커널 보안버그 수정
Web Browser 로는 FTP 접속이 불가능 합니다.
문서번호 : 1099488995
업데이트 : 2004.11.03
상세내용
커널의 보안 버그가 발표되었습니다. 꽤 많아서 원문 발췌 합니다.
- fix linux-2.4.21-file-offset-fixes.patch to work with older gcc
- versions e.g. on RH73 (Michal Jaegermann <michalharddata.com>)
-
- include various patches from RHEL which we didn't have yet:
- argument size checks in proc_tty.c, binfmt_elf.c, socket.c,
- char/vt.c, cdrom/cdu31a.c, arch/i386/kernel/mtrr.c ; type
check/ATIME fix in af_unix.c ; return checking in
- char/consolemap.c ; sanity check in isdn/pcbit/capi.c ; extra
- checks and type fixes in isdn/isdn_ppp.c, isdn/isdn_common.c ;
- eflasg fix in arch/i386/kernel/traps.c. (Michal Jaegermann
- <michalharddata.com>)
-
- add usb sparse patch (CAN-2004-0685) (mjcredhat.com)
- see http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=127921
-
- nfs patch from Trond to allow us to serve clients which use
- cookies != 8 bytes, OSX 10.3 uses 30 FreeBSD uses 20...
- See http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=125996
- http://www.fys.uio.no/~trondmy/src/Linux-2.4.x/2.4.23-rc1/linux-2.4.23-03-fix_osx.dif
-
- add in updated fix for e1000, qla /proc permissions fix
- fix possible races/overflows in file offset handling (Alexander Viro)
-
- loosely based on fc1 changes by Dave Jones <davejredhat.com>
- add patch to fix missing checks in fchown() (CAN-2004-0497)
- Drop Broadcom 5820 driver due to code quality concerns.
-
- Fix memory leak in kernel/fork.c. (CAN-2004-0427)
- Numerous userspace pointer reference bugs found with the sparse
tool by Al Viro. (CAN-2004-0495)
- Fix e1000 driver information leak. (CAN-2004-0535)
-
- Fix local DoS in "clear_cpu()" macro. (CAN-2004-0554)
-
- Fix information leak in cpufreq userspace ioctl. (CAN-2004-0228)
- Fix for C1 Halt Disconnect problem on nForce2 systems.
-
- Fix potential local denial of service in sb16 driver (CAN-2004-0178)
- Fix information leak in JFS (CAN-2004-0181)
- Add range checking to i810_dma() in DRM driver.
- Make ioctl(FBIOGETCMAP) use copy_to_user() rather than memcpy()
- Fix possible buffer overflow in panic() (CAN-2004-0394)
Autoupdates 지원 : Packages system. 1.0 에서는 수동 관리 요
update 패키지
RPMS :
. kernel-2.4.20-21.i386.rpm
. kernel-2.4.20-21.i686.rpm
. kernel-bigmem-2.4.20-21.i686.rpm
. kernel-PIII-2.4.20-21.i686.rpm
. kernel-PIV-2.4.20-21.i686.rpm
. kernel-BOOT-2.4.20-21.i386.rpm
. kernel-source-2.4.20-21.i386.rpm
. kernel-header-2.4.20-21.i386.rpm
SRPMS :
. kernel-2.4.20-21.src.rpm
참고 :
https://bugzilla.fedora.us/show_bug.cgi?id=1484
https://bugzilla.fedora.us/show_bug.cgi?id=1804
|