Slackware: 2004-008-01: Slackware 8.1 kernel Security Update
Summary
Here are the details from the Slackware 8.1 ChangeLog: Thu Jan 8 18:21:27 PST 2004 patches/kernels/*: These are 2.4.18 kernels containing a backported fix for a security problem with the kernel's mremap() function. A local user could exploit this hole to gain root privileges. For more details, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0985 After installing the new kernel, be sure to run 'lilo'. (* Security fix *) patches/packages/kernel-ide-2.4.18-i386-5.tgz: Patched mremap(). (* Security fix *) patches/packages/kernel-source-2.4.18-noarch-6.tgz: This is the source code from kernel-source-2.4.18-noarch-5 with the fix for mremap(). (* Security fix *) WHERE TO FIND THE NEW PACKAGES: Updated packages for Slackware 8.1: An alternate kernel may be installed. Those are found in this directory: ftp://ftp.slackware.com/pub/slackware/slackware-8.1/patches/kernels/ MD5 SIGNATURES: MD5 signatures may be downloaded from our FTP server: Slackware 8.1 packages: ftp://ftp.slackware.com/pub/slackware/slackware-8.1/patches/CHECKSUMS.md5 To verify authenticity, this file has been signed with the Slackware GPG key (use 'gpg --verify'): ftp://ftp.slackware.com/pub/slackware/slackware-8.1/patches/CHECKSUMS.md5.asc INSTALLATION INSTRUCTIONS: Use upgradepkg to install the new kernel, kernel-modules, and alsa packages. After installing the kernel-ide package you will need to run lilo ('lilo' at a command prompt) or create a new system boot disk ('makebootdisk'), and reboot. If desired, a kernel from the kernels/ directory may be used instead. For example, to use the kernel in kernels/scsi.s/, you would copy it to the boot directory like this: cd kernels/scsi.s cp bzImage /boot/vmlinuz-scsi.s-2.4.18 Create a symbolic link: ln -sf /boot/vmlinuz-scsi.s-2.4.18 /boot/vmlinuz Then, run 'lilo' or create a new system boot disk and reboot.
Where Find New Packages
MD5 Signatures
Installation Instructions