Has AMD Finally Fixed Tearing With Its Linux Driver?  

Posted by Daniela Mehler

Phoronix takes a look at the new ATI Linux drivers

AMD put out a rare beta Linux driver this Monday and they have now just announced the release of the Catalyst 11.1 driver as their stable monthly update for Linux and Windows users. With this Catalyst driver, there is though one interesting but hidden feature that is sure to please many ATI/AMD Radeon Linux desktop users.

Has AMD Finally Fixed Tearing With Its Linux Driver?


Has AMD Finally Fixed Tearing With Its Linux Driver?



How To Install Latest Intel Driver 2.12 On Ubuntu 10.04 (Lucid Lynx)

DSA 2151-1: New OpenOffice.org packages fix several vulnerabilities  

Posted by Daniela Mehler

New OpenOffice packages are available for Debian GNU/Linux

- --------------------------------------------------------------------------
Debian Security Advisory DSA 2151-1 security@debian.org
http://www.debian.org/security/ Martin Schulze
January 26th, 2011 http://www.debian.org/security/faq
- --------------------------------------------------------------------------

Package : openoffice.org
Vulnerability : several
Problem type : local (remote)
Debian-specific: no
CVE ID : CVE-2010-3450 CVE-2010-3451 CVE-2010-3452 CVE-2010-3453
CVE-2010-3454 CVE-2010-3689 CVE-2010-4253 CVE-2010-4643

Several security related problems have been discovered in the
OpenOffice.org package that allows malformed documents to trick the
system into crashes or even the execution of arbitrary code.

CVE-2010-3450

During an internal security audit within Red Hat, a directory
traversal vulnerability has been discovered in the way
OpenOffice.org 3.1.1 through 3.2.1 processes XML filter files. If
a local user is tricked into opening a specially-crafted OOo XML
filters package file, this problem could allow remote attackers to
create or overwrite arbitrary files belonging to local user or,
potentially, execute arbitrary code.

CVE-2010-3451

During his work as a consultant at Virtual Security Research
(VSR), Dan Rosenberg discovered a vulnerability in
OpenOffice.org's RTF parsing functionality. Opening a maliciously
crafted RTF document can caus an out-of-bounds memory read into
previously allocated heap memory, which may lead to the execution
of arbitrary code.

CVE-2010-3452

Dan Rosenberg discovered a vulnerability in the RTF file parser
which can be leveraged by attackers to achieve arbitrary code
execution by convincing a victim to open a maliciously crafted RTF
file.

CVE-2010-3453

As part of his work with Virtual Security Research, Dan Rosenberg
discovered a vulnerability in the WW8ListManager::WW8ListManager()
function of OpenOffice.org that allows a maliciously crafted file
to cause the execution of arbitrary code.

CVE-2010-3454

As part of his work with Virtual Security Research, Dan Rosenberg
discovered a vulnerability in the WW8DopTypography::ReadFromMem()
function in OpenOffice.org that may be exploited by a maliciously
crafted file which allowins an attacker to control program flow
and potentially execute arbitrary code.

CVE-2010-3689

Dmitri Gribenko discovered that the soffice script does not treat
an empty LD_LIBRARY_PATH variable like an unset one, may lead to
the execution of arbitrary code.

CVE-2010-4253

A heap based buffer overflow has been discovered with unknown impact.

CVE-2010-4643

A vulnerability has been discovered in the way OpenOffice.org
handles TGA graphics which can be tricked by a specially crafted
TGA file that could cause the program to crash due to a heap-based
buffer overflow with unknown impact.


For the stable distribution (lenny) these problems have been fixed in
version 2.4.1+dfsg-1+lenny11.

For the upcoming stable distribution (squeeze) these problems have
been fixed in version 3.2.1-11+squeeze1.

For the unstable distribution (sid) these problems have been fixed in
version 3.2.1-11+squeeze1.

For the experimental distribution these problems have been fixed in
version 3.3.0~rc3-1.

We recommend that you upgrade your OpenOffice.org packages.


Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: http://www.debian.org/security/

DSA 2150-1: request-tracker3.6 security update

A Look At Jolicloud, Cloud-Based Linux Desktop Computing  

Posted by Daniela Mehler

HotHardware takes a look at Jolicloud, Cloud-Based Linux Desktop Computing

Jolicloud is a Linux-based OS with an extremely clean UI that taps into the world of cloud computing, where you have access to your data, files and desktop, virtually anywhere you go. Anyone trying this relative newcomer OS might call it accessible because it has an extremely easy-to-use interface. Or, it could be called accessible in the sense that it's free and will run on minimal hardware. Or, it may be accessible because it integrates concepts familiar to social networking users directly into the main interface.

You get the idea, now let's take a quick look at this new Linux client that is making a splash in the market with cloud service-based computing.

A Look At Jolicloud, Cloud-Based Linux Desktop Computing


A Look At Jolicloud, Cloud-Based Linux Desktop Computing



The Perfect Desktop - Linux Mint Debian 201009

Viewsonic Viewpad 7 Review  

Posted by Daniela Mehler

TechReviewSource.com posted a review on the Viewsonic Viewpad 7 Android tablet

here's no shortage of Android tablets these days, and most of the options available are almost completely indistinguishable. Viewsonic, however, has made smart moves in trying to set itself apart from that cadre of me-too products with the Viewsonic Viewpad 7. The Viewpad 7 is a 7-inch Android tablet with a wider-than-typical assortment of features including voice calling, dual cameras, stereo speakers, and full access to the Android Market.

Viewsonic Viewpad 7 Review


Viewsonic Viewpad 7 Review



Linux Mint 10 Review

Install Liferea On Ubuntu 10.10  

Posted by Daniela Mehler

n00bs on Ubuntu shows you how to install Liferea on Ubuntu 10.10

Liferea (Linux Feed Reader) is an aggregator for online news feeds. There are many other news readers available, but these others are not available for Linux or require many extra libraries to be installed.

Install Liferea On Ubuntu 10.10


Install Liferea On Ubuntu 10.10



HOW-TO: Install the latest proprietary graphics driver in Ubuntu

RHSA-2011:0177-01: Moderate: webkitgtk security update  

Posted by Daniela Mehler

A webkitgtk security update is available for RHEL 6

=====================================================================
Red Hat Security Advisory

Synopsis: Moderate: webkitgtk security update
Advisory ID: RHSA-2011:0177-01
Product: Red Hat Enterprise Linux
Advisory URL: https://rhn.redhat.com/errata/RHSA-2011-0177.html
Issue date: 2011-01-25
CVE Names: CVE-2010-1780 CVE-2010-1782 CVE-2010-1783
CVE-2010-1784 CVE-2010-1785 CVE-2010-1786
CVE-2010-1787 CVE-2010-1788 CVE-2010-1790
CVE-2010-1792 CVE-2010-1793 CVE-2010-1807
CVE-2010-1812 CVE-2010-1814 CVE-2010-1815
CVE-2010-3113 CVE-2010-3114 CVE-2010-3115
CVE-2010-3116 CVE-2010-3119 CVE-2010-3255
CVE-2010-3257 CVE-2010-3259 CVE-2010-3812
CVE-2010-3813 CVE-2010-4197 CVE-2010-4198
CVE-2010-4204 CVE-2010-4206 CVE-2010-4577
=====================================================================

1. Summary:

Updated webkitgtk packages that fix several security issues are now
available for Red Hat Enterprise Linux 6.

The Red Hat Security Response Team has rated this update as having moderate
security impact. Common Vulnerability Scoring System (CVSS) base scores,
which give detailed severity ratings, are available for each vulnerability
from the CVE links in the References section.

2. Relevant releases/architectures:

Red Hat Enterprise Linux Desktop (v. 6) - i386, x86_64
Red Hat Enterprise Linux Desktop Optional (v. 6) - i386, x86_64
Red Hat Enterprise Linux HPC Node Optional (v. 6) - x86_64
Red Hat Enterprise Linux Server (v. 6) - i386, ppc64, s390x, x86_64
Red Hat Enterprise Linux Server Optional (v. 6) - i386, ppc64, s390x, x86_64
Red Hat Enterprise Linux Workstation (v. 6) - i386, x86_64
Red Hat Enterprise Linux Workstation Optional (v. 6) - i386, x86_64

3. Description:

WebKitGTK+ is the port of the portable web rendering engine WebKit to the
GTK+ platform.

Multiple memory corruption flaws were found in WebKit. Malicious web
content could cause an application using WebKitGTK+ to crash or,
potentially, execute arbitrary code with the privileges of the user running
the application. (CVE-2010-1782, CVE-2010-1783, CVE-2010-1784,
CVE-2010-1785, CVE-2010-1787, CVE-2010-1788, CVE-2010-1790, CVE-2010-1792,
CVE-2010-1807, CVE-2010-1814, CVE-2010-3114, CVE-2010-3116, CVE-2010-3119,
CVE-2010-3255, CVE-2010-3812, CVE-2010-4198)

Multiple use-after-free flaws were found in WebKit. Malicious web content
could cause an application using WebKitGTK+ to crash or, potentially,
execute arbitrary code with the privileges of the user running the
application. (CVE-2010-1780, CVE-2010-1786, CVE-2010-1793, CVE-2010-1812,
CVE-2010-1815, CVE-2010-3113, CVE-2010-3257, CVE-2010-4197, CVE-2010-4204)

Two array index errors, leading to out-of-bounds memory reads, were found
in WebKit. Malicious web content could cause an application using
WebKitGTK+ to crash. (CVE-2010-4206, CVE-2010-4577)

A flaw in WebKit could allow malicious web content to trick a user into
thinking they are visiting the site reported by the location bar, when the
page is actually content controlled by an attacker. (CVE-2010-3115)

It was found that WebKit did not correctly restrict read access to images
created from the "canvas" element. Malicious web content could allow a
remote attacker to bypass the same-origin policy and potentially access
sensitive image data. (CVE-2010-3259)

A flaw was found in the way WebKit handled DNS prefetching. Even when it
was disabled, web content containing certain "link" elements could cause
WebKitGTK+ to perform DNS prefetching. (CVE-2010-3813)

Users of WebKitGTK+ should upgrade to these updated packages, which contain
WebKitGTK+ version 1.2.6, and resolve these issues. All running
applications that use WebKitGTK+ must be restarted for this update to take
effect.

4. Solution:

Before applying this update, make sure all previously-released errata
relevant to your system have been applied.

This update is available via the Red Hat Network. Details on how to
use the Red Hat Network to apply this update are available at
http://kbase.redhat.com/faq/docs/DOC-11259

5. Bugs fixed (http://bugzilla.redhat.com/):

627366 - CVE-2010-1780 CVE-2010-1782 CVE-2010-1783 CVE-2010-1784 CVE-2010-1785 CVE-2010-1786 CVE-2010-1787 CVE-2010-1788 CVE-2010-1790 CVE-2010-1792 CVE-2010-1793 WebKit: multiple vulnerabilities in WebKitGTK
627703 - CVE-2010-1807 webkit: input validation error when parsing certain NaN values
628032 - CVE-2010-3113 webkit: memory corruption when handling SVG documents
628035 - CVE-2010-3114 webkit: bad cast with text editing
628071 - CVE-2010-3115 webkit: address bar spoofing with history bug
628076 - CVE-2010-3119 webkit: DoS due to improper Ruby support
631939 - CVE-2010-1812 webkit: use-after-free flaw in handling of selections
631946 - CVE-2010-1814 webkit: memory corruption flaw when handling form menus
631948 - CVE-2010-1815 webkit: use-after-free flaw when handling scrollbars
640353 - CVE-2010-3116 webkit: memory corruption with MIME types
640357 - CVE-2010-3257 webkit: stale pointer issue with focusing
640360 - CVE-2010-3259 webkit: cross-origin image theft
645914 - CVE-2010-3255 webkit: DoS via improper handling of counter nodes
656115 - CVE-2010-4197 WebKit: Use-after-free vulnerabiity related to text editing causes memory corruption
656118 - CVE-2010-4198 WebKit: Memory corruption due to improper handling of large text area
656126 - CVE-2010-4204 WebKit: Use-after-free vulnerability related frame object
656129 - CVE-2010-4206 WebKit: Array index error during processing of an SVG document
667022 - CVE-2010-3812 webkit: Integer overflow in WebKit's handling of Text objects
667024 - CVE-2010-3813 webkit: HTMLLinkElement ignores dnsPrefetchingEnabled setting
667025 - CVE-2010-4577 webkit: CSS Font Face Parsing Type Confusion Vulnerability

6. Package List:

Red Hat Enterprise Linux Desktop (v. 6):

Source:
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Client/en/os/SRPMS/webkitgtk-1.2.6-2.el6_0.src.rpm

i386:
webkitgtk-1.2.6-2.el6_0.i686.rpm
webkitgtk-debuginfo-1.2.6-2.el6_0.i686.rpm

x86_64:
webkitgtk-1.2.6-2.el6_0.x86_64.rpm
webkitgtk-debuginfo-1.2.6-2.el6_0.x86_64.rpm

Red Hat Enterprise Linux Desktop Optional (v. 6):

Source:
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Client/en/os/SRPMS/webkitgtk-1.2.6-2.el6_0.src.rpm

i386:
webkitgtk-debuginfo-1.2.6-2.el6_0.i686.rpm
webkitgtk-devel-1.2.6-2.el6_0.i686.rpm
webkitgtk-doc-1.2.6-2.el6_0.i686.rpm

x86_64:
webkitgtk-1.2.6-2.el6_0.i686.rpm
webkitgtk-debuginfo-1.2.6-2.el6_0.i686.rpm
webkitgtk-debuginfo-1.2.6-2.el6_0.x86_64.rpm
webkitgtk-devel-1.2.6-2.el6_0.i686.rpm
webkitgtk-devel-1.2.6-2.el6_0.x86_64.rpm
webkitgtk-doc-1.2.6-2.el6_0.x86_64.rpm

Red Hat Enterprise Linux HPC Node Optional (v. 6):

Source:
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6ComputeNode/en/os/SRPMS/webkitgtk-1.2.6-2.el6_0.src.rpm

x86_64:
webkitgtk-1.2.6-2.el6_0.i686.rpm
webkitgtk-1.2.6-2.el6_0.x86_64.rpm
webkitgtk-debuginfo-1.2.6-2.el6_0.i686.rpm
webkitgtk-debuginfo-1.2.6-2.el6_0.x86_64.rpm
webkitgtk-devel-1.2.6-2.el6_0.i686.rpm
webkitgtk-devel-1.2.6-2.el6_0.x86_64.rpm
webkitgtk-doc-1.2.6-2.el6_0.x86_64.rpm

Red Hat Enterprise Linux Server (v. 6):

Source:
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/os/SRPMS/webkitgtk-1.2.6-2.el6_0.src.rpm

i386:
webkitgtk-1.2.6-2.el6_0.i686.rpm
webkitgtk-debuginfo-1.2.6-2.el6_0.i686.rpm

ppc64:
webkitgtk-1.2.6-2.el6_0.ppc.rpm
webkitgtk-1.2.6-2.el6_0.ppc64.rpm
webkitgtk-debuginfo-1.2.6-2.el6_0.ppc.rpm
webkitgtk-debuginfo-1.2.6-2.el6_0.ppc64.rpm

s390x:
webkitgtk-1.2.6-2.el6_0.s390.rpm
webkitgtk-1.2.6-2.el6_0.s390x.rpm
webkitgtk-debuginfo-1.2.6-2.el6_0.s390.rpm
webkitgtk-debuginfo-1.2.6-2.el6_0.s390x.rpm

x86_64:
webkitgtk-1.2.6-2.el6_0.i686.rpm
webkitgtk-1.2.6-2.el6_0.x86_64.rpm
webkitgtk-debuginfo-1.2.6-2.el6_0.i686.rpm
webkitgtk-debuginfo-1.2.6-2.el6_0.x86_64.rpm

Red Hat Enterprise Linux Server Optional (v. 6):

Source:
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/os/SRPMS/webkitgtk-1.2.6-2.el6_0.src.rpm

i386:
webkitgtk-debuginfo-1.2.6-2.el6_0.i686.rpm
webkitgtk-devel-1.2.6-2.el6_0.i686.rpm
webkitgtk-doc-1.2.6-2.el6_0.i686.rpm

ppc64:
webkitgtk-debuginfo-1.2.6-2.el6_0.ppc.rpm
webkitgtk-debuginfo-1.2.6-2.el6_0.ppc64.rpm
webkitgtk-devel-1.2.6-2.el6_0.ppc.rpm
webkitgtk-devel-1.2.6-2.el6_0.ppc64.rpm
webkitgtk-doc-1.2.6-2.el6_0.ppc64.rpm

s390x:
webkitgtk-debuginfo-1.2.6-2.el6_0.s390.rpm
webkitgtk-debuginfo-1.2.6-2.el6_0.s390x.rpm
webkitgtk-devel-1.2.6-2.el6_0.s390.rpm
webkitgtk-devel-1.2.6-2.el6_0.s390x.rpm
webkitgtk-doc-1.2.6-2.el6_0.s390x.rpm

x86_64:
webkitgtk-debuginfo-1.2.6-2.el6_0.i686.rpm
webkitgtk-debuginfo-1.2.6-2.el6_0.x86_64.rpm
webkitgtk-devel-1.2.6-2.el6_0.i686.rpm
webkitgtk-devel-1.2.6-2.el6_0.x86_64.rpm
webkitgtk-doc-1.2.6-2.el6_0.x86_64.rpm

Red Hat Enterprise Linux Workstation (v. 6):

Source:
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Workstation/en/os/SRPMS/webkitgtk-1.2.6-2.el6_0.src.rpm

i386:
webkitgtk-1.2.6-2.el6_0.i686.rpm
webkitgtk-debuginfo-1.2.6-2.el6_0.i686.rpm

x86_64:
webkitgtk-1.2.6-2.el6_0.i686.rpm
webkitgtk-1.2.6-2.el6_0.x86_64.rpm
webkitgtk-debuginfo-1.2.6-2.el6_0.i686.rpm
webkitgtk-debuginfo-1.2.6-2.el6_0.x86_64.rpm

Red Hat Enterprise Linux Workstation Optional (v. 6):

Source:
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Workstation/en/os/SRPMS/webkitgtk-1.2.6-2.el6_0.src.rpm

i386:
webkitgtk-debuginfo-1.2.6-2.el6_0.i686.rpm
webkitgtk-devel-1.2.6-2.el6_0.i686.rpm
webkitgtk-doc-1.2.6-2.el6_0.i686.rpm

x86_64:
webkitgtk-debuginfo-1.2.6-2.el6_0.i686.rpm
webkitgtk-debuginfo-1.2.6-2.el6_0.x86_64.rpm
webkitgtk-devel-1.2.6-2.el6_0.i686.rpm
webkitgtk-devel-1.2.6-2.el6_0.x86_64.rpm
webkitgtk-doc-1.2.6-2.el6_0.x86_64.rpm

These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/#package

7. References:

https://www.redhat.com/security/data/cve/CVE-2010-1780.html
https://www.redhat.com/security/data/cve/CVE-2010-1782.html
https://www.redhat.com/security/data/cve/CVE-2010-1783.html
https://www.redhat.com/security/data/cve/CVE-2010-1784.html
https://www.redhat.com/security/data/cve/CVE-2010-1785.html
https://www.redhat.com/security/data/cve/CVE-2010-1786.html
https://www.redhat.com/security/data/cve/CVE-2010-1787.html
https://www.redhat.com/security/data/cve/CVE-2010-1788.html
https://www.redhat.com/security/data/cve/CVE-2010-1790.html
https://www.redhat.com/security/data/cve/CVE-2010-1792.html
https://www.redhat.com/security/data/cve/CVE-2010-1793.html
https://www.redhat.com/security/data/cve/CVE-2010-1807.html
https://www.redhat.com/security/data/cve/CVE-2010-1812.html
https://www.redhat.com/security/data/cve/CVE-2010-1814.html
https://www.redhat.com/security/data/cve/CVE-2010-1815.html
https://www.redhat.com/security/data/cve/CVE-2010-3113.html
https://www.redhat.com/security/data/cve/CVE-2010-3114.html
https://www.redhat.com/security/data/cve/CVE-2010-3115.html
https://www.redhat.com/security/data/cve/CVE-2010-3116.html
https://www.redhat.com/security/data/cve/CVE-2010-3119.html
https://www.redhat.com/security/data/cve/CVE-2010-3255.html
https://www.redhat.com/security/data/cve/CVE-2010-3257.html
https://www.redhat.com/security/data/cve/CVE-2010-3259.html
https://www.redhat.com/security/data/cve/CVE-2010-3812.html
https://www.redhat.com/security/data/cve/CVE-2010-3813.html
https://www.redhat.com/security/data/cve/CVE-2010-4197.html
https://www.redhat.com/security/data/cve/CVE-2010-4198.html
https://www.redhat.com/security/data/cve/CVE-2010-4204.html
https://www.redhat.com/security/data/cve/CVE-2010-4206.html
https://www.redhat.com/security/data/cve/CVE-2010-4577.html
https://access.redhat.com/security/updates/classification/#moderate

8. Contact:

The Red Hat security contact is . More contact
details at https://www.redhat.com/security/team/contact/

Copyright 2011 Red Hat, Inc.

Flash-Plugin Update for RHEL

DSA 2150-1: request-tracker3.6 security update  

Posted by Daniela Mehler

A request-tracker3.6 security update has been released for Debian GNU/Linux

- -------------------------------------------------------------------------
Debian Security Advisory DSA-2150-1 security@debian.org
http://www.debian.org/security/ Thijs Kinkhorst
January 22, 2011 http://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package : request-tracker3.6
Vulnerability : unsalted password hashing
Problem type : local
Debian-specific: no
CVE ID : CVE-2011-0009

It was discovered that Request Tracker, an issue tracking system,
stored passwords in its database by using an insufficiently strong
hashing method. If an attacker would have access to the password
database, he could decode the passwords stored in it.

For the stable distribution (lenny), this problem has been fixed in
version 3.6.7-5+lenny5.

The testing distribution (squeeze) will be fixed soon.

For the unstable distribution (sid), this problem has been fixed in
version 3.8.8-7 of the request-tracker3.8 package.

We recommend that you upgrade your Request Tracker packages.

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: http://www.debian.org/security/


How to upgrade Debian Lenny to Squeeze

How to upgrade Debian Lenny to Squeeze  

Posted by Daniela Mehler

Go2Linux posted a tutorial about upgrading from Debian GNU/Linux 5.0 to 6.0

As with the post of How to upgrade Debian Etch to Lenny, I actually know this may be know by a lot of people already, but here is how I did it, and if you ever forget can come here and remember it.
Debian Squeeze is going to be released on February 5th or 6th this 2011, so I am updating this how-to a little bit

How to upgrade Debian Lenny to Squeeze


How to upgrade Debian Lenny to Squeeze



The Perfect Server - Debian Lenny (Debian 5.0) With BIND & Dovecot (ISPConfig 3)

UNIX / Linux: How to Install and Configure mod_perl for Apache 2  

Posted by Daniela Mehler

The Geek Stuff shows you how to install and configure mod_perl for Apache 2

If you are running any web based open source application that is written in perl, you should be using mod_perl with Apache instead of running it as CGI. mod_perl is way faster than running a web application using CGI. This article explains how to install mod_perl on Apache 2.

UNIX / Linux: How to Install and Configure mod_perl for Apache 2


How to Install and Configure mod_perl for Apache 2



How to install Linux Mint 10 on a btrfs file system

RHSA-2011:0007-01: Important: kernel security and bug fix update  

Posted by Daniela Mehler

A kernel security update has been released for RHEL 6

=====================================================================
Red Hat Security Advisory

Synopsis: Important: kernel security and bug fix update
Advisory ID: RHSA-2011:0007-01
Product: Red Hat Enterprise Linux
Advisory URL: https://rhn.redhat.com/errata/RHSA-2011-0007.html
Issue date: 2011-01-11
CVE Names: CVE-2010-2492 CVE-2010-3067 CVE-2010-3078
CVE-2010-3080 CVE-2010-3298 CVE-2010-3477
CVE-2010-3861 CVE-2010-3865 CVE-2010-3874
CVE-2010-3876 CVE-2010-3880 CVE-2010-4072
CVE-2010-4073 CVE-2010-4074 CVE-2010-4075
CVE-2010-4077 CVE-2010-4079 CVE-2010-4080
CVE-2010-4081 CVE-2010-4082 CVE-2010-4083
CVE-2010-4158 CVE-2010-4160 CVE-2010-4162
CVE-2010-4163 CVE-2010-4242 CVE-2010-4248
CVE-2010-4249 CVE-2010-4263 CVE-2010-4525
CVE-2010-4668
=====================================================================

1. Summary:

Updated kernel packages that fix multiple security issues and several bugs
are now available for Red Hat Enterprise Linux 6.

The Red Hat Security Response Team has rated this update as having
important security impact. Common Vulnerability Scoring System (CVSS) base
scores, which give detailed severity ratings, are available for each
vulnerability from the CVE links in the References section.

2. Relevant releases/architectures:

Red Hat Enterprise Linux Desktop (v. 6) - i386, noarch, x86_64
Red Hat Enterprise Linux HPC Node (v. 6) - noarch, x86_64
Red Hat Enterprise Linux Server (v. 6) - i386, noarch, ppc64, s390x, x86_64
Red Hat Enterprise Linux Workstation (v. 6) - i386, noarch, x86_64

3. Description:

* Buffer overflow in eCryptfs. When /dev/ecryptfs has world writable
permissions (which it does not, by default, on Red Hat Enterprise Linux 6),
a local, unprivileged user could use this flaw to cause a denial of service
or possibly escalate their privileges. (CVE-2010-2492, Important)

* Integer overflow in the RDS protocol implementation could allow a local,
unprivileged user to cause a denial of service or escalate their
privileges. (CVE-2010-3865, Important)

* Missing boundary checks in the PPP over L2TP sockets implementation could
allow a local, unprivileged user to cause a denial of service or escalate
their privileges. (CVE-2010-4160, Important)

* NULL pointer dereference in the igb driver. If both Single Root I/O
Virtualization (SR-IOV) and promiscuous mode were enabled on an interface
using igb, it could result in a denial of service when a tagged VLAN packet
is received on that interface. (CVE-2010-4263, Important)

* Missing initialization flaw in the XFS file system implementation, and in
the network traffic policing implementation, could allow a local,
unprivileged user to cause an information leak. (CVE-2010-3078,
CVE-2010-3477, Moderate)

* NULL pointer dereference in the Open Sound System compatible sequencer
driver could allow a local, unprivileged user with access to /dev/sequencer
to cause a denial of service. /dev/sequencer is only accessible to root and
users in the audio group by default. (CVE-2010-3080, Moderate)

* Flaw in the ethtool IOCTL handler could allow a local user to cause an
information leak. (CVE-2010-3861, Moderate)

* Flaw in bcm_connect() in the Controller Area Network (CAN) Broadcast
Manager. On 64-bit systems, writing the socket address may overflow the
procname character array. (CVE-2010-3874, Moderate)

* Flaw in the module for monitoring the sockets of INET transport
protocols could allow a local, unprivileged user to cause a denial of
service. (CVE-2010-3880, Moderate)

* Missing boundary checks in the block layer implementation could allow a
local, unprivileged user to cause a denial of service. (CVE-2010-4162,
CVE-2010-4163, CVE-2010-4668, Moderate)

* NULL pointer dereference in the Bluetooth HCI UART driver could allow a
local, unprivileged user to cause a denial of service. (CVE-2010-4242,
Moderate)

* Flaw in the Linux kernel CPU time clocks implementation for the POSIX
clock interface could allow a local, unprivileged user to cause a denial of
service. (CVE-2010-4248, Moderate)

* Flaw in the garbage collector for AF_UNIX sockets could allow a local,
unprivileged user to trigger a denial of service. (CVE-2010-4249, Moderate)

* Missing upper bound integer check in the AIO implementation could allow a
local, unprivileged user to cause an information leak. (CVE-2010-3067, Low)

* Missing initialization flaws could lead to information leaks.
(CVE-2010-3298, CVE-2010-3876, CVE-2010-4072, CVE-2010-4073, CVE-2010-4074,
CVE-2010-4075, CVE-2010-4077, CVE-2010-4079, CVE-2010-4080, CVE-2010-4081,
CVE-2010-4082, CVE-2010-4083, CVE-2010-4158, Low)

* Missing initialization flaw in KVM could allow a privileged host user
with access to /dev/kvm to cause an information leak. (CVE-2010-4525, Low)

Red Hat would like to thank Andre Osterhues for reporting CVE-2010-2492;
Thomas Pollet for reporting CVE-2010-3865; Dan Rosenberg for reporting
CVE-2010-4160, CVE-2010-3078, CVE-2010-3874, CVE-2010-4162, CVE-2010-4163,
CVE-2010-3298, CVE-2010-4073, CVE-2010-4074, CVE-2010-4075, CVE-2010-4077,
CVE-2010-4079, CVE-2010-4080, CVE-2010-4081, CVE-2010-4082, CVE-2010-4083,
and CVE-2010-4158; Kosuke Tatsukawa for reporting CVE-2010-4263; Tavis
Ormandy for reporting CVE-2010-3080 and CVE-2010-3067; Kees Cook for
reporting CVE-2010-3861 and CVE-2010-4072; Nelson Elhage for reporting
CVE-2010-3880; Alan Cox for reporting CVE-2010-4242; Vegard Nossum for
reporting CVE-2010-4249; Vasiliy Kulikov for reporting CVE-2010-3876; and
Stephan Mueller of atsec information security for reporting CVE-2010-4525.

4. Solution:

Users should upgrade to these updated packages, which contain
backported patches to correct these issues. Documentation for the bugs
fixed by this update will be available shortly from the Technical
Notes document, linked to in the References section. The system must
be rebooted for this update to take effect.

Before applying this update, make sure all previously-released errata
relevant to your system have been applied.

This update is available via the Red Hat Network. Details on how to
use the Red Hat Network to apply this update are available at
http://kbase.redhat.com/faq/docs/DOC-11259

To install kernel packages manually, use "rpm -ivh [package]". Do not
use "rpm -Uvh" as that will remove the running kernel binaries from
your system. You may use "rpm -e" to remove old kernels after
determining that the new kernel functions properly on your system.

5. Bugs fixed (http://bugzilla.redhat.com/):

611385 - CVE-2010-2492 kernel: ecryptfs_uid_hash() buffer overflow
629441 - CVE-2010-3067 kernel: do_io_submit() infoleak
630551 - CVE-2010-3080 kernel: /dev/sequencer open failure is not handled correctly
630804 - CVE-2010-3078 kernel: xfs: XFS_IOC_FSGETXATTR ioctl memory leak
633140 - CVE-2010-3298 kernel: drivers/net/usb/hso.c: prevent reading uninitialized memory
636386 - CVE-2010-3477 kernel: net/sched/act_police.c infoleak
641410 - CVE-2010-4242 kernel: missing tty ops write function presence check in hci_uart_tty_open()
646725 - CVE-2010-3861 kernel: heap contents leak from ETHTOOL_GRXCLSRLALL
647391 - kernel BUG at mm/migrate.c:113! [rhel-6.0.z]
647416 - CVE-2010-3865 kernel: iovec integer overflow in net/rds/rdma.c
648408 - Do not mix FMODE_ and O_ flags with break_lease() and may_open() [rhel-6.0.z]
648656 - CVE-2010-4072 kernel: ipc/shm.c: reading uninitialized stack memory
648658 - CVE-2010-4073 kernel: ipc/compat*.c: reading uninitialized stack memory
648659 - CVE-2010-4074 kernel: drivers/usb/serial/mos*.c: reading uninitialized stack memory
648660 - CVE-2010-4075 kernel: drivers/serial/serial_core.c: reading uninitialized stack memory
648663 - CVE-2010-4077 kernel: drivers/char/nozomi.c: reading uninitialized stack memory
648666 - CVE-2010-4079 kernel: drivers/video/ivtv/ivtvfb.c: reading uninitialized stack memory
648669 - CVE-2010-4080 kernel: drivers/sound/pci/rme9652/hdsp.c: reading uninitialized stack memory
648670 - CVE-2010-4081 kernel: drivers/sound/pci/rme9652/hdspm.c: reading uninitialized stack memory
648671 - CVE-2010-4082 kernel: drivers/video/via/ioctl.c: reading uninitialized stack memory
648673 - CVE-2010-4083 kernel: ipc/sem.c: reading uninitialized stack memory
649695 - CVE-2010-3874 kernel: CAN minor heap overflow
649715 - CVE-2010-3876 kernel: net/packet/af_packet.c: reading uninitialized stack memory
651264 - CVE-2010-3880 kernel: logic error in INET_DIAG bytecode auditing
651698 - CVE-2010-4158 kernel: socket filters infoleak
651892 - CVE-2010-4160 kernel: L2TP send buffer allocation size overflows
652529 - CVE-2010-4162 kernel: bio: integer overflow page count when mapping/copying user data
652957 - CVE-2010-4163 CVE-2010-4668 kernel: panic when submitting certain 0-length I/O requests
653340 - [kvm] VIRT-IO NIC state is reported as 'unknown' on vm running over RHEL6 host [rhel-6.0.z]
656264 - CVE-2010-4248 kernel: posix-cpu-timers: workaround to suppress the problems with mt exec
656756 - CVE-2010-4249 kernel: unix socket local dos
658879 - kernel 2.6.32-84.el6 breaks systemtap [rhel-6.0.z]
659611 - lpfc: Fixed crashes for BUG_ONs hit in the lpfc_abort_handler [rhel-6.0.z]
660188 - CVE-2010-4263 kernel: igb panics when receiving tag vlan packet
660244 - lpfc: Set heartbeat timer off by default [rhel-6.0.z]
660591 - neighbour update causes an Oops when using tunnel device [rhel-6.0.z]
665470 - CVE-2010-4525 kvm: x86: zero kvm_vcpu_events->interrupt.pad infoleak

6. Package List:

Red Hat Enterprise Linux Desktop (v. 6):

Source:
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Client/en/os/SRPMS/kernel-2.6.32-71.14.1.el6.src.rpm

i386:
kernel-2.6.32-71.14.1.el6.i686.rpm
kernel-debug-2.6.32-71.14.1.el6.i686.rpm
kernel-debug-debuginfo-2.6.32-71.14.1.el6.i686.rpm
kernel-debug-devel-2.6.32-71.14.1.el6.i686.rpm
kernel-debuginfo-2.6.32-71.14.1.el6.i686.rpm
kernel-debuginfo-common-i686-2.6.32-71.14.1.el6.i686.rpm
kernel-devel-2.6.32-71.14.1.el6.i686.rpm
kernel-headers-2.6.32-71.14.1.el6.i686.rpm

noarch:
kernel-doc-2.6.32-71.14.1.el6.noarch.rpm
kernel-firmware-2.6.32-71.14.1.el6.noarch.rpm
perf-2.6.32-71.14.1.el6.noarch.rpm

x86_64:
kernel-2.6.32-71.14.1.el6.x86_64.rpm
kernel-debug-2.6.32-71.14.1.el6.x86_64.rpm
kernel-debug-debuginfo-2.6.32-71.14.1.el6.x86_64.rpm
kernel-debug-devel-2.6.32-71.14.1.el6.x86_64.rpm
kernel-debuginfo-2.6.32-71.14.1.el6.x86_64.rpm
kernel-debuginfo-common-x86_64-2.6.32-71.14.1.el6.x86_64.rpm
kernel-devel-2.6.32-71.14.1.el6.x86_64.rpm
kernel-headers-2.6.32-71.14.1.el6.x86_64.rpm

Red Hat Enterprise Linux HPC Node (v. 6):

Source:
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6ComputeNode/en/os/SRPMS/kernel-2.6.32-71.14.1.el6.src.rpm

noarch:
kernel-doc-2.6.32-71.14.1.el6.noarch.rpm
kernel-firmware-2.6.32-71.14.1.el6.noarch.rpm
perf-2.6.32-71.14.1.el6.noarch.rpm

x86_64:
kernel-2.6.32-71.14.1.el6.x86_64.rpm
kernel-debug-2.6.32-71.14.1.el6.x86_64.rpm
kernel-debug-debuginfo-2.6.32-71.14.1.el6.x86_64.rpm
kernel-debug-devel-2.6.32-71.14.1.el6.x86_64.rpm
kernel-debuginfo-2.6.32-71.14.1.el6.x86_64.rpm
kernel-debuginfo-common-x86_64-2.6.32-71.14.1.el6.x86_64.rpm
kernel-devel-2.6.32-71.14.1.el6.x86_64.rpm
kernel-headers-2.6.32-71.14.1.el6.x86_64.rpm

Red Hat Enterprise Linux Server (v. 6):

Source:
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/os/SRPMS/kernel-2.6.32-71.14.1.el6.src.rpm

i386:
kernel-2.6.32-71.14.1.el6.i686.rpm
kernel-debug-2.6.32-71.14.1.el6.i686.rpm
kernel-debug-debuginfo-2.6.32-71.14.1.el6.i686.rpm
kernel-debug-devel-2.6.32-71.14.1.el6.i686.rpm
kernel-debuginfo-2.6.32-71.14.1.el6.i686.rpm
kernel-debuginfo-common-i686-2.6.32-71.14.1.el6.i686.rpm
kernel-devel-2.6.32-71.14.1.el6.i686.rpm
kernel-headers-2.6.32-71.14.1.el6.i686.rpm

noarch:
kernel-doc-2.6.32-71.14.1.el6.noarch.rpm
kernel-firmware-2.6.32-71.14.1.el6.noarch.rpm
perf-2.6.32-71.14.1.el6.noarch.rpm

ppc64:
kernel-2.6.32-71.14.1.el6.ppc64.rpm
kernel-bootwrapper-2.6.32-71.14.1.el6.ppc64.rpm
kernel-debug-2.6.32-71.14.1.el6.ppc64.rpm
kernel-debug-debuginfo-2.6.32-71.14.1.el6.ppc64.rpm
kernel-debug-devel-2.6.32-71.14.1.el6.ppc64.rpm
kernel-debuginfo-2.6.32-71.14.1.el6.ppc64.rpm
kernel-debuginfo-common-ppc64-2.6.32-71.14.1.el6.ppc64.rpm
kernel-devel-2.6.32-71.14.1.el6.ppc64.rpm
kernel-headers-2.6.32-71.14.1.el6.ppc64.rpm

s390x:
kernel-2.6.32-71.14.1.el6.s390x.rpm
kernel-debug-2.6.32-71.14.1.el6.s390x.rpm
kernel-debug-debuginfo-2.6.32-71.14.1.el6.s390x.rpm
kernel-debug-devel-2.6.32-71.14.1.el6.s390x.rpm
kernel-debuginfo-2.6.32-71.14.1.el6.s390x.rpm
kernel-debuginfo-common-s390x-2.6.32-71.14.1.el6.s390x.rpm
kernel-devel-2.6.32-71.14.1.el6.s390x.rpm
kernel-headers-2.6.32-71.14.1.el6.s390x.rpm
kernel-kdump-2.6.32-71.14.1.el6.s390x.rpm
kernel-kdump-debuginfo-2.6.32-71.14.1.el6.s390x.rpm
kernel-kdump-devel-2.6.32-71.14.1.el6.s390x.rpm

x86_64:
kernel-2.6.32-71.14.1.el6.x86_64.rpm
kernel-debug-2.6.32-71.14.1.el6.x86_64.rpm
kernel-debug-debuginfo-2.6.32-71.14.1.el6.x86_64.rpm
kernel-debug-devel-2.6.32-71.14.1.el6.x86_64.rpm
kernel-debuginfo-2.6.32-71.14.1.el6.x86_64.rpm
kernel-debuginfo-common-x86_64-2.6.32-71.14.1.el6.x86_64.rpm
kernel-devel-2.6.32-71.14.1.el6.x86_64.rpm
kernel-headers-2.6.32-71.14.1.el6.x86_64.rpm

Red Hat Enterprise Linux Workstation (v. 6):

Source:
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Workstation/en/os/SRPMS/kernel-2.6.32-71.14.1.el6.src.rpm

i386:
kernel-2.6.32-71.14.1.el6.i686.rpm
kernel-debug-2.6.32-71.14.1.el6.i686.rpm
kernel-debug-debuginfo-2.6.32-71.14.1.el6.i686.rpm
kernel-debug-devel-2.6.32-71.14.1.el6.i686.rpm
kernel-debuginfo-2.6.32-71.14.1.el6.i686.rpm
kernel-debuginfo-common-i686-2.6.32-71.14.1.el6.i686.rpm
kernel-devel-2.6.32-71.14.1.el6.i686.rpm
kernel-headers-2.6.32-71.14.1.el6.i686.rpm

noarch:
kernel-doc-2.6.32-71.14.1.el6.noarch.rpm
kernel-firmware-2.6.32-71.14.1.el6.noarch.rpm
perf-2.6.32-71.14.1.el6.noarch.rpm

x86_64:
kernel-2.6.32-71.14.1.el6.x86_64.rpm
kernel-debug-2.6.32-71.14.1.el6.x86_64.rpm
kernel-debug-debuginfo-2.6.32-71.14.1.el6.x86_64.rpm
kernel-debug-devel-2.6.32-71.14.1.el6.x86_64.rpm
kernel-debuginfo-2.6.32-71.14.1.el6.x86_64.rpm
kernel-debuginfo-common-x86_64-2.6.32-71.14.1.el6.x86_64.rpm
kernel-devel-2.6.32-71.14.1.el6.x86_64.rpm
kernel-headers-2.6.32-71.14.1.el6.x86_64.rpm

These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/#package

7. References:

https://www.redhat.com/security/data/cve/CVE-2010-2492.html
https://www.redhat.com/security/data/cve/CVE-2010-3067.html
https://www.redhat.com/security/data/cve/CVE-2010-3078.html
https://www.redhat.com/security/data/cve/CVE-2010-3080.html
https://www.redhat.com/security/data/cve/CVE-2010-3298.html
https://www.redhat.com/security/data/cve/CVE-2010-3477.html
https://www.redhat.com/security/data/cve/CVE-2010-3861.html
https://www.redhat.com/security/data/cve/CVE-2010-3865.html
https://www.redhat.com/security/data/cve/CVE-2010-3874.html
https://www.redhat.com/security/data/cve/CVE-2010-3876.html
https://www.redhat.com/security/data/cve/CVE-2010-3880.html
https://www.redhat.com/security/data/cve/CVE-2010-4072.html
https://www.redhat.com/security/data/cve/CVE-2010-4073.html
https://www.redhat.com/security/data/cve/CVE-2010-4074.html
https://www.redhat.com/security/data/cve/CVE-2010-4075.html
https://www.redhat.com/security/data/cve/CVE-2010-4077.html
https://www.redhat.com/security/data/cve/CVE-2010-4079.html
https://www.redhat.com/security/data/cve/CVE-2010-4080.html
https://www.redhat.com/security/data/cve/CVE-2010-4081.html
https://www.redhat.com/security/data/cve/CVE-2010-4082.html
https://www.redhat.com/security/data/cve/CVE-2010-4083.html
https://www.redhat.com/security/data/cve/CVE-2010-4158.html
https://www.redhat.com/security/data/cve/CVE-2010-4160.html
https://www.redhat.com/security/data/cve/CVE-2010-4162.html
https://www.redhat.com/security/data/cve/CVE-2010-4163.html
https://www.redhat.com/security/data/cve/CVE-2010-4242.html
https://www.redhat.com/security/data/cve/CVE-2010-4248.html
https://www.redhat.com/security/data/cve/CVE-2010-4249.html
https://www.redhat.com/security/data/cve/CVE-2010-4263.html
https://www.redhat.com/security/data/cve/CVE-2010-4525.html
https://www.redhat.com/security/data/cve/CVE-2010-4668.html
https://access.redhat.com/security/updates/classification/#important
http://docs.redhat.com/docs/en-US/Red_Hat_Enterprise_Linux/6/html/Technical_Notes/ape.html#RHSA-2011-0007

8. Contact:

The Red Hat security contact is . More contact
details at https://www.redhat.com/security/team/contact/

Copyright 2011 Red Hat, Inc.

Kernel Update for CentOS 5

openSUSE Kernel Updates  

Posted by Daniela Mehler

Kernel updates are available for openSUSE 11.2 and 11.3


[security-announce] SUSE Security Announcement: Linux kernel (SUSE-SA:2011:002)
______________________________________________________________________________

SUSE Security Announcement

Package: kernel
Announcement ID: SUSE-SA:2011:002
Date: Mon, 03 Jan 2011 15:00:00 +0000
Affected Products: openSUSE 11.2
Vulnerability Type: potential local privilege escalation
CVSS v2 Base Score: 6.6 (AV:L/AC:L/Au:N/C:C/I:N/A:C)
SUSE Default Package: yes
Cross-References: CVE-2010-3067, CVE-2010-3437, CVE-2010-3442
CVE-2010-3861, CVE-2010-3865, CVE-2010-3874
CVE-2010-4078, CVE-2010-4080, CVE-2010-4081
CVE-2010-4082, CVE-2010-4157, CVE-2010-4158
CVE-2010-4160, CVE-2010-4162, CVE-2010-4163
CVE-2010-4164, CVE-2010-4165, CVE-2010-4175
CVE-2010-4258

Content of This Advisory:
1) Security Vulnerability Resolved:
Linux kernel security update
Problem Description
2) Solution or Work-Around
3) Special Instructions and Notes
4) Package Location and Checksums
5) Pending Vulnerabilities, Solutions, and Work-Arounds:
See SUSE Security Summary Report.
6) Authenticity Verification and Additional Information

______________________________________________________________________________

1) Problem Description and Brief Discussion

This update of the openSUSE 11.2 kernel fixes various bugs
and lots of security issues.

Following security issues have been fixed:
CVE-2010-4258: A local attacker could use a Oops (kernel crash) caused
by other flaws to write a 0 byte to a attacker controlled address in the
kernel. This could lead to privilege escalation together with other issues.

CVE-2010-4160: A overflow in sendto() and recvfrom() routines was fixed
that could be used by local attackers to potentially crash the kernel
using some socket families like L2TP.

CVE-2010-4157: A 32bit vs 64bit integer mismatch in gdth_ioctl_alloc
could lead to memory corruption in the GDTH driver.

CVE-2010-4165: The do_tcp_setsockopt function in net/ipv4/tcp.c in the
Linux kernel did not properly restrict TCP_MAXSEG (aka MSS) values, which
allows local users to cause a denial of service (OOPS) via a setsockopt
call that specifies a small value, leading to a divide-by-zero error or
incorrect use of a signed integer.

CVE-2010-4164: A remote (or local) attacker communicating over X.25
could cause a kernel panic by attempting to negotiate malformed
facilities.

CVE-2010-4175: A local attacker could cause memory overruns in the RDS
protocol stack, potentially crashing the kernel. So far it is considered
not to be exploitable.

CVE-2010-3874: A minor heap overflow in the CAN network module was fixed.
Due to nature of the memory allocator it is likely not exploitable.

CVE-2010-3874: A minor heap overflow in the CAN network module was fixed.
Due to nature of the memory allocator it is likely not exploitable.

CVE-2010-4158: A memory information leak in Berkeley packet filter rules
allowed local attackers to read uninitialized memory of the kernel stack.

CVE-2010-4162: A local denial of service in the blockdevice layer was fixed.

CVE-2010-4163: By submitting certain I/O requests with 0 length, a local
user could have caused a kernel panic.

CVE-2010-3861: The ethtool_get_rxnfc function in net/core/ethtool.c
in the Linux kernel did not initialize a certain block of heap memory,
which allowed local users to obtain potentially sensitive information via
an ETHTOOL_GRXCLSRLALL ethtool command with a large info.rule_cnt value.

CVE-2010-3442: Multiple integer overflows in the snd_ctl_new function
in sound/core/control.c in the Linux kernel allowed local users to
cause a denial of service (heap memory corruption) or possibly have
unspecified other impact via a crafted (1) SNDRV_CTL_IOCTL_ELEM_ADD or
(2) SNDRV_CTL_IOCTL_ELEM_REPLACE ioctl call.

CVE-2010-3437: A range checking overflow in pktcdvd ioctl was fixed.

CVE-2010-4078: The sisfb_ioctl function in drivers/video/sis/sis_main.c in
the Linux kernel did not properly initialize a certain structure member,
which allowed local users to obtain potentially sensitive information
from kernel stack memory via an FBIOGET_VBLANK ioctl call.

CVE-2010-4080: The snd_hdsp_hwdep_ioctl function in
sound/pci/rme9652/hdsp.c in the Linux kernel did not initialize
a certain structure, which allowed local users to obtain
potentially sensitive information from kernel stack memory via an
SNDRV_HDSP_IOCTL_GET_CONFIG_INFO ioctl call.

CVE-2010-4081: The snd_hdspm_hwdep_ioctl function in
sound/pci/rme9652/hdspm.c in the Linux kernel did not initialize
a certain structure, which allowed local users to obtain
potentially sensitive information from kernel stack memory via an
SNDRV_HDSPM_IOCTL_GET_CONFIG_INFO ioctl call.

CVE-2010-4082: The viafb_ioctl_get_viafb_info function in
drivers/video/via/ioctl.c in the Linux kernel did not properly
initialize a certain structure member, which allowed local users to
obtain potentially sensitive information from kernel stack memory via
a VIAFB_GET_INFO ioctl call.

CVE-2010-3067: Integer overflow in the do_io_submit function in fs/aio.c
in the Linux kernel allowed local users to cause a denial of service or
possibly have unspecified other impact via crafted use of the io_submit
system call.

CVE-2010-3865: A iovec integer overflow in RDS sockets was fixed which
could lead to local attackers gaining kernel privileges.

2) Solution or Work-Around

There is no known workaround, please install the update packages.

3) Special Instructions and Notes

Please reboot the machine after installing the update.

4) Package Location and Checksums

The preferred method for installing security updates is to use the YaST
"Online Update" module or the "zypper" commandline tool. The package and
patch management stack will detect which updates are required and
automatically perform the necessary steps to verify and install them.

Alternatively, download the update packages for your distribution manually
and verify their integrity by the methods listed in Section 6 of this
announcement. Then install the packages using the command

rpm -Fhv

to apply the update, replacing with the filename of the
downloaded RPM package.


x86 Platform:

openSUSE 11.2:
http://download.opensuse.org/update/11.2/rpm/i586/kernel-debug-2.6.31.14-0.6.1.i586.rpm
http://download.opensuse.org/update/11.2/rpm/i586/kernel-debug-base-2.6.31.14-0.6.1.i586.rpm
http://download.opensuse.org/update/11.2/rpm/i586/kernel-debug-devel-2.6.31.14-0.6.1.i586.rpm
http://download.opensuse.org/update/11.2/rpm/i586/kernel-default-2.6.31.14-0.6.1.i586.rpm
http://download.opensuse.org/update/11.2/rpm/i586/kernel-default-base-2.6.31.14-0.6.1.i586.rpm
http://download.opensuse.org/update/11.2/rpm/i586/kernel-default-devel-2.6.31.14-0.6.1.i586.rpm
http://download.opensuse.org/update/11.2/rpm/i586/kernel-desktop-2.6.31.14-0.6.1.i586.rpm
http://download.opensuse.org/update/11.2/rpm/i586/kernel-desktop-base-2.6.31.14-0.6.1.i586.rpm
http://download.opensuse.org/update/11.2/rpm/i586/kernel-desktop-devel-2.6.31.14-0.6.1.i586.rpm
http://download.opensuse.org/update/11.2/rpm/i586/kernel-pae-2.6.31.14-0.6.1.i586.rpm
http://download.opensuse.org/update/11.2/rpm/i586/kernel-pae-base-2.6.31.14-0.6.1.i586.rpm
http://download.opensuse.org/update/11.2/rpm/i586/kernel-pae-devel-2.6.31.14-0.6.1.i586.rpm
http://download.opensuse.org/update/11.2/rpm/i586/kernel-syms-2.6.31.14-0.6.1.i586.rpm
http://download.opensuse.org/update/11.2/rpm/i586/kernel-trace-2.6.31.14-0.6.1.i586.rpm
http://download.opensuse.org/update/11.2/rpm/i586/kernel-trace-base-2.6.31.14-0.6.1.i586.rpm
http://download.opensuse.org/update/11.2/rpm/i586/kernel-trace-devel-2.6.31.14-0.6.1.i586.rpm
http://download.opensuse.org/update/11.2/rpm/i586/kernel-vanilla-2.6.31.14-0.6.1.i586.rpm
http://download.opensuse.org/update/11.2/rpm/i586/kernel-vanilla-base-2.6.31.14-0.6.1.i586.rpm
http://download.opensuse.org/update/11.2/rpm/i586/kernel-vanilla-devel-2.6.31.14-0.6.1.i586.rpm
http://download.opensuse.org/update/11.2/rpm/i586/kernel-xen-2.6.31.14-0.6.1.i586.rpm
http://download.opensuse.org/update/11.2/rpm/i586/kernel-xen-base-2.6.31.14-0.6.1.i586.rpm
http://download.opensuse.org/update/11.2/rpm/i586/kernel-xen-devel-2.6.31.14-0.6.1.i586.rpm
http://download.opensuse.org/update/11.2/rpm/i586/preload-kmp-default-1.1_2.6.31.14_0.6-6.9.39.i586.rpm
http://download.opensuse.org/update/11.2/rpm/i586/preload-kmp-desktop-1.1_2.6.31.14_0.6-6.9.39.i586.rpm

Platform Independent:

openSUSE 11.2:
http://download.opensuse.org/update/11.2/rpm/noarch/kernel-source-2.6.31.14-0.6.1.noarch.rpm
http://download.opensuse.org/update/11.2/rpm/noarch/kernel-source-vanilla-2.6.31.14-0.6.1.noarch.rpm

x86-64 Platform:

openSUSE 11.2:
http://download.opensuse.org/update/11.2/rpm/x86_64/kernel-debug-2.6.31.14-0.6.1.x86_64.rpm
http://download.opensuse.org/update/11.2/rpm/x86_64/kernel-debug-base-2.6.31.14-0.6.1.x86_64.rpm
http://download.opensuse.org/update/11.2/rpm/x86_64/kernel-debug-devel-2.6.31.14-0.6.1.x86_64.rpm
http://download.opensuse.org/update/11.2/rpm/x86_64/kernel-default-2.6.31.14-0.6.1.x86_64.rpm
http://download.opensuse.org/update/11.2/rpm/x86_64/kernel-default-base-2.6.31.14-0.6.1.x86_64.rpm
http://download.opensuse.org/update/11.2/rpm/x86_64/kernel-default-devel-2.6.31.14-0.6.1.x86_64.rpm
http://download.opensuse.org/update/11.2/rpm/x86_64/kernel-desktop-2.6.31.14-0.6.1.x86_64.rpm
http://download.opensuse.org/update/11.2/rpm/x86_64/kernel-desktop-base-2.6.31.14-0.6.1.x86_64.rpm
http://download.opensuse.org/update/11.2/rpm/x86_64/kernel-desktop-devel-2.6.31.14-0.6.1.x86_64.rpm
http://download.opensuse.org/update/11.2/rpm/x86_64/kernel-syms-2.6.31.14-0.6.1.x86_64.rpm
http://download.opensuse.org/update/11.2/rpm/x86_64/kernel-trace-2.6.31.14-0.6.1.x86_64.rpm
http://download.opensuse.org/update/11.2/rpm/x86_64/kernel-trace-base-2.6.31.14-0.6.1.x86_64.rpm
http://download.opensuse.org/update/11.2/rpm/x86_64/kernel-trace-devel-2.6.31.14-0.6.1.x86_64.rpm
http://download.opensuse.org/update/11.2/rpm/x86_64/kernel-vanilla-2.6.31.14-0.6.1.x86_64.rpm
http://download.opensuse.org/update/11.2/rpm/x86_64/kernel-vanilla-base-2.6.31.14-0.6.1.x86_64.rpm
http://download.opensuse.org/update/11.2/rpm/x86_64/kernel-vanilla-devel-2.6.31.14-0.6.1.x86_64.rpm
http://download.opensuse.org/update/11.2/rpm/x86_64/kernel-xen-2.6.31.14-0.6.1.x86_64.rpm
http://download.opensuse.org/update/11.2/rpm/x86_64/kernel-xen-base-2.6.31.14-0.6.1.x86_64.rpm
http://download.opensuse.org/update/11.2/rpm/x86_64/kernel-xen-devel-2.6.31.14-0.6.1.x86_64.rpm
http://download.opensuse.org/update/11.2/rpm/x86_64/preload-kmp-default-1.1_2.6.31.14_0.6-6.9.39.x86_64.rpm
http://download.opensuse.org/update/11.2/rpm/x86_64/preload-kmp-desktop-1.1_2.6.31.14_0.6-6.9.39.x86_64.rpm

Sources:

openSUSE 11.2:
http://download.opensuse.org/update/11.2/rpm/src/kernel-debug-2.6.31.14-0.6.1.nosrc.rpm
http://download.opensuse.org/update/11.2/rpm/src/kernel-default-2.6.31.14-0.6.1.nosrc.rpm
http://download.opensuse.org/update/11.2/rpm/src/kernel-desktop-2.6.31.14-0.6.1.nosrc.rpm
http://download.opensuse.org/update/11.2/rpm/src/kernel-pae-2.6.31.14-0.6.1.nosrc.rpm
http://download.opensuse.org/update/11.2/rpm/src/kernel-source-2.6.31.14-0.6.1.src.rpm
http://download.opensuse.org/update/11.2/rpm/src/kernel-syms-2.6.31.14-0.6.1.src.rpm
http://download.opensuse.org/update/11.2/rpm/src/kernel-trace-2.6.31.14-0.6.1.nosrc.rpm
http://download.opensuse.org/update/11.2/rpm/src/kernel-vanilla-2.6.31.14-0.6.1.nosrc.rpm
http://download.opensuse.org/update/11.2/rpm/src/kernel-xen-2.6.31.14-0.6.1.nosrc.rpm

______________________________________________________________________________

5) Pending Vulnerabilities, Solutions, and Work-Arounds:

See SUSE Security Summary Report.
______________________________________________________________________________

6) Authenticity Verification and Additional Information

- Announcement authenticity verification:

SUSE security announcements are published via mailing lists and on Web
sites. The authenticity and integrity of a SUSE security announcement is
guaranteed by a cryptographic signature in each announcement. All SUSE
security announcements are published with a valid signature.

To verify the signature of the announcement, save it as text into a file
and run the command

gpg --verify

replacing with the name of the file where you saved the
announcement. The output for a valid signature looks like:

gpg: Signature made using RSA key ID 3D25D3D9
gpg: Good signature from "SuSE Security Team "

where is replaced by the date the document was signed.

If the security team's key is not contained in your key ring, you can
import it from the first installation CD. To import the key, use the
command

gpg --import gpg-pubkey-3d25d3d9-36e12d04.asc

- Package authenticity verification:

SUSE update packages are available on many mirror FTP servers all over the
world. While this service is considered valuable and important to the free
and open source software community, the authenticity and the integrity of
a package needs to be verified to ensure that it has not been tampered
with.

The internal rpm package signatures provide an easy way to verify the
authenticity of an RPM package. Use the command

rpm -v --checksig

to verify the signature of the package, replacing with the
filename of the RPM package downloaded. The package is unmodified if it
contains a valid signature from build@suse.de with the key ID 9C800ACA.

This key is automatically imported into the RPM database (on
RPMv4-based distributions) and the gpg key ring of 'root' during
installation. You can also find it on the first installation CD and at
the end of this announcement.

- SUSE runs two security mailing lists to which any interested party may
subscribe:

opensuse-security@opensuse.org
- General Linux and SUSE security discussion.
All SUSE security announcements are sent to this list.
To subscribe, send an e-mail to
.

opensuse-security-announce@opensuse.org
- SUSE's announce-only mailing list.
Only SUSE's security announcements are sent to this list.
To subscribe, send an e-mail to
.

[security-announce] SUSE Security Announcement: Linux kernel (SUSE-SA:2011:001)
______________________________________________________________________________

SUSE Security Announcement

Package: kernel
Announcement ID: SUSE-SA:2011:001
Date: Mon, 03 Jan 2011 15:00:00 +0000
Affected Products: openSUSE 11.3
Vulnerability Type: local privilege escalation, remote denial of service
CVSS v2 Base Score: 7.8 (AV:N/AC:L/Au:N/C:N/I:N/A:C)
SUSE Default Package: yes
Cross-References: CVE-2010-0435, CVE-2010-3067, CVE-2010-3432
CVE-2010-3437, CVE-2010-3442, CVE-2010-3861
CVE-2010-3865, CVE-2010-3874, CVE-2010-4072
CVE-2010-4073, CVE-2010-4078, CVE-2010-4080
CVE-2010-4081, CVE-2010-4082, CVE-2010-4083
CVE-2010-4157, CVE-2010-4158, CVE-2010-4162
CVE-2010-4163, CVE-2010-4164, CVE-2010-4165
CVE-2010-4169, CVE-2010-4175, CVE-2010-4258
CVE-2010-4347

Content of This Advisory:
1) Security Vulnerability Resolved:
Linux kernel security update
Problem Description
2) Solution or Work-Around
3) Special Instructions and Notes
4) Package Location and Checksums
5) Pending Vulnerabilities, Solutions, and Work-Arounds:
See SUSE Security Summary Report.
6) Authenticity Verification and Additional Information

______________________________________________________________________________

1) Problem Description and Brief Discussion

The openSUSE 11.3 kernel was updated to fix various bugs and security
issues.

Following security issues have been fixed:
CVE-2010-4347: A local user could inject ACPI code into the kernel
via the world-writable "custom_debug" file, allowing local privilege
escalation.

CVE-2010-4258: A local attacker could use a Oops (kernel crash) caused
by other flaws to write a 0 byte to a attacker controlled address
in the kernel. This could lead to privilege escalation together with
other issues.

CVE-2010-4157: A 32bit vs 64bit integer mismatch in gdth_ioctl_alloc
could lead to memory corruption in the GDTH driver.

CVE-2010-4165: The do_tcp_setsockopt function in net/ipv4/tcp.c
in the Linux kernel did not properly restrict TCP_MAXSEG (aka MSS)
values, which allows local users to cause a denial of service (OOPS)
via a setsockopt call that specifies a small value, leading to a
divide-by-zero error or incorrect use of a signed integer.

CVE-2010-4164: A remote (or local) attacker communicating over X.25
could cause a kernel panic by attempting to negotiate malformed
facilities.

CVE-2010-4175: A local attacker could cause memory overruns in the
RDS protocol stack, potentially crashing the kernel. So far it is
considered not to be exploitable.

CVE-2010-4169: Use-after-free vulnerability in mm/mprotect.c in the
Linux kernel allowed local users to cause a denial of service via
vectors involving an mprotect system call.

CVE-2010-3874: A minor heap overflow in the CAN network module
was fixed. Due to nature of the memory allocator it is likely not
exploitable.

CVE-2010-4158: A memory information leak in Berkeley packet filter
rules allowed local attackers to read uninitialized memory of the
kernel stack.

CVE-2010-4162: A local denial of service in the blockdevice layer
was fixed.

CVE-2010-4163: By submitting certain I/O requests with 0 length,
a local user could have caused a kernel panic.

CVE-2010-0435: The Hypervisor in KVM 83, when the Intel VT-x extension
is enabled, allows guest OS users to cause a denial of service
(NULL pointer dereference and host OS crash) via vectors related to
instruction emulation.

CVE-2010-3861: The ethtool_get_rxnfc function in net/core/ethtool.c
in the Linux kernel did not initialize a certain block of heap memory,
which allowed local users to obtain potentially sensitive information
via an ETHTOOL_GRXCLSRLALL ethtool command with a large info.rule_cnt
value.

CVE-2010-3442: Multiple integer overflows in the snd_ctl_new function
in sound/core/control.c in the Linux kernel allowed local users to
cause a denial of service (heap memory corruption) or possibly have
unspecified other impact via a crafted (1) SNDRV_CTL_IOCTL_ELEM_ADD or
(2) SNDRV_CTL_IOCTL_ELEM_REPLACE ioctl call.

CVE-2010-3437: A range checking overflow in pktcdvd ioctl was fixed.

CVE-2010-4078: The sisfb_ioctl function in drivers/video/sis/sis_main.c
in the Linux kernel did not properly initialize a certain structure
member, which allowed local users to obtain potentially sensitive
information from kernel stack memory via an FBIOGET_VBLANK ioctl call.

CVE-2010-4080: The snd_hdsp_hwdep_ioctl function in
sound/pci/rme9652/hdsp.c in the Linux kernel did not initialize
a certain structure, which allowed local users to obtain
potentially sensitive information from kernel stack memory via an
SNDRV_HDSP_IOCTL_GET_CONFIG_INFO ioctl call.

CVE-2010-4081: The snd_hdspm_hwdep_ioctl function in
sound/pci/rme9652/hdspm.c in the Linux kernel did not initialize
a certain structure, which allowed local users to obtain
potentially sensitive information from kernel stack memory via an
SNDRV_HDSPM_IOCTL_GET_CONFIG_INFO ioctl call.

CVE-2010-4082: The viafb_ioctl_get_viafb_info function in
drivers/video/via/ioctl.c in the Linux kernel did not properly
initialize a certain structure member, which allowed local users to
obtain potentially sensitive information from kernel stack memory
via a VIAFB_GET_INFO ioctl call.

CVE-2010-4073: The ipc subsystem in the Linux kernel did not
initialize certain structures, which allowed local users to obtain
potentially sensitive information from kernel stack memory via
vectors related to the (1) compat_sys_semctl, (2) compat_sys_msgctl,
and (3) compat_sys_shmctl functions in ipc/compat.c; and the (4)
compat_sys_mq_open and (5) compat_sys_mq_getsetattr functions in
ipc/compat_mq.c.

CVE-2010-4072: The copy_shmid_to_user function in ipc/shm.c in the
Linux kernel did not initialize a certain structure, which allowed
local users to obtain potentially sensitive information from kernel
stack memory via vectors related to the shmctl system call and the
"old shm interface."

CVE-2010-4083: The copy_semid_to_user function in ipc/sem.c in the
Linux kernel did not initialize a certain structure, which allowed
local users to obtain potentially sensitive information from kernel
stack memory via a (1) IPC_INFO, (2) SEM_INFO, (3) IPC_STAT, or (4)
SEM_STAT command in a semctl system call.

CVE-2010-3432: The sctp_packet_config function in net/sctp/output.c
in the Linux kernel performed extraneous initializations of packet
data structures, which allowed remote attackers to cause a denial of
service (panic) via a certain sequence of SCTP traffic.

CVE-2010-3067: Integer overflow in the do_io_submit function in
fs/aio.c in the Linux kernel allowed local users to cause a denial
of service or possibly have unspecified other impact via crafted use
of the io_submit system call.

CVE-2010-3865: A iovec integer overflow in RDS sockets was fixed
which could lead to local attackers gaining kernel privileges.

2) Solution or Work-Around

There is no known workaround, please install the update packages.

3) Special Instructions and Notes

Please reboot the machine after installing the update.

4) Package Location and Checksums

The preferred method for installing security updates is to use the YaST
"Online Update" module or the "zypper" commandline tool. The package and
patch management stack will detect which updates are required and
automatically perform the necessary steps to verify and install them.

Alternatively, download the update packages for your distribution manually
and verify their integrity by the methods listed in Section 6 of this
announcement. Then install the packages using the command

rpm -Fhv

to apply the update, replacing with the filename of the
downloaded RPM package.


x86 Platform:

openSUSE 11.3:
http://download.opensuse.org/update/11.3/rpm/i586/kernel-debug-2.6.34.7-0.7.1.i586.rpm
http://download.opensuse.org/update/11.3/rpm/i586/kernel-debug-base-2.6.34.7-0.7.1.i586.rpm
http://download.opensuse.org/update/11.3/rpm/i586/kernel-debug-devel-2.6.34.7-0.7.1.i586.rpm
http://download.opensuse.org/update/11.3/rpm/i586/kernel-default-2.6.34.7-0.7.1.i586.rpm
http://download.opensuse.org/update/11.3/rpm/i586/kernel-default-base-2.6.34.7-0.7.1.i586.rpm
http://download.opensuse.org/update/11.3/rpm/i586/kernel-default-devel-2.6.34.7-0.7.1.i586.rpm
http://download.opensuse.org/update/11.3/rpm/i586/kernel-desktop-2.6.34.7-0.7.1.i586.rpm
http://download.opensuse.org/update/11.3/rpm/i586/kernel-desktop-base-2.6.34.7-0.7.1.i586.rpm
http://download.opensuse.org/update/11.3/rpm/i586/kernel-desktop-devel-2.6.34.7-0.7.1.i586.rpm
http://download.opensuse.org/update/11.3/rpm/i586/kernel-ec2-2.6.34.7-0.7.1.i586.rpm
http://download.opensuse.org/update/11.3/rpm/i586/kernel-ec2-base-2.6.34.7-0.7.1.i586.rpm
http://download.opensuse.org/update/11.3/rpm/i586/kernel-ec2-devel-2.6.34.7-0.7.1.i586.rpm
http://download.opensuse.org/update/11.3/rpm/i586/kernel-ec2-extra-2.6.34.7-0.7.1.i586.rpm
http://download.opensuse.org/update/11.3/rpm/i586/kernel-pae-2.6.34.7-0.7.1.i586.rpm
http://download.opensuse.org/update/11.3/rpm/i586/kernel-pae-base-2.6.34.7-0.7.1.i586.rpm
http://download.opensuse.org/update/11.3/rpm/i586/kernel-pae-devel-2.6.34.7-0.7.1.i586.rpm
http://download.opensuse.org/update/11.3/rpm/i586/kernel-syms-2.6.34.7-0.7.1.i586.rpm
http://download.opensuse.org/update/11.3/rpm/i586/kernel-trace-2.6.34.7-0.7.1.i586.rpm
http://download.opensuse.org/update/11.3/rpm/i586/kernel-trace-base-2.6.34.7-0.7.1.i586.rpm
http://download.opensuse.org/update/11.3/rpm/i586/kernel-trace-devel-2.6.34.7-0.7.1.i586.rpm
http://download.opensuse.org/update/11.3/rpm/i586/kernel-vanilla-2.6.34.7-0.7.1.i586.rpm
http://download.opensuse.org/update/11.3/rpm/i586/kernel-vanilla-base-2.6.34.7-0.7.1.i586.rpm
http://download.opensuse.org/update/11.3/rpm/i586/kernel-vanilla-devel-2.6.34.7-0.7.1.i586.rpm
http://download.opensuse.org/update/11.3/rpm/i586/kernel-vmi-2.6.34.7-0.7.1.i586.rpm
http://download.opensuse.org/update/11.3/rpm/i586/kernel-vmi-base-2.6.34.7-0.7.1.i586.rpm
http://download.opensuse.org/update/11.3/rpm/i586/kernel-vmi-devel-2.6.34.7-0.7.1.i586.rpm
http://download.opensuse.org/update/11.3/rpm/i586/kernel-xen-2.6.34.7-0.7.1.i586.rpm
http://download.opensuse.org/update/11.3/rpm/i586/kernel-xen-base-2.6.34.7-0.7.1.i586.rpm
http://download.opensuse.org/update/11.3/rpm/i586/kernel-xen-devel-2.6.34.7-0.7.1.i586.rpm
http://download.opensuse.org/update/11.3/rpm/i586/preload-kmp-default-1.1_k2.6.34.7_0.7-19.1.11.i586.rpm
http://download.opensuse.org/update/11.3/rpm/i586/preload-kmp-desktop-1.1_k2.6.34.7_0.7-19.1.11.i586.rpm

Platform Independent:

openSUSE 11.3:
http://download.opensuse.org/update/11.3/rpm/noarch/kernel-devel-2.6.34.7-0.7.1.noarch.rpm
http://download.opensuse.org/update/11.3/rpm/noarch/kernel-source-2.6.34.7-0.7.1.noarch.rpm
http://download.opensuse.org/update/11.3/rpm/noarch/kernel-source-vanilla-2.6.34.7-0.7.1.noarch.rpm

x86-64 Platform:

openSUSE 11.3:
http://download.opensuse.org/update/11.3/rpm/x86_64/kernel-debug-2.6.34.7-0.7.1.x86_64.rpm
http://download.opensuse.org/update/11.3/rpm/x86_64/kernel-debug-base-2.6.34.7-0.7.1.x86_64.rpm
http://download.opensuse.org/update/11.3/rpm/x86_64/kernel-debug-devel-2.6.34.7-0.7.1.x86_64.rpm
http://download.opensuse.org/update/11.3/rpm/x86_64/kernel-default-2.6.34.7-0.7.1.x86_64.rpm
http://download.opensuse.org/update/11.3/rpm/x86_64/kernel-default-base-2.6.34.7-0.7.1.x86_64.rpm
http://download.opensuse.org/update/11.3/rpm/x86_64/kernel-default-devel-2.6.34.7-0.7.1.x86_64.rpm
http://download.opensuse.org/update/11.3/rpm/x86_64/kernel-desktop-2.6.34.7-0.7.1.x86_64.rpm
http://download.opensuse.org/update/11.3/rpm/x86_64/kernel-desktop-base-2.6.34.7-0.7.1.x86_64.rpm
http://download.opensuse.org/update/11.3/rpm/x86_64/kernel-desktop-devel-2.6.34.7-0.7.1.x86_64.rpm
http://download.opensuse.org/update/11.3/rpm/x86_64/kernel-ec2-2.6.34.7-0.7.1.x86_64.rpm
http://download.opensuse.org/update/11.3/rpm/x86_64/kernel-ec2-base-2.6.34.7-0.7.1.x86_64.rpm
http://download.opensuse.org/update/11.3/rpm/x86_64/kernel-ec2-devel-2.6.34.7-0.7.1.x86_64.rpm
http://download.opensuse.org/update/11.3/rpm/x86_64/kernel-ec2-extra-2.6.34.7-0.7.1.x86_64.rpm
http://download.opensuse.org/update/11.3/rpm/x86_64/kernel-syms-2.6.34.7-0.7.1.x86_64.rpm
http://download.opensuse.org/update/11.3/rpm/x86_64/kernel-trace-2.6.34.7-0.7.1.x86_64.rpm
http://download.opensuse.org/update/11.3/rpm/x86_64/kernel-trace-base-2.6.34.7-0.7.1.x86_64.rpm
http://download.opensuse.org/update/11.3/rpm/x86_64/kernel-trace-devel-2.6.34.7-0.7.1.x86_64.rpm
http://download.opensuse.org/update/11.3/rpm/x86_64/kernel-vanilla-2.6.34.7-0.7.1.x86_64.rpm
http://download.opensuse.org/update/11.3/rpm/x86_64/kernel-vanilla-base-2.6.34.7-0.7.1.x86_64.rpm
http://download.opensuse.org/update/11.3/rpm/x86_64/kernel-vanilla-devel-2.6.34.7-0.7.1.x86_64.rpm
http://download.opensuse.org/update/11.3/rpm/x86_64/kernel-xen-2.6.34.7-0.7.1.x86_64.rpm
http://download.opensuse.org/update/11.3/rpm/x86_64/kernel-xen-base-2.6.34.7-0.7.1.x86_64.rpm
http://download.opensuse.org/update/11.3/rpm/x86_64/kernel-xen-devel-2.6.34.7-0.7.1.x86_64.rpm
http://download.opensuse.org/update/11.3/rpm/x86_64/preload-kmp-default-1.1_k2.6.34.7_0.7-19.1.11.x86_64.rpm
http://download.opensuse.org/update/11.3/rpm/x86_64/preload-kmp-desktop-1.1_k2.6.34.7_0.7-19.1.11.x86_64.rpm

Sources:

openSUSE 11.3:
http://download.opensuse.org/update/11.3/rpm/src/kernel-debug-2.6.34.7-0.7.1.nosrc.rpm
http://download.opensuse.org/update/11.3/rpm/src/kernel-default-2.6.34.7-0.7.1.nosrc.rpm
http://download.opensuse.org/update/11.3/rpm/src/kernel-desktop-2.6.34.7-0.7.1.nosrc.rpm
http://download.opensuse.org/update/11.3/rpm/src/kernel-ec2-2.6.34.7-0.7.1.nosrc.rpm
http://download.opensuse.org/update/11.3/rpm/src/kernel-pae-2.6.34.7-0.7.1.nosrc.rpm
http://download.opensuse.org/update/11.3/rpm/src/kernel-source-2.6.34.7-0.7.1.src.rpm
http://download.opensuse.org/update/11.3/rpm/src/kernel-syms-2.6.34.7-0.7.1.src.rpm
http://download.opensuse.org/update/11.3/rpm/src/kernel-trace-2.6.34.7-0.7.1.nosrc.rpm
http://download.opensuse.org/update/11.3/rpm/src/kernel-vanilla-2.6.34.7-0.7.1.nosrc.rpm
http://download.opensuse.org/update/11.3/rpm/src/kernel-vmi-2.6.34.7-0.7.1.nosrc.rpm
http://download.opensuse.org/update/11.3/rpm/src/kernel-xen-2.6.34.7-0.7.1.nosrc.rpm

______________________________________________________________________________

5) Pending Vulnerabilities, Solutions, and Work-Arounds:

none
______________________________________________________________________________

6) Authenticity Verification and Additional Information

- Announcement authenticity verification:

SUSE security announcements are published via mailing lists and on Web
sites. The authenticity and integrity of a SUSE security announcement is
guaranteed by a cryptographic signature in each announcement. All SUSE
security announcements are published with a valid signature.

To verify the signature of the announcement, save it as text into a file
and run the command

gpg --verify

replacing with the name of the file where you saved the
announcement. The output for a valid signature looks like:

gpg: Signature made using RSA key ID 3D25D3D9
gpg: Good signature from "SuSE Security Team "

where is replaced by the date the document was signed.

If the security team's key is not contained in your key ring, you can
import it from the first installation CD. To import the key, use the
command

gpg --import gpg-pubkey-3d25d3d9-36e12d04.asc

- Package authenticity verification:

SUSE update packages are available on many mirror FTP servers all over the
world. While this service is considered valuable and important to the free
and open source software community, the authenticity and the integrity of
a package needs to be verified to ensure that it has not been tampered
with.

The internal rpm package signatures provide an easy way to verify the
authenticity of an RPM package. Use the command

rpm -v --checksig

to verify the signature of the package, replacing with the
filename of the RPM package downloaded. The package is unmodified if it
contains a valid signature from build@suse.de with the key ID 9C800ACA.

This key is automatically imported into the RPM database (on
RPMv4-based distributions) and the gpg key ring of 'root' during
installation. You can also find it on the first installation CD and at
the end of this announcement.

- SUSE runs two security mailing lists to which any interested party may
subscribe:

opensuse-security@opensuse.org
- General Linux and SUSE security discussion.
All SUSE security announcements are sent to this list.
To subscribe, send an e-mail to
.

opensuse-security-announce@opensuse.org
- SUSE's announce-only mailing list.
Only SUSE's security announcements are sent to this list.
To subscribe, send an e-mail to
.

openSUSE Kernel Updates



Kernel Update for CentOS 5