[SECURITY] Fedora Core 2 Update: kernel-2.6.6-1.435.2.3

Dave Jones davej at redhat.com
Fri Jul 2 08:00:18 UTC 2004


---------------------------------------------------------------------
Fedora Update Notification
FEDORA-2004-205
2004-07-02
---------------------------------------------------------------------
 
Product     : Fedora Core 2
Name        : kernel
Version     : 2.6.6
Release     : 1.435.2.3
Summary     : The Linux kernel (the core of the Linux operating system)
Description :
The kernel package contains the Linux kernel (vmlinuz), the core of any
Linux operating system.  The kernel handles the basic functions
of the operating system:  memory allocation, process allocation, device
input and output, etc.

During an audit of the Linux kernel, SUSE discovered a flaw in the
Linux kernel that inappropriately allows an unprivileged user to
change the group ID of a file to his/her own group ID.
The Common Vulnerabilities and Exposures project
(cve.mitre.org) has assigned the name CAN-2004-0497 to this issue.

All Fedora Core 2 users are advised to upgrade their kernels to the
packages associated with their machine architectures and configurations
as listed in this erratum. 

---------------------------------------------------------------------
 
* Thu Jul 01 2004 Dave Jones <davej at redhat.com>
- add patch to fix missing checks in fchown() (CAN-2004-0497)
 
 
---------------------------------------------------------------------
This update can be downloaded from:
  http://download.fedora.redhat.com/pub/fedora/linux/core/updates/2/
 
ddb4b34b166112b6e18278b99f3dec39  SRPMS/kernel-2.6.6-1.435.2.3.src.rpm
933427443d19a7d9a06020f500b00443  x86_64/kernel-2.6.6-1.435.2.3.x86_64.rpm
fc63711e46f8494a52a77feabe3e9a8e  x86_64/kernel-smp-2.6.6-1.435.2.3.x86_64.rpm
416741877a35c576231262c00bb38b50  x86_64/debug/kernel-debuginfo-2.6.6-1.435.2.3.x86_64.rpm
7d37a1595ea57de4d61291b0a9081c2a  x86_64/kernel-sourcecode-2.6.6-1.435.2.3.noarch.rpm
2e3849f67606f46eab33997ddbb6bbc2  x86_64/kernel-doc-2.6.6-1.435.2.3.noarch.rpm
4a9951a38513fc1eff4c05265d8e3f2f  i386/kernel-2.6.6-1.435.2.3.i586.rpm
0dbf523ec3892249f85e81084745325e  i386/kernel-smp-2.6.6-1.435.2.3.i586.rpm
4e7a159a18c17b1beef9147b5ced1732  i386/debug/kernel-debuginfo-2.6.6-1.435.2.3.i586.rpm
afa75cdde85075350eff4c4abbb528fd  i386/kernel-2.6.6-1.435.2.3.i686.rpm
8d85acd78585ae949db729e9df4de6d2  i386/kernel-smp-2.6.6-1.435.2.3.i686.rpm
85d35e6e392dd34ca0af5fe695c43278  i386/debug/kernel-debuginfo-2.6.6-1.435.2.3.i686.rpm
7d37a1595ea57de4d61291b0a9081c2a  i386/kernel-sourcecode-2.6.6-1.435.2.3.noarch.rpm
2e3849f67606f46eab33997ddbb6bbc2  i386/kernel-doc-2.6.6-1.435.2.3.noarch.rpm
 
This update can also be installed with the Update Agent; you can
launch the Update Agent with the 'up2date' command.
---------------------------------------------------------------------





More information about the announce mailing list