- -------------------------------------------------------------------------- Debian-Edu/Skolelinux Security Advisory DESA 2004-006 http://www.skolelinux.no/security/ Finn-Arne Johansen June 18-06-2004 debian-edu-security@lists.alioth.debian.org - -------------------------------------------------------------------------- Package : kernel-image-2.4.26-1-i386 Vulnerability : vulnerability in the clear_fpu() macro Problem-Type : local Need reboot : yes Debian-Edu-specific : no CVE ID : - DSA ID : - A critical security vulnerability has been found in the Linux kernel in the clear_fpu() macro code. For more details, take a look at: http://linuxreviews.org/news/2004-06-11_kernel_crash/index.html The new kernel packages built using the debian kernel source package, and patched with the code from http://linux.bkbits.net:8080/linux-2.4/gnupatch@40cdf6f8V7sOe5n96HA5Q7r9uDRvJQ The patch has been done by Finn-Arne Johansen <faj@bzz.no> We recommend that you upgrade your kernel packages to the new 2.4.26 version built for skolelinux. Note that there is not built special kernels for (amd Opteron) Upgrade Instructions - -------------------- Make sure 'deb ftp://ftp.skolelinux.no/skolelinux/ woody local' is present in your /etc/apt/sources.list and run 'apt-get update' to update your package lists. Find which flavour of the kernel you are running with the command 'uname -r' (examples: 386, 586tsc, 686, 686-smp, k6, k7, k7-smp). To upgrade, run this command replacing <flavour> with yours: apt-get install kernel-image-2.4.26-1-<flavour> If you are unfamiliar with kernel upgrades, please visit our mini-HOWTO on this subject: http://www.skolelinux.no/security/kernel-upgrade - -------------------------------------------------------------------------- For apt-get: deb ftp://ftp.skolelinux.no/skolelinux/ woody local Mailing list: bruker@skolelinux.no, debian-edu@lists.debian.org, linuxiskolen@skolelinux.no, user@skolelinux.de Package info: `apt-cache show <pkg>' -- Finn-Arne Johansen faj@bzz.no http://bzz.no/
Attachment:
signature.asc
Description: Digital signature