Slackware: 2004-119-01: kernel s Security Update
Summary
Here are the details from the Slackware 9.1 ChangeLog: Wed Apr 28 10:19:51 PDT 2004 patches/packages/kernel-ide-2.4.26-i486-2.tgz: The first version of this package included one of the old 2.4.22 kernels by mistake. Thanks to the many people who pointed out this error. Sorry! (* Security fix *) Tue Apr 27 15:25:29 PDT 2004 patches/packages/alsa-driver-0.9.8-i486-3.tgz: Recompiled for Linux 2.4.26. patches/packages/hotplug-2004_01_05-noarch-1.tgz: This adds bugfixes for using a 2.6.x kernel, and adds the broken via-ircc module to the hotplug blacklist. Note that upgrading the package will not replace an existing blacklist, but as far as I can tell there are no ill effects from trying to load via-ircc other than the ugly mess on the screen at boot time. patches/packages/kernel-ide-2.4.26-i486-1.tgz: Upgraded to Linux 2.4.26. patches/packages/kernel-headers-2.4.26-i386-1.tgz: Upgraded to Linux 2.4.26. patches/packages/kernel-modules-2.4.26-i486-1.tgz: Upgraded to Linux 2.4.26. patches/packages/kernel-source-2.4.26-noarch-1.tgz: Upgraded to Linux 2.4.26. patches/packages/kernels/*: Upgraded to Linux 2.4.26. These 2.4.26 kernel upgrades fix: an overflow in ip_setsockopt() [CAN-2004-0424] a flaw in do_fork() that could lead to a DoS an (unexploitable) overflow in panic() [CAN-2004-0394] For more details, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0394 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0424 (* Security fix *) WHERE TO FIND THE NEW PACKAGES: Updated packages for Slackware 9.1: ftp://ftp.slackware.com/pub/slackware/slackware-9.1/patches/packages/alsa-driver-0.9.8-i486-3.tgz ftp://ftp.slackware.com/pub/slackware/slackware-9.1/patches/packages/hotplug-2004_01_05-noarch-1.tgz ftp://ftp.slackware.com/pub/slackware/slackware-9.1/patches/packages/kernel-headers-2.4.26-i386-1.tgz ftp://ftp.slackware.com/pub/slackware/slackware-9.1/patches/packages/kernel-modules-2.4.26-i486-1.tgz New precompiled kernels: ftp://ftp.slackware.com/pub/slackware/slackware-9.1/patches/kernels/ Updated packages for Slackware -current: New precompiled kernels: ftp://ftp.slackware.com/pub/slackware/slackware-current/kernels/ MD5 SIGNATURES: Slackware 9.1 packages: e628350bb01c18d7a6ad4706961601d8 alsa-driver-0.9.8-i486-3.tgz be986b3ebfd3a398990b249422707b84 hotplug-2004_01_05-noarch-1.tgz b45ba64a70f256ff33b35fb1ca409063 kernel-headers-2.4.26-i386-1.tgz a834060c508607169e98db7ede93409d kernel-ide-2.4.26-i486-2.tgz b34e78fa2b9f451007fa3a0849faedfe kernel-modules-2.4.26-i486-1.tgz ac3437a4ade365dce9b94afb3cb85d75 kernel-source-2.4.26-noarch-1.tgz Slackware -current packages: aa05198221027c6ce9055595ee76c409 kernel-ide-2.4.26-i486-1.tgz 1d2f8a04342dbf8482f67d9787a693c4 kernel-modules-2.4.26-i486-1.tgz 9e726b8766e807147cf4859a6bb33f48 kernel-headers-2.4.26-i386-1.tgz ac3437a4ade365dce9b94afb3cb85d75 kernel-source-2.4.26-noarch-1.tgz 3922b3ebba1029e0f1041dc6a1926bd2 alsa-driver-1.0.4-i486-2.tgz INSTALLATION INSTRUCTIONS: Use upgradepkg to install the new packages. After installing the kernel-ide package you will need to run lilo ('lilo' at a command prompt) or create a new system boot disk ('makebootdisk'), and reboot. If desired, a kernel from the kernels/ directory may be used instead. For example, to use the kernel in kernels/scsi.s/, you would copy it to the boot directory like this: cd kernels/scsi.s cp bzImage /boot/vmlinuz-scsi.s-2.4.26 Create a symbolic link: ln -sf /boot/vmlinuz-scsi.s-2.4.26 /boot/vmlinuz Then, run 'lilo' or create a new system boot disk and reboot.
Where Find New Packages
MD5 Signatures
Installation Instructions