Bluewhite64 Linux: [Bluewhite64 Linux Security] Linux Kernel [BW64SA:20090817-02]

Welcome

Be cool!

Linux, Bluewhite64 Linux T-shirts, Wall Clocks, Mugs, Hats, Bags

Buy Bluewhite64 DVDs
(USA Store)

Custom Search

RSS Feeds

Our news can be syndicated by using these rss feeds.

Latest Forum Posts

Posted by charlie
Updated the function: bw () { #Enter your [more ...]
24 Aug : 03:21

Posted by darshin
As we all know, ZFS is by far the best file system.People ha [more ...]
20 Aug : 16:17

Posted by charlie
Bluewhite64 should add something more than what Slackware64 [more ...]
26 Jul : 23:05

Posted by tpreitzel
Well, if we do see a new version of Bluewhite64, Arny is kee [more ...]
25 May : 23:19

Posted by Diver
Hello.I compiled KDE-4.4.3 with the help of Alien's scripts [more ...]
25 May : 21:35

Posted by /dev/twisted
I sure hope he does, I really like BW.I check this forum eve [more ...]
25 May : 08:48

Posted by Diver
Slackware-13.1 is out! )Can we hope to see the new version o [more ...]
25 May : 08:39

Posted by Kenjiro Tanaka
Eric/alienbob,I am really sorry. I really thought (before re [more ...]
29 Apr : 23:20

Posted by alienbob
Kenjiro,Thanks for finally giving public credit to the sourc [more ...]
29 Apr : 22:37

Posted by Kenjiro Tanaka
Hello there.Diver, my last two builds (kde-4.4.1 and kde-4.4 [more ...]
28 Apr : 15:04

[Bluewhite64 Linux Security] Linux Kernel [BW64SA:20090817-02]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

[Bluewhite64 Linux Security] Linux Kernel [BW64SA:20090817-02]

New kernel packages are available for Bluewhite64 Linux 12.0, 12.1, 12.2 and -current to
fix a local root exploit.

More details about this issue may be found in the Common
Vulnerabilities and Exposures (CVE) database:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2692

Here are the details from the Bluewhite64 Linux 12.2 ChangeLog:
- ----------------------------------------------------------------
PATCHES/packages/kernel-huge-2.6.27.7-x86_64-3.tgz: Patched.
The CVE-2009-2692 vulnerability allows regular users to get root
rights on the affected systems (local only). The problem is a Linux kernel
NULL pointer dereference due to incorrect proto_ops initializations.
For more details please see:
http://tinyurl.com/ostlja
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2692
[*** Security fix ***]
- -------------------------------

Download the new packages from:
- --------------------------------
For Bluewhite64 Linux 12.0:
http://data.bluewhite64.com/bluewhite64-12.0/patches/packages/kernel-huge-2.6.21.5-x86_64-4.tgz
http://data.bluewhite64.com/bluewhite64-12.0/patches/packages/kernel-test26-2.6.22.9-x86_64-3.tgz

For Bluewhite64 Linux 12.1:
http://data.bluewhite64.com/bluewhite64-12.1/patches/packages/kernel-huge-2.6.24.5-x86_64-3.tgz
http://data.bluewhite64.com/bluewhite64-12.1/patches/packages/kernel-test-huge-2.6.25.1-x86_64-2.tgz

For Bluewhite64 Linux 12.2:
http://data.bluewhite64.com/bluewhite64-12.2/patches/packages/kernel-huge-2.6.27.7-x86_64-3.tgz

For Bluewhite64 Linux -current:
http://data.bluewhite64.com/bluewhite64-current/bluewhite64/a/kernel-huge-2.6.30.5-x86_64-1.txz
http://data.bluewhite64.com/bluewhite64-current/bluewhite64/a/kernel-generic-2.6.30.5-x86_64-1.txz

Also, please see the "Get Bluewhite64" section on http://www.bluewhite64.com for
additional mirror sites near you.

MD5 signatures:
- ----------------
Bluewhite64 Linux 12.0 package:
f41c9f0ad39df728454b41541533208b kernel-huge-2.6.21.5-x86_64-4.tgz
10ed061d7512346961fb4b4b54087bd7 kernel-test26-2.6.22.9-x86_64-3.tgz

Bluewhite64 Linux 12.1 package:
33b9fe78af39775f335983fb5db8a29c kernel-huge-2.6.24.5-x86_64-3.tgz
9b4a361228da7bedb1096dbe60d5780d kernel-test-huge-2.6.25.1-x86_64-2.tgz

Bluewhite64 Linux 12.2 package:
9ec7f16387d14749d1cf203ad5f3b8d7 kernel-huge-2.6.27.7-x86_64-3.tgz

Bluewhite64 Linux -current package:
8b7cb7dfa8948859ce0caefcdcc9a2b7 kernel-huge-2.6.30.5-x86_64-1.txz
2e15b20f4481c97b449c0cf0d5f7f544 kernel-generic-2.6.30.5-x86_64-1.txz

Installation instructions:
- ----------------------------
Upgrade the package as root:
# upgradepkg kernel-huge-2.6.27.7-x86_64-3.tgz

Then, if you use lilo rerun it to update the boot loader.

- ---
Bluewhite64 Linux Security Team
http://bluewhite64.com/gpg-key

security©bluewhite64.com

- ------------------------------------------------------
To leave the bluewhite64-security mailing list:
Send a blank email to

bluewhite64-security-unsubscribe©bluewhite64.com

You will get a confirmation message back containing
instructions to complete the process.

Please do not reply to this email address.
- ------------------------------------------------------

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)

iEYEARECAAYFAkqJkxIACgkQpTOsxuDdlY6XzgCcCF9MlRu9qiZZOq/monWPOA4F
wZ4An2YDfpw6QRzVnpnnW2WfWr9LpIkn
=6Sq8
-----END PGP SIGNATURE-----