Red Hat Network has determined that the following advisory is applicable to
one or more of the systems you have registered with the Software Manager
service:
Complete information about this errata can be found at the following location:
https://rhn.redhat.com/network/errata/errata_details.pxt?eid=1019
Security Advisory - RHSA-2002:007-17
------------------------------------------------------------------------------
Summary:
Updated 2.4 kernel available
A security vunlerability in the Linux CIPE (VPN tunnel) implementation has
been fixed.
Description:
Larry McVoy has discovered a problem in the CIPE (VPN tunnel)
implementation, where a malformed packet could cause a crash. The Common
Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name
CAN-2002-0047 to this issue.
Andrew Griffiths has discovered a vulnerability that allows remote machines
to read random memory using a bug in the Linux ICMP implementation.
However, 2.4 kernels after version 2.4.0-test6 and 2.2 kernels after
version 2.2.18 have this bug fixed. All Red Hat Linux 2.4 kernels have this
fix are not vulnerable to this bug.
It is recommended that users running older 2.2 kernels on Red Hat Linux 6.2
or 7 upgrade to the latest available errata kernel, which includes a fix
for this problem. The Common Vulnerabilities and Exposures project
(cve.mitre.org) has assigned the name CAN-2002-0046 to this issue.
A patch for recent 2.4 kernels is circulating to fix the bug in the Linux
ICMP implementation. Red Hat, Inc. recommends not using this patch since it
actually breaks the kernel ICMP implementation and since Red Hat Linux 2.4
kernels are not vulnerable to the bug.
In addition to the CIPE security fix, several other bugs were fixed, and
some drivers were updated:
* For Red Hat Linux 7.1: DRM/DRI (3D support) for the XFree86 erratum
RHEA-2002:010
* New aacraid driver rewritten by Alan Cox
* New DAC960 driver
* Additional Qlogic 2200 driver
* LM_Sensors driver upgrade
References:
http://www.securityfocus.com/archive/1/251418
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-0046
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-0047
------------------------------------------------------------------------------
-------------
Taking Action
-------------
You may address the issues outlined in this advisory in two ways:
- select your server name by clicking on its name from the list
available at the following location, and then schedule an
errata update for it:
https://rhn.redhat.com/network/systemlist/system_list.pxt
- run the Update Agent on each affected server.
---------------------------------
Changing Notification Preferences
---------------------------------
To enable/disable your Errata Alert preferences globally please log in to RHN
and navigate from "Your RHN" / "Your Account" to the "Preferences" tab.
URL: https://rhn.redhat.com/network/my_account/my_prefs.pxt
You can also enable/disable notification on a per system basis by selecting an
individual system from the "Systems List". From the individual system view
click the "Details" tab.
---------------------
Affected Systems List
---------------------
This Errata Advisory may apply to the systems listed below. If you know that
this errata does not apply to a system listed, it might be possible that the
package profile for that server is out of date. In that case you should run
'up2date -p' as root on the system in question to refresh your software profile.
There is 1 affected system registered in 'Your RHN' (only systems for
which you have explicitly enabled Errata Alerts are shown).
Release Arch Profile Name
-------- -------- ------------
7.2 i686 chargerccsaaoc1
The Red Hat Network Team
This message is being sent by Red Hat Network Alert to:
RHN user login: mpmpmWWW
Email address on file: <[EMAIL PROTECTED]>
To no longer receive this email, please click the URL below:
https://rhn.redhat.com/optout.pxt?uid=857251&oid=1417763
_______________________________________________
Ntop mailing list
[EMAIL PROTECTED]
http://listmanager.unipi.it/mailman/listinfo/ntop
