Fwd: Kernel 2.2.16 and /usr/bin/Mail

Kwsths math1890 at edu.uch.gr
Sat Jun 10 22:51:51 EEST 2000


>Date: Sat, 10 Jun 2000 00:58:02 -0700 (PDT)
>From: Slackware Security Team <security at slackware.com>
>To: slackware-security at slackware.com
>Subject: Kernel 2.2.16 and /usr/bin/Mail
>Sender: owner-slackware-security at slackware.com
>Reply-To: Slackware Security Team <security at slackware.com>
>
>
>
>====================================
>Kernel Version 2.2.16 Security Fixes
>====================================
>
>The 2.2.16 release of the Linux kernel is available and includes a number of
>security fixes.  The following list of fixes comes from the kernel release
>notes:
>
>----------------------------------------------------------------------------
>Capabilities -
>    Fixes for serious setuid handling flaws when using restricted capability
>    sets
>ELF loader -
>    The ELF loader could be tricked by erroneous headers
>Procfs -
>    Several /proc drivers failed to do correct sanity checking
>Readv/writev -
>    Potential overflow bug fixed
>Signal Stacks -
>    Exec failed to clear an existing alternate sigstack
>System 5 Shared Memory -
>    If a user managed to attach a segment 65536 times bad things happened.
>TCP multiconnect hang -
>    The TCP code had a bug that could cause the machine to hang. This was 
> user
>    exploitable.
>-----------------------------------------------------------------------------
>
>We recommend that you read the above as a list of reasons to upgrade to 
>2.2.16,
>if you're running a 2.2.x kernel.  The capabilities hole is especially nasty,
>as it allows a local user to gain root access from a program that normally
>drops root privileges.
>
>The standard pre-built Slackware kernels have been built from 2.2.16 source
>and are now available in Slackware-current:
>
>      ftp://ftp.slackware.com/pub/slackware/slackware-current/kernels/
>
>You will probably also need a new set of modules, available from:
>
>      ftp://ftp.slackware.com/pub/slackware/slackware-current/modules/
>
>They are also available in packaged form in the slackware-current ftp tree
>(ftp://ftp.slackware.com/pub/slackware/slackware-current/slakware/).  The
>files, within that directory, are:
>
>      a1/modules.tgz, a1/scsimods.tgz, a1/sndmods.tgz, a1/fsmods.tgz,
>      and n1/netmods.tgz
>
>The kernel release notes are available here:
>
>      http://www.linux.org.uk/VERSION/relnotes.2216.html
>
>
>=========================
>/usr/bin/Mail chmoded 755
>=========================
>
>The Mail program shipped with Slackware has been shown to be subject to a
>buffer overflow that, if the program is sgid (as shipped with Slackware), can
>provide a malicious user with gid "mail".  Having gid "mail" does not allow a
>user any special priveleges, as the mail group hasn't been used in Slackware
>for years.  There is a security advisory being passed around, but we assure
>you there's no threat from the Mail flaw.  Nonetheless, holes are no fun, and
>we've closed this one by removing the sgid bit from /bin/Mail.  A new
>mailx.tgz package is available in Slackware-current:
>
>ftp://ftp.slackware.com/pub/slackware/slackware-current/slakware/n1/mailx.tgz
>
>==============================================================================
>
>As always, more information is available in the Slackware-current ChangeLog:
>
>      ftp://ftp.slackware.com/pub/slackware/slackware-current/ChangeLog.txt
>
>
>    -- Your Friendly Neighborhood Slackware Security Team
>       security at slackware.com


--
linux-greek-users mailing list -- http://lists.hellug.gr




More information about the Linux-greek-users mailing list