From jh at tinysofa.org Thu Apr 7 18:18:13 2005
From: jh at tinysofa.org (Jaakko Heinonen)
Date: Thu, 7 Apr 2005 21:18:13 +0300
Subject: [tinysofa-announce] tinysofa classic server 2.0
Message-ID: <20050407181812.GA1272@ws.jh.dy.fi>
tinysofa classic server 2.0 (Ceara) is now generally available.
This is a major release which culminates many months of development and
testing, and incorporates the latest in open source technology.
"Ceara" features: The Linux 2.6.11 kernel, grsecurity support, APT for
advanced package management, the next generation PHP 5 environment
(5.0.3), high availability features such as DRBD (0.7.10) and UCARP
(1.1), the latest development tools and languages (gcc 3.4.3, Python
2.4), and much more.
tinysofa classic server may be downloaded from:
http://classic.tinysofa.org/download/
--
Jaakko
From security at tinysofa.org Thu Apr 21 19:11:22 2005
From: security at tinysofa.org (tinysofa Security Team)
Date: Thu, 21 Apr 2005 15:11:22 -0400
Subject: [tinysofa-announce] TSSA-2005-021-ES - kernel
Message-ID: <20050421191122.GA15043@minbar.tinysofa.org>
===========================================================================
_
|_ . _ _ _ (_ _
|_ | | ) \/ _) (_) | (_|
/
Security Advisory #2005-021-ES
Package name: kernel
Summary: Multiple security fixes
Advisory ID: TSSA-2005-021-ES
Date: 2005-04-22
Affected versions: tinysofa enterprise server 2.0
CVE names: CAN-2005-0135 CAN-2005-0207 CAN-2005-0209 CAN-2005-0384
CAN-2005-0400 CAN-2005-0449 CAN-2005-0529 CAN-2005-0530
CAN-2005-0531 CAN-2005-0736 CAN-2005-0749 CAN-2005-0750
CAN-2005-0767 CAN-2005-0815 CAN-2005-0839 CAN-2005-0867
CAN-2005-0977 CAN-2005-1041
===========================================================================
Security Fixes
==============
Description
-----------
kernel:
* Linux [0] is a clone of the operating system Unix, written from
scratch by Linus Torvalds with assistance from a loosely-knit team of
hackers across the Net. It aims towards POSIX and Single UNIX
Specification compliance.
Issues resolved:
A flaw in the fib_seq_start function was discovered. A local user could
use this flaw to cause a denial of service (system crash) via
/proc/net/route. (CAN-2005-1041)
A flaw in the tmpfs file system was discovered. A local user could use
this flaw to cause a denial of service (system crash). (CAN-2005-0977)
An integer overflow flaw was found when writing to a sysfs file. A local
user could use this flaw to overwrite kernel memory, causing a denial of
service (system crash) or arbitrary code execution. (CAN-2005-0867)
Keith Owens reported a flaw in the Itanium unw_unwind_to_user function.
A local user could use this flaw to cause a denial of service
(system crash) on Itanium architectures. (CAN-2005-0135)
A flaw in the NFS client O_DIRECT error case handling was discovered. A
local user could use this flaw to cause a denial of service
(system crash). (CAN-2005-0207)
A flaw in fragment forwarding was discovered that affected the netfilter
subsystem for certain network interface cards. A remote attacker could
send a set of bad fragments and cause a denial of service
(system crash). Acenic and SunGEM network interfaces were the only
adapters affected, which are in widespread use. (CAN-2005-0209)
A flaw was discovered in the Linux PPP driver. On systems allowing
remote users to connect to a server using ppp, a remote client could
cause a denial of service (system crash). (CAN-2005-0384)
A flaw was discovered in the ext2 file system code. When a new directory
is created, the ext2 block written to disk is not initialized, which
could lead to an information leak if a disk image is made available to
unprivileged users. (CAN-2005-0400)
A flaw in fragment queuing was discovered that affected the Linux kernel
netfilter subsystem. On systems configured to filter or process network
packets (e.g. firewalling), a remote attacker could send a carefully
crafted set of fragmented packets to a machine and cause a denial of
service (system crash). In order to sucessfully exploit this flaw, the
attacker would need to know or guess some aspects of the firewall
ruleset on the target system. (CAN-2005-0449)
A number of flaws were found in the Linux 2.6 kernel. A local user could
use these flaws to read kernel memory or cause a denial of service
(crash). (CAN-2005-0529, CAN-2005-0530, CAN-2005-0531)
An integer overflow in sys_epoll_wait in eventpoll.c was discovered. A
local user could use this flaw to overwrite low kernel memory. This
memory is usually unused, not usually resulting in a security
consequence. (CAN-2005-0736)
A flaw when freeing a pointer in load_elf_library was discovered. A
local user could potentially use this flaw to cause a denial of service
(crash). (CAN-2005-0749)
A flaw was discovered in the bluetooth driver system. On systems where
the bluetooth modules are loaded, a local user could use this flaw to
gain elevated (root) privileges. (CAN-2005-0750)
A race condition was discovered that affected the Radeon DRI driver. A
local user who has DRI privileges on a Radeon graphics card may be able
to use this flaw to gain root privileges. (CAN-2005-0767)
Multiple range checking flaws were discovered in the iso9660 file system
handler. An attacker could create a malicious file system image which
would cause a denial or service or potentially execute arbitrary code if
mounted. (CAN-2005-0815)
A flaw was discovered when setting line discipline on a serial tty. A
local user may be able to use this flaw to inject mouse movements or
keystrokes when another user is logged in. (CAN-2005-0839)
References
----------
[0] http://www.kernel.org/
Recommended Action
==================
We recommend that all systems be upgraded as soon as possible.
Location
========
All tinysofa updates are available from
Automatic Updates
=================
Users of the APT tool can enjoy having updates automatically
installed using 'apt-get dist-upgrade'.
Please make sure that the new kernel is set as the default kernel
in /etc/grub.conf before rebooting. This can be achieved by changing
the 'default=' line to match the correct position of the new kernel
(which should be '0'.)
Questions?
==========
Check out our mailing lists:
Verification
============
This advisory is signed with the tinysofa security sign key.
This key is available from:
All tinysofa packages are signed with the tinysofa stable sign key.
This key is available from:
The advisory is available from the tinysofa errata database at
or directly at
MD5sums Of The Packages
=======================
[server-2.0]
1defcf27d7623bc79ebd18445aa9c0f4 kernel-2.6.9-5.0.5ts.i586.rpm
d5da4323e1a305e0287a4450ee6b451a kernel-2.6.9-5.0.5ts.i686.rpm
fa3ae8bfec5567008452dedba0f36e59 kernel-devel-2.6.9-5.0.5ts.i586.rpm
c3027fa594073f6cdbe70ad153f33090 kernel-devel-2.6.9-5.0.5ts.i686.rpm
ca33dbd3804b094a686e8819d1d1dc76 kernel-doc-2.6.9-5.0.5ts.noarch.rpm
e2cb731e44af0ae4297edbac94eeff12 kernel-smp-2.6.9-5.0.5ts.i686.rpm
954d8d814428f038815a0ec4398e1fad kernel-smp-devel-2.6.9-5.0.5ts.i686.rpm
--
tinysofa Security Team
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
Url : http://lists.tinysofa.org/pipermail/tinysofa-announce/attachments/20050421/59b416e6/attachment.bin