- --------------------------------------------------------------------------
Debian-Edu/Skolelinux Security Advisory DESA 2004-004
http://www.skolelinux.no/security/ Morten Werner Olsen
April 22th, 2004 debian-edu-security@lists.alioth.debian.org
- --------------------------------------------------------------------------
Package : kernel-image-2.4.25-1-i386
Vulnerability : vulnerability in the ip_setsockopt() function code
Problem-Type : local
Need reboot : yes
Debian-Edu-specific : no
CVE ID : -
DSA ID : -
A critical security vulnerability has been found in the Linux kernel in
the ip_setsockopt() function code. For more details, take a look at:
http://www.isec.pl/vulnerabilities/isec-0015-msfilter.txt
The new kernel packages are fetched directly from Debian's unstable
archives, packaged by Herbert Xu.
We recommend that you upgrade your kernel packages to the new 2.4.26
version.
Upgrade Instructions
- --------------------
Make sure 'deb ftp://ftp.skolelinux.no/skolelinux/ woody local' is
present in your /etc/apt/sources.list and run 'apt-get update' to
update your package lists.
Find which flavour of the kernel you are running with the command
'uname -r' (examples: 386, 586tsc, 686, 686-smp, k6, k7, k7-smp).
To upgrade, run this command replacing <flavour> with yours:
apt-get install kernel-image-2.4.26-1-<flavour>
If you are unfamiliar with kernel upgrades, please visit our
mini-HOWTO on this subject:
http://www.skolelinux.no/security/kernel-upgrade
- --------------------------------------------------------------------------
For apt-get: deb ftp://ftp.skolelinux.no/skolelinux/ woody local
Mailing list: bruker@skolelinux.no, debian-edu@lists.debian.org,
linuxiskolen@skolelinux.no, user@skolelinux.de
Package info: `apt-cache show <pkg>'
Attachment:
signature.asc
Description: Digital signature