel-generic-2.6.23.16-i486-1.tgz:
Upgraded to Linux 2.6.23.16 uniprocessor generic.s (requires initrd) kernel.
All of these kernel upgrades fix yesterday's local root exploit.
The kernel headers did not change, so a glibc rebuild is not required.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0010
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0163
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0600
(* Security fix *)
If you use lilo, don't forget to run it again after the upgrade.

a/kernel-generic-smp-2.6.23.16_smp-i686-1.tgz:
Upgraded to Linux 2.6.23.16 SMP gensmp.s (requires initrd) kernel.
(* Security fix *)

a/kernel-huge-2.6.23.16-i486-1.tgz:
Upgraded to Linux 2.6.23.16 uniprocessor huge.s (full-featured) kernel.
(* Security fix *)

a/kernel-huge-smp-2.6.23.16_smp-i686-1.tgz:
Upgraded to Linux 2.6.23.16 SMP hugesmp.s (full-featured) kernel.
(* Security fix *)

a/kernel-modules-2.6.23.16-i486-1.tgz
Upgraded to Linux 2.6.23.16 uniprocessor kernel modules.

a/kernel-modules-smp-2.6.23.16_smp-i686-1.tgz
Upgraded to Linux 2.6.23.16 SMP kernel modules.

d/kernel-headers-2.6.23.16_smp-i386-1.tgz:
Upgraded to Linux 2.6.23.16 SMP kernel headers.

k/kernel-source-2.6.23.16_smp-noarch-1.tgz
Upgraded to Linux 2.6.23.16 SMP kernel source.
(* Security fix *)

l/svgalib_helper-1.9.25_2.6.23.16-i486-1.tgz: Rebuilt for 2.6.23.16 kernels.

isolinux/initrd.img: Upgraded modules to 2.6.23.16.

kernels/huge.s/*: Upgraded huge.s kernel to 2.6.23.16.
(* Security fix *)

kernels/hugesmp.s/*: Upgraded hugesmp.s kernel to 2.6.23.16 (SMP).
(* Security fix *)

kernels/speakup.s: Updated speakup.s kernel to 2.6.23.16.
(* Security fix *)

extra/linux-2.6.23.16-nosmp-sdk/: Updated SMP to no-SMP kernel source patch.
(* Security fix *)

usb-and-pxe-installers/: Updated USB and PXE installers to 2.6.23.16 modules.