Results 1 to 11 of 11
  1. #1
    Join Date
    Jan 2003
    Location
    UK
    Posts
    97

    Where is RH9's new kernel?? Current is vulnerable!

    Hello,

    Where can I get the new rpm for rh9 kernel?

    Or can I use the fedora kernel for rh9?

    Thanks,

  2. #2
    Join Date
    Jan 2003
    Location
    UK
    Posts
    97
    Anyone?
    European Web Hosting and Dedicated Server solutions since 2003.

  3. #3
    There's no fedora kernel for rh 9 yet. RH have yet to release their kernel. You can download the latest from www.kernel.org and compile it.
    Like us on Facebook to qualify for discounts!
    http://www.sprintserve.net
    Offering: | Internap FCP Bandwidth! | Rebootless Kernel Updates! | Magento Optimized Hosting | Wordpress Hosting |
    Services: | Managed Multiple Cores 64bit Servers | Server Management |

  4. #4
    Join Date
    Jun 2003
    Posts
    673
    Just to be clear, the latest spate of vulnerabilities only affect people who are using the Riva 128 DRI driver, the NCPFS driver, or the Sound Blaster driver (denial-of-service), right?

  5. #5
    Join Date
    Jan 2003
    Location
    UK
    Posts
    97
    Originally posted by dan_erat
    Just to be clear, the latest spate of vulnerabilities only affect people who are using the Riva 128 DRI driver, the NCPFS driver, or the Sound Blaster driver (denial-of-service), right?
    Anyone who can confirm?
    European Web Hosting and Dedicated Server solutions since 2003.

  6. #6
    Join Date
    Mar 2003
    Location
    California USA
    Posts
    13,290
    Steven Ciaburri | Industry's Best Server Management - Rack911.com
    Software Auditing - 400+ Vulnerabilities Found - Quote @ https://www.RACK911Labs.com
    Fully Managed Dedicated Servers (Las Vegas, New York City, & Amsterdam) (AS62710)
    FreeBSD & Linux Server Management, Security Auditing, Server Optimization, PCI Compliance

  7. #7
    Join Date
    Jun 2003
    Posts
    673
    Aw, nuts.

  8. #8
    Join Date
    Jan 2002
    Location
    Home, chair
    Posts
    723
    RedHat9 shouldn't need an upgrade, because

    2. Details

    The ip_setsockopt() function code is a subroutine of the setsockopt(2)
    system call. This function allows manipulation of various options of
    the IP socket. The MCAST_MSFILTER option can be used to provide the
    kernel with a list of multicast addresses to be received on the socket.
    This code has been introduced with the 2.4.22/2.6.1 kernel releases.

    There is an exploitable integer overflow inside the code handling the
    MCAST_MSFILTER socket option in the IP_MSFILTER_SIZE macro calculation.
    RedHat9 uses 2.4.20 kernel with bugs patched. So the latest 2.4.20-30.9 should be ok. Enterprise3 RedHat uses 2.4.21, also should be safe. But Fedora users need to upgrade for sure, as Fedora Core 1 uses 2.4.22

    PS: This is only if you use RedHat-provided kernels, not custom-compiled. Custom-compiled all need to be upgraded to the latest 2.4.26 or 2.6.5/6
    Last edited by phpdeveloper; 04-21-2004 at 03:59 AM.

  9. #9
    Join Date
    Jan 2003
    Location
    UK
    Posts
    97
    Originally posted by phpdeveloper
    RedHat9 uses 2.4.20 kernel with bugs patched. So the latest 2.4.20-30.9 should be ok. Enterprise3 RedHat uses 2.4.21, also should be safe. But Fedora users need to upgrade for sure, as Fedora Core 1 uses 2.4.22

    PS: This is only if you use RedHat-provided kernels, not custom-compiled. Custom-compiled all need to be upgraded to the latest 2.4.26 or 2.6.5/6
    Actually they released a new kernel for RH9, which is 2.4.20-31.9.
    (http://updates.redhat.com/9/en/os/i3...-31.9.i386.rpm)

    I currently have 2.4.20-30.9 installed since february. Are you sure it isn't secure?

    Thanks for the help!
    European Web Hosting and Dedicated Server solutions since 2003.

  10. #10
    Join Date
    Jan 2002
    Location
    Home, chair
    Posts
    723
    They did, but the changes between 30 and 31 aren't related to the problem under discussion, because their kernel is from 2.4.20 branch, which doesn't contain the buggy code. The buggy code was introduced in 2.4.22 branch in August 2003.
    In any case, it's always a good idea to run the latest software, so it's advisable to upgrade.

  11. #11
    Join Date
    Jan 2003
    Location
    UK
    Posts
    97
    Originally posted by phpdeveloper
    They did, but the changes between 30 and 31 aren't related to the problem under discussion, because their kernel is from 2.4.20 branch, which doesn't contain the buggy code. The buggy code was introduced in 2.4.22 branch in August 2003.
    In any case, it's always a good idea to run the latest software, so it's advisable to upgrade.
    Thanks for the help
    European Web Hosting and Dedicated Server solutions since 2003.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •