[rock-user] [Security Announcement] linux26 (RLSA-20060716-0…

ROCK Mailing List Archives

Attachments
Entire message
+ (text/plain)
Author: Daniel Jahre
Date:  
To: rock-user
Subject: [rock-user] [Security Announcement] linux26 (RLSA-20060716-01)
This is a ROCK Linux Security Announcement.

Package: linux26
Announcement ID: RLSA-20060716-01
Date: 2006-07-16
Affected Distributions: Crystal, LiveCD
Affected Releases: Crystal ROCK CLT
Cross References: none
Fixed at trunk revision: 7735

Content of this advisory:
1) Problem Description
2) Solution or Work-Around
3) Special instructions and notes
4) Updateing your source tree
5) Source package update
6) Binary package update

--------------------------------------------------------------------------------

1) Problem Description

a) local exploit in cdrom.c

b) local exploit in sys.c

c) race condition in /proc
for further information please look at
http://lists.grok.org.uk/pipermail/full-disclosure/2006-July/047907.html

http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.16.25


2) Solution or Workaround
There is no known Work-Around. Please update the package.

3) Special instruction and notes
Reboot the system after the kernel update.

4) Updateing your source tree
If you are using a subversion checkout of trunk, run:
 svn up

If you are using submaster run,
 sm sync
to merge the update from trunk into your tree

5) Source package update
As a user of an affected distribution you can update this package by
rebuilding it on your machine
run
 rocket updsrc
to update your local sources and
 rocket emerge linux=linux26
to install the updated package

6) Binary package update
there are no new binary packages available for this package yet.
_______________________________________________
rock-user mailing list

http://www.rocklinux.net/mailman/listinfo/rock-user