Fwd: Kernel 2.2.16 and /usr/bin/Mail
Kwsths
math1890 at edu.uch.gr
Sat Jun 10 22:51:51 EEST 2000
>Date: Sat, 10 Jun 2000 00:58:02 -0700 (PDT)
>From: Slackware Security Team <security at slackware.com>
>To: slackware-security at slackware.com
>Subject: Kernel 2.2.16 and /usr/bin/Mail
>Sender: owner-slackware-security at slackware.com
>Reply-To: Slackware Security Team <security at slackware.com>
>
>
>
>====================================
>Kernel Version 2.2.16 Security Fixes
>====================================
>
>The 2.2.16 release of the Linux kernel is available and includes a number of
>security fixes. The following list of fixes comes from the kernel release
>notes:
>
>----------------------------------------------------------------------------
>Capabilities -
> Fixes for serious setuid handling flaws when using restricted capability
> sets
>ELF loader -
> The ELF loader could be tricked by erroneous headers
>Procfs -
> Several /proc drivers failed to do correct sanity checking
>Readv/writev -
> Potential overflow bug fixed
>Signal Stacks -
> Exec failed to clear an existing alternate sigstack
>System 5 Shared Memory -
> If a user managed to attach a segment 65536 times bad things happened.
>TCP multiconnect hang -
> The TCP code had a bug that could cause the machine to hang. This was
> user
> exploitable.
>-----------------------------------------------------------------------------
>
>We recommend that you read the above as a list of reasons to upgrade to
>2.2.16,
>if you're running a 2.2.x kernel. The capabilities hole is especially nasty,
>as it allows a local user to gain root access from a program that normally
>drops root privileges.
>
>The standard pre-built Slackware kernels have been built from 2.2.16 source
>and are now available in Slackware-current:
>
> ftp://ftp.slackware.com/pub/slackware/slackware-current/kernels/
>
>You will probably also need a new set of modules, available from:
>
> ftp://ftp.slackware.com/pub/slackware/slackware-current/modules/
>
>They are also available in packaged form in the slackware-current ftp tree
>(ftp://ftp.slackware.com/pub/slackware/slackware-current/slakware/). The
>files, within that directory, are:
>
> a1/modules.tgz, a1/scsimods.tgz, a1/sndmods.tgz, a1/fsmods.tgz,
> and n1/netmods.tgz
>
>The kernel release notes are available here:
>
> http://www.linux.org.uk/VERSION/relnotes.2216.html
>
>
>=========================
>/usr/bin/Mail chmoded 755
>=========================
>
>The Mail program shipped with Slackware has been shown to be subject to a
>buffer overflow that, if the program is sgid (as shipped with Slackware), can
>provide a malicious user with gid "mail". Having gid "mail" does not allow a
>user any special priveleges, as the mail group hasn't been used in Slackware
>for years. There is a security advisory being passed around, but we assure
>you there's no threat from the Mail flaw. Nonetheless, holes are no fun, and
>we've closed this one by removing the sgid bit from /bin/Mail. A new
>mailx.tgz package is available in Slackware-current:
>
>ftp://ftp.slackware.com/pub/slackware/slackware-current/slakware/n1/mailx.tgz
>
>==============================================================================
>
>As always, more information is available in the Slackware-current ChangeLog:
>
> ftp://ftp.slackware.com/pub/slackware/slackware-current/ChangeLog.txt
>
>
> -- Your Friendly Neighborhood Slackware Security Team
> security at slackware.com
--
linux-greek-users mailing list -- http://lists.hellug.gr
More information about the Linux-greek-users
mailing list