[Full-Disclosure] [TURBOLINUX SECURITY INFO] 28/Feb/2005

From: Turbolinux (security-announce_at_turbolinux.co.jp)
Date: 02/28/05

  • Next message: Bart.Lansing_at_kohls.com: "RE: [lists] RE: [Full-Disclosure] Awake a modem with AT commands" 
    Date: Mon, 28 Feb 2005 19:29:19 +0900
To: security-announce@turbolinux.co.jp

    -----BEGIN PGP SIGNED MESSAGE-----
    Hash: SHA1

    This is an announcement only email list for the x86 architecture.
    ============================================================
    Turbolinux Security Announcement 28/Feb/2005
    ============================================================

    The following page contains the security information of Turbolinux Inc.

     - Turbolinux Security Center
       http://www.turbolinux.com/security/

     (1) kernel -> Multiple vulnerabilities exist in the Linux kernel

    ===========================================================
    * kernel -> Multiple vulnerabilities exist in the Linux kernel
    ===========================================================

     More information:
        The kernel package contains the Linux kernel -- the core of the Linux
        operating system.

     Impact:
        Please refer to the "References" section.

     Affected Products:
        - Turbolinux Appliance Server 1.0 Hosting Edition
        - Turbolinux Appliance Server 1.0 Workgroup Edition
        - Turbolinux 10 Server
        - Turbolinux Home
        - Turbolinux 10 F...
        - Turbolinux 10 Desktop
        - Turbolinux 8 Server
        - Turbolinux 8 Workstation
        - Turbolinux 7 Server
        - Turbolinux 7 Workstation

     Solution:
        Please use the turbopkg (zabom) tool to apply the update.
     ---------------------------------------------
     [Turbolinux 10 Server, Turbolinux 10 Desktop, Turbolinux 10 F...,
      Turbolinux Home]
     # turbopkg
     or
     # zabom -u kernel kernel-extramodules kernel-headers kernel-numa \
                kernel-pcmcia-cs kernel-smp kernel-smp64G kernel-source
     [other]
     # turbopkg
     or
     # zabom update kernel kernel-BOOT kernel-doc kernel-headers \
                    kernel-pcmcia-cs kernel-smp kernel-smp64G kernel-source
     ---------------------------------------------

     <Turbolinux Appliance Server 1.0 Hosting Edition>

       Source Packages
       Size: MD5

       kernel-2.4.25-11.src.rpm
         37282641 061e6ff1934c06795f7e4e68d3fcc4bf

       Binary Packages
       Size: MD5

       kernel-2.4.25-11.i586.rpm
         13870636 0684f45c3ec096b3081bdc1e1b6f64f6
       kernel-BOOT-2.4.25-11.i586.rpm
          6946804 30a823dfdfb06d316ecd5539200a51ef
       kernel-doc-2.4.25-11.i586.rpm
          1574609 9535386626edec172ac2897183345c6e
       kernel-headers-2.4.25-11.i586.rpm
          2001727 5560df69f68309e7320467da0e9e077f
       kernel-pcmcia-cs-2.4.25-11.i586.rpm
           367496 8be1b186cec318b0e0c3cff459124a97
       kernel-smp-2.4.25-11.i586.rpm
         14289451 e925decf7f0008149f2b19e479bc7380
       kernel-smp64G-2.4.25-11.i586.rpm
         14251578 5b1696ed8ed296204cc5bcaad145a9db
       kernel-source-2.4.25-11.i586.rpm
         27612251 f316c537a3e89afe21a9b2df4204a122

     <Turbolinux Appliance Server 1.0 Workgroup Edition>

       Source Packages
       Size: MD5

       kernel-2.4.25-11.src.rpm
         37282641 061e6ff1934c06795f7e4e68d3fcc4bf

       Binary Packages
       Size: MD5

       kernel-2.4.25-11.i586.rpm
         13870636 0684f45c3ec096b3081bdc1e1b6f64f6
       kernel-BOOT-2.4.25-11.i586.rpm
          6946804 30a823dfdfb06d316ecd5539200a51ef
       kernel-doc-2.4.25-11.i586.rpm
          1574609 9535386626edec172ac2897183345c6e
       kernel-headers-2.4.25-11.i586.rpm
          2001727 5560df69f68309e7320467da0e9e077f
       kernel-pcmcia-cs-2.4.25-11.i586.rpm
           367496 8be1b186cec318b0e0c3cff459124a97
       kernel-smp-2.4.25-11.i586.rpm
         14289451 e925decf7f0008149f2b19e479bc7380
       kernel-smp64G-2.4.25-11.i586.rpm
         14251578 5b1696ed8ed296204cc5bcaad145a9db
       kernel-source-2.4.25-11.i586.rpm
         27612251 f316c537a3e89afe21a9b2df4204a122

     <Turbolinux 10 Server>

       Source Packages
       Size: MD5

       ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/10/updates/SRPMS/kernel-2.6.8-4.src.rpm
         55425385 d94e748d0516a9520848f2c01b8aea7b

       Binary Packages
       Size: MD5

       ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/10/updates/RPMS/kernel-2.6.8-4.i586.rpm
         16551194 6736c1100ad77992d4949e85af617b10
       ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/10/updates/RPMS/kernel-doc-2.6.8-4.i586.rpm
          1785569 e3270b94cf48cd421e9258b9bd9d203f
       ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/10/updates/RPMS/kernel-extramodules-2.6.8-4.i586.rpm
          8031570 7c3cd07af119f8cc693fa591ec922108
       ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/10/updates/RPMS/kernel-headers-2.6.8-4.i586.rpm
          1898127 3045e9e5e7d1f99fd7f0a991a3b0dc08
       ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/10/updates/RPMS/kernel-numa-2.6.8-4.i586.rpm
         16327980 0a66ece57899a80a61c53a1fb716f4dd
       ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/10/updates/RPMS/kernel-pcmcia-cs-2.6.8-4.i586.rpm
           336191 5a8dd1335ab98b96d98893f9f417b8f7
       ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/10/updates/RPMS/kernel-smp-2.6.8-4.i586.rpm
         16297749 2a71f9d9da17e3230018373bfd90df7a
       ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/10/updates/RPMS/kernel-smp64G-2.6.8-4.i586.rpm
         16307312 d1822cc38bbb7477956078001014b8d4
       ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/10/updates/RPMS/kernel-source-2.6.8-4.i586.rpm
         32811724 a8a58a03c3a0dc166397b45a165f62cd

     <Turbolinux 10 Desktop, Turbolinux 10 F..., Turbolinux Home>

       Source Packages
       Size: MD5

       ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Desktop/10/updates/SRPMS/kernel-2.6.0-20.src.rpm
         48145649 85e41bfa4f27ecd30315931c25553388

       Binary Packages
       Size: MD5

       ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Desktop/10/updates/RPMS/kernel-2.6.0-20.i586.rpm
         13366026 73c870bab7e2baf9edc28c8a7b6a34c4
       ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Desktop/10/updates/RPMS/kernel-doc-2.6.0-20.i586.rpm
          1667157 a341e8374294f70092ecd956b253e5ae
       ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Desktop/10/updates/RPMS/kernel-extramodules-2.6.0-20.i586.rpm
          3408511 150623b9be20d2e0ec1926b7766bae8e
       ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Desktop/10/updates/RPMS/kernel-headers-2.6.0-20.i586.rpm
          1758282 7c3c7e5f82c4335e9aed19e2d28248ab
       ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Desktop/10/updates/RPMS/kernel-pcmcia-cs-2.6.0-20.i586.rpm
           322451 4e1ce97e6c86fc7b3934b7ef9252da5a
       ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Desktop/10/updates/RPMS/kernel-smp-2.6.0-20.i586.rpm
         13810651 704dee4e4336f7e88b52844d90525bab
       ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Desktop/10/updates/RPMS/kernel-source-2.6.0-20.i586.rpm
         28681826 7ee6aaedbb7782da1668c648c66dd4fd

     <Turbolinux 8 Server>

       Source Packages
       Size: MD5

       ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/8/updates/SRPMS/kernel-2.4.18-23.src.rpm
         42550392 4149371505c2bf35698670a3bf7c208c

       Binary Packages
       Size: MD5

       ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/8/updates/RPMS/kernel-2.4.18-23.i586.rpm
         14114408 b44a5a4ba78d84c7f47bccdd33bcda72
       ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/8/updates/RPMS/kernel-BOOT-2.4.18-23.i586.rpm
          7164578 8b450e919d368d6ca1c954d03868b422
       ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/8/updates/RPMS/kernel-doc-2.4.18-23.i586.rpm
          1457677 ed146ec9a0cfac9951c064b051aee769
       ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/8/updates/RPMS/kernel-headers-2.4.18-23.i586.rpm
          1824833 e7a8205459d440b34b28872aedcbd72b
       ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/8/updates/RPMS/kernel-pcmcia-cs-2.4.18-23.i586.rpm
           331636 ddd76641c8e23637e3447a3952809f0e
       ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/8/updates/RPMS/kernel-smp-2.4.18-23.i586.rpm
         14622754 2ef7c8dfee58f1719b9d3028f60c9d93
       ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/8/updates/RPMS/kernel-smp64G-2.4.18-23.i586.rpm
         14624812 e7b3b6229e810ad03aa6824740358881
       ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/8/updates/RPMS/kernel-source-2.4.18-23.i586.rpm
         26617370 ea868359a51aeac656d6e55c43c0b856

     <Turbolinux 8 Workstation>

       Source Packages
       Size: MD5

       ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Workstation/8/updates/SRPMS/kernel-2.4.18-23.src.rpm
         42550392 4149371505c2bf35698670a3bf7c208c

       Binary Packages
       Size: MD5

       ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Workstation/8/updates/RPMS/kernel-2.4.18-23.i586.rpm
         14114408 b44a5a4ba78d84c7f47bccdd33bcda72
       ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Workstation/8/updates/RPMS/kernel-BOOT-2.4.18-23.i586.rpm
          7164578 8b450e919d368d6ca1c954d03868b422
       ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Workstation/8/updates/RPMS/kernel-doc-2.4.18-23.i586.rpm
          1457677 ed146ec9a0cfac9951c064b051aee769
       ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Workstation/8/updates/RPMS/kernel-headers-2.4.18-23.i586.rpm
          1824833 e7a8205459d440b34b28872aedcbd72b
       ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Workstation/8/updates/RPMS/kernel-pcmcia-cs-2.4.18-23.i586.rpm
           331636 ddd76641c8e23637e3447a3952809f0e
       ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Workstation/8/updates/RPMS/kernel-smp-2.4.18-23.i586.rpm
         14622754 2ef7c8dfee58f1719b9d3028f60c9d93
       ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Workstation/8/updates/RPMS/kernel-smp64G-2.4.18-23.i586.rpm
         14624812 e7b3b6229e810ad03aa6824740358881
       ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Workstation/8/updates/RPMS/kernel-source-2.4.18-23.i586.rpm
         26617370 ea868359a51aeac656d6e55c43c0b856

     <Turbolinux 7 Server>

       Source Packages
       Size: MD5

       ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/7/updates/SRPMS/kernel-2.4.18-23.src.rpm
         42550392 4149371505c2bf35698670a3bf7c208c

       Binary Packages
       Size: MD5

       ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/7/updates/RPMS/kernel-2.4.18-23.i586.rpm
         14114408 b44a5a4ba78d84c7f47bccdd33bcda72
       ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/7/updates/RPMS/kernel-BOOT-2.4.18-23.i586.rpm
          7164578 8b450e919d368d6ca1c954d03868b422
       ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/7/updates/RPMS/kernel-doc-2.4.18-23.i586.rpm
          1457677 ed146ec9a0cfac9951c064b051aee769
       ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/7/updates/RPMS/kernel-headers-2.4.18-23.i586.rpm
          1824833 e7a8205459d440b34b28872aedcbd72b
       ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/7/updates/RPMS/kernel-pcmcia-cs-2.4.18-23.i586.rpm
           331636 ddd76641c8e23637e3447a3952809f0e
       ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/7/updates/RPMS/kernel-smp-2.4.18-23.i586.rpm
         14622754 2ef7c8dfee58f1719b9d3028f60c9d93
       ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/7/updates/RPMS/kernel-smp64G-2.4.18-23.i586.rpm
         14624812 e7b3b6229e810ad03aa6824740358881
       ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/7/updates/RPMS/kernel-source-2.4.18-23.i586.rpm
         26617370 ea868359a51aeac656d6e55c43c0b856

     <Turbolinux 7 Workstation>

       Source Packages
       Size: MD5

       ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Workstation/7/updates/SRPMS/kernel-2.4.18-23.src.rpm
         42550392 4149371505c2bf35698670a3bf7c208c

       Binary Packages
       Size: MD5

       ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Workstation/7/updates/RPMS/kernel-2.4.18-23.i586.rpm
         14114408 b44a5a4ba78d84c7f47bccdd33bcda72
       ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Workstation/7/updates/RPMS/kernel-BOOT-2.4.18-23.i586.rpm
          7164578 8b450e919d368d6ca1c954d03868b422
       ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Workstation/7/updates/RPMS/kernel-doc-2.4.18-23.i586.rpm
          1457677 ed146ec9a0cfac9951c064b051aee769
       ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Workstation/7/updates/RPMS/kernel-headers-2.4.18-23.i586.rpm
          1824833 e7a8205459d440b34b28872aedcbd72b
       ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Workstation/7/updates/RPMS/kernel-pcmcia-cs-2.4.18-23.i586.rpm
           331636 ddd76641c8e23637e3447a3952809f0e
       ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Workstation/7/updates/RPMS/kernel-smp-2.4.18-23.i586.rpm
         14622754 2ef7c8dfee58f1719b9d3028f60c9d93
       ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Workstation/7/updates/RPMS/kernel-smp64G-2.4.18-23.i586.rpm
         14624812 e7b3b6229e810ad03aa6824740358881
       ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Workstation/7/updates/RPMS/kernel-source-2.4.18-23.i586.rpm
         26617370 ea868359a51aeac656d6e55c43c0b856

     References:

     CVE
       [CAN-2004-0814]
       http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0814
       [CAN-2004-0816]
       http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0816
       [CAN-2004-0883]
       http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0883
       [CAN-2004-0949]
       http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0949
       [CAN-2004-1016]
       http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1016
       [CAN-2004-1058]
       http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1058
       [CAN-2004-1068]
       http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1068
       [CAN-2004-1069]
       http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1069
       [CAN-2004-1137]
       http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1137
       [CAN-2004-1151]
       http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1151
       [CAN-2004-1235]
       http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1235
       [CAN-2005-0001]
       http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0001
       [CAN-2005-0003]
       http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0003

     linux-kernel
       http://marc.theaimsgroup.com/?l=linux-kernel&m=110132782610477
       http://marc.theaimsgroup.com/?l=linux-kernel&m=110137276318105

     BitKeeper hosted project linux
       http://linux.bkbits.net:8080/linux-2.6/cset@41e2bfbeOiXFga62XrBhzm7Kv9QDmQ
       http://linux.bkbits.net:8080/linux-2.6/cset@41ddda70CWJb5nNL71T4MOlG2sMG8A
       http://linux.bkbits.net:8080/linux-2.6/cset@41bc900azV2y9j9FSjVLwmow0n5mmQ

     Full-Disclosure
       http://lists.netsys.com/pipermail/full-disclosure/2005-January/030660.html

     * You may need to update the turbopkg tool before applying the update.
    Please refer to the following URL for detailed information.

      http://www.turbolinux.com/download/zabom.html
      http://www.turbolinux.com/download/zabomupdate.html

    Package Update Path
    http://www.turbolinux.com/update/

    ============================================================
     * To obtain the public key

    Here is the public key

     http://www.turbolinux.com/security/

     * To unsubscribe from the list

    If you ever want to remove yourself from this mailing list,
      you can send a message to <server-users-e-ctl@turbolinux.co.jp> with
    the word `unsubscribe' in the body (don't include the quotes).

    unsubscribe

     * To change your email address

    If you ever want to chage email address in this mailing list,
      you can send a message to <server-users-e-ctl@turbolinux.co.jp> with
    the following command in the message body:

      chaddr 'old address' 'new address'

    If you have any questions or problems, please contact
    <supp_info@turbolinux.co.jp>

    Thank you!

    -----BEGIN PGP SIGNATURE-----
    Version: GnuPG v1.2.7 (GNU/Linux)

    iD8DBQFCIvKDK0LzjOqIJMwRAncWAJ9Td/KT9rtZ7Xp8I2IZniUpHyxPtQCfaVf7
    UOb491fmX1YKbHFMTkc+CJk=
    =1iyf
    -----END PGP SIGNATURE-----

    _______________________________________________
    Full-Disclosure - We believe in it.
    Charter: http://lists.netsys.com/full-disclosure-charter.html

  • Next message: Bart.Lansing_at_kohls.com: "RE: [lists] RE: [Full-Disclosure] Awake a modem with AT commands"

    Relevant Pages