[Mageia-sysadm] Updated kernels for the Mageia Servers...

Thomas Backlund tmb at iki.fi
Tue Dec 14 21:06:12 CET 2010


Hi,

Since it probably will take some time before Mandriva releases their 
next kernel security updates, I suggest to install the ones I have built 
from current svn:


So for 2010.1 hosts:
> * Fri Dec 10 2010 Thomas Backlund <tmb at mandriva.org> 2.6.33.7-2.2mnb
> o Thomas Backlund <tmb at mandriva.org>
>     - vmscan: raise the bar to PAGEOUT_IO_SYNC stalls
>       (Fixes "system goes unresponsive under memory pressure and lots of
>        dirty/writeback pages" bug. (http://lkml.org/lkml/2010/4/4/86))
>     - make kernel-source require diffutils as it uses both diff and cmp
>       during build (mdv #61719)
>     - econet: disallow NULL remote addr for sendmsg() (CVE-2010-3849)
>     - econet: Add missing check for capable(CAP_NET_ADMIN) in SIOCSIFADDR
>               operation (CVE-2010-3850)
>     - econet: fix stack overflow if msg->msgiovlen is large (CVE-2010-3848)
>     - do_exit(): make sure that we run with get_fs() == USER_DS (CVE-2010-4258)
>     - af_unix: limit unix_tot_inflight and recursion level (CVE-2010-4249)(fixes unix socket OOM)

http://tmb.mine.nu/Mandriva/2010.1/
http://tmb2.mine.nu/Mandriva/2010.1/


And for 2010.0 hosts:
> * Sat Dec 11 2010 Thomas Backlund <tmb at mandriva.org> 2.6.31.14-1.1mnb
> o Thomas Backlund <tmb at mandriva.org>
>     - fix local root exploit with 32bit compat mode on 64 bit kernels
>       (CVE-2010-3301)
>     - econet: fix stack overflow if msg->msgiovlen is large (CVE-2010-3848)
>     - econet: disallow NULL remote addr for sendmsg() (CVE-2010-3849)
>     - econet: Add missing check for capable(CAP_NET_ADMIN) in SIOCSIFADDR
>               operation (CVE-2010-3850)
>     - do_exit(): make sure that we run with get_fs() == USER_DS (CVE-2010-4258)
>     - af_unix: limit unix_tot_inflight and recursion level (CVE-2010-4249)

http://tmb.mine.nu/Mandriva/2010.0/
http://tmb2.mine.nu/Mandriva/2010.0/


Any complaints / suggestions ?

--
Thomas


More information about the Mageia-sysadm mailing list