This is a ROCK Linux Security Announcement.
Package: linux26
Announcement ID: RLSA-20060716-01
Date: 2006-07-16
Affected Distributions: Crystal, LiveCD
Affected Releases: Crystal ROCK CLT
Cross References: none
Fixed at trunk revision: 7735
Content of this advisory:
1) Problem Description
2) Solution or Work-Around
3) Special instructions and notes
4) Updateing your source tree
5) Source package update
6) Binary package update
--------------------------------------------------------------------------------
1) Problem Description
a) local exploit in cdrom.c
b) local exploit in sys.c
c) race condition in /proc
for further information please look at
http://lists.grok.org.uk/pipermail/full-disclosure/2006-July/047907.html
http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.16.25
2) Solution or Workaround
There is no known Work-Around. Please update the package.
3) Special instruction and notes
Reboot the system after the kernel update.
4) Updateing your source tree
If you are using a subversion checkout of trunk, run:
svn up
If you are using submaster run,
sm sync
to merge the update from trunk into your tree
5) Source package update
As a user of an affected distribution you can update this package by
rebuilding it on your machine
run
rocket updsrc
to update your local sources and
rocket emerge linux=linux26
to install the updated package
6) Binary package update
there are no new binary packages available for this package yet.
_______________________________________________
rock-user mailing list
rock-user@rocklinux.org
http://www.rocklinux.net/mailman/listinfo/rock-user
(text/plain)
