AnNyung Official Homepage Home > Update [ 1.3 ]  

HOME
What is AnNyung
Documents
Packages System
White Paper
Download
Update
  . 3.x [RSS]
  . 2.x [RSS]
  . 1.3 [RSS]
  . 1.2 [RSS]
  . 1.1 [RSS]
  . 1.0 [RSS]
FAQ
Hardware
RoadMap
Gallery

  Go oops.org
  AnNyung banner 88x31

  AnNyung 1 banner 80x15
  AnNyung 2 banner 80x15
  AnNyung 3 banner 80x15
  AnNyung banner 80x15
  AnNyung banner 80x15



kernel 보안 업데이트
Web Browser 로는 FTP 접속이 불가능 합니다.

문서번호 : 1250584048
업데이트 : 2009.08.18


상세내용

2.4.37-4 update

  - update 2.4.37.5
  - build: fix genksyms segfault in pcigame.c
  - build: do not let genksyms silently fail anymore
  - net: fix possible NULL dereference in sock_sendpage()
  - tulip: Fix for MTU problems with 802.1q tagged frames
  - lib: memcmp must be exported without module versioning
  - lib: fix again memcmp export issues in the arch ksyms only
  - usb-storage: fix "READ CAPACITY failed" errors with USB flash drives
  - md/raid5: silent out the "switching cache buffer size" messages
  - personality: clear MMAP_PAGE_ZERO on exec if mmap_min_addr is set
  - kernel/resource.c: fix sign extension in reserve_setup()
  - vlan: Slab memleak fix
  - br2684: allocation out of atomic context
  - br2684: fix double freeing skb
  - usb: pr_debug ehci structure bug
  - usb: Add support for Teac HD-35PU
  - r8169: fix erroneous receive packet size settings
  - r8169: reject fragmented frames to prevent panics with large frames
  - r8169: avoid rx descriptors leak when receiving erroneous frames
  - r8169: reset the chip on receive fifo overflows
  - r8169: rate-limit the messages displayed in interrupt context
  - agp: remove uid comparison as security check
  - ipv6: Disallow rediculious flowlabel option sizes.
  - net: amend the fix for SO_BSDCOMPAT gsopt infoleak
  - e1000: fix bug with shared interrupt during reset
  - e1000: add missing length check to e1000 receive routine
  - sctp: Avoid memory overflow while FWD-TSN chunk is received with bad stream ID
  - exit_notify: fix regression uncovered by the CAP_KILL fix
  - af_rose/x25: Sanity check the maximum user frame size
  - exit_notify: kill the wrong capable(CAP_KILL) check
  - copy_process: fix CLONE_PARENT && parent_exec_id interaction
  - CAP_FS_MASK: add CAP_LINUX_IMMUTABLE and CAP_MKNOD
  - ATM: ensure we don't listen twice on a socket
  - bonding: fix panic when taking bond interface down before removing module
  - forcedeth: fix checksum flag
  - net: Fix recursive descent in __scm_destroy().
  - ext: Avoid printk floods in the face of directory
  - hfsplus: fix Buffer overflow with a corrupted image
  - netfilter: snmp nat leaks memory in case of failure
  - backport vlan device unregister fix
  - security: avoid calling a NULL function pointer in drivers/video/tvaudio.c
  - tcp: Clear probes_out more aggressively in tcp_ack().
  - x86 would not build without CONFIG_VT
  - pc_keyb: fix breakage on ia64/mips/mips64
  - netfilter: ip6t_{hbh,dst}: Rejects not-strict mode on rule insertion
  - [PPPOE]: Missing result check in __pppoe_xmit().
  - udf: fix uid/gid permissions
  - net pppoe: Check packet length on all receive paths
  - ipv6: use timer pending
  - sctp: Do not leak memory on multiple listen() calls
  - sctp: Allow only 1 listening socket with SO_REUSEADDR
  - sky2: fix uninitialized "mss" variable in sky2_xmit_frame()
  - Correct the upto value during list conntrack information
  - 3c980-TX needs EXTRA_PREAMBLE
  - ACPI: check a return value correctly in acpi_power_get_context()
  - signal.h: use an explicit cast to silent compiler warnings


driver update

  - update megaraid_sas driver to 04.08
  - update 3w-9xxx driver to 9.5.2
  - update aacraid driver to 1.1.5-2453
  - update bnx2 driver to 1.8.5b
  - update e1000 driver to 8.0.9
  - update r8168 driver to 8.013.00
  - update tg3 driver to 3.92n


security issue

  - CVE-2009-2692 fix possible NULL dereference in sock_sendpage()
  - CVE-2008-1673 asn1: additional sanity checking during BER decoding
  - CVE-2008-2136 sit: Add missing kfree_skb() on pskb_may_pull() failure
  - CVE-2008-2826 sctp: Make sure N * sizeof(union sctp_addr) does not overflow
  - CVE-2008-3525 wan: Missing capability checks in sbni_ioctl()
  - CVE-2005-0504 old buffer overflow in moxa driver
  - CVE-2008-5300 Fix soft lockups/OOM issues w/ unix garbage collector
  - CVE-2008-3275 Linux kernel local filesystem DoS
  - CVE-2008-4210 Remove suid/sgid bits on truncate()


AAR 81XX Driver support:

ftp://mirror.XX.oops.org/pub/AnNyung/1.0/Packages/kernel 에서 해당 드라이브 image
를 구할 수 있습니다.

Intel Core 2 이상의 CPU 에서 RAM 4G 이상 사용할 경우에는 bigmem 커널을 이용해야
4G 가 인식이 됩니다. (Opteron Dual core 장비에서는 테스트를 못해 봤습니다. ^^)


Autoupdates 지원 : Pakcages System
  pkgkernel 이용
  http://annyung.oops.org/?m=pkgadm&p=pkgkernel 참조


update 패키지

  RPMS :

    . kernel-2.4.37-4.i686.rpm
    . kernel-bigmem-2.4.37-4.i686.rpm
    . kernel-PIII-2.4.37-4.i686.rpm
    . kernel-PIV-2.4.37-4.i686.rpm
    . kernel-source-2.4.37-4.i386.rpm
    . kernel-header-2.4.37-4.i386.rpm


  SRPMS :

    . kernel-2.4.37-4.src.rpm


참고 :
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2692
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2136
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2826
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3525
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-0504
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5300
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3275
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4210




    



 Home > Update [ 1.3 ]

Copyright 2024 OOPS Development Organization 
LAST MODIFIED: 2018/04/10