SciLinux: CVE-2009-3547 Moderate: 4Suite SL3.x, SL4.x i386/x86_64
Summary
Date: Tue, 10 Nov 2009 14:26:11 -0600Reply-To: Troy DawsonSender: Security Errata for Scientific Linux From: Troy Dawson Subject: Re: Security ERRATA Important: kernel on SL4.x i386/x86_64Comments: To: "scientific-linux-errata@fnal.gov" In-Reply-To: <4AF1F290.4030004@fnal.gov>The GFS/Cluster kernel modules have been made available for this kerneli386:cman-kernel-2.6.9-56.7.el4_8.9.i686.rpmcman-kernel-hugemem-2.6.9-56.7.el4_8.9.i686.rpmcman-kernel-smp-2.6.9-56.7.el4_8.9.i686.rpmcman-kernel-xenU-2.6.9-56.7.el4_8.9.i686.rpmcman-kernheaders-2.6.9-56.7.el4_8.9.i686.rpmdlm-kernel-2.6.9-58.6.el4_8.8.i686.rpmdlm-kernel-hugemem-2.6.9-58.6.el4_8.8.i686.rpmdlm-kernel-smp-2.6.9-58.6.el4_8.8.i686.rpmdlm-kernel-xenU-2.6.9-58.6.el4_8.8.i686.rpmdlm-kernheaders-2.6.9-58.6.el4_8.8.i686.rpmGFS-kernel-2.6.9-85.2.el4_8.6.i686.rpmGFS-kernel-hugemem-2.6.9-85.2.el4_8.6.i686.rpmGFS-kernel-smp-2.6.9-85.2.el4_8.6.i686.rpmGFS-kernel-xenU-2.6.9-85.2.el4_8.6.i686.rpmGFS-kernheaders-2.6.9-85.2.el4_8.6.i686.rpmgnbd-kernel-2.6.9-10.56.el4_8.8.i686.rpmgnbd-kernel-hugemem-2.6.9-10.56.el4_8.8.i686.rpmgnbd-kernel-smp-2.6.9-10.56.el4_8.8.i686.rpmgnbd-kernel-xenU-2.6.9-10.56.el4_8.8.i686.rpmgnbd-kernheaders-2.6.9-10.56.el4_8.8.i686.rpmx86_64:cman-kernel-2.6.9-56.7.el4_8.9.x86_64.rpmcman-kernel-largesmp-2.6.9-56.7.el4_8.9.x86_64.rpmcman-kernel-smp-2.6.9-56.7.el4_8.9.x86_64.rpmcman-kernel-xenU-2.6.9-56.7.el4_8.9.x86_64.rpmcman-kernheaders-2.6.9-56.7.el4_8.9.x86_64.rpmdlm-kernel-2.6.9-58.6.el4_8.8.x86_64.rpmdlm-kernel-largesmp-2.6.9-58.6.el4_8.8.x86_64.rpmdlm-kernel-smp-2.6.9-58.6.el4_8.8.x86_64.rpmdlm-kernel-xenU-2.6.9-58.6.el4_8.8.x86_64.rpmdlm-kernheaders-2.6.9-58.6.el4_8.8.x86_64.rpmGFS-kernel-2.6.9-85.2.el4_8.6.x86_64.rpmGFS-kernel-largesmp-2.6.9-85.2.el4_8.6.x86_64.rpmGFS-kernel-smp-2.6.9-85.2.el4_8.6.x86_64.rpmGFS-kernel-xenU-2.6.9-85.2.el4_8.6.x86_64.rpmGFS-kernheaders-2.6.9-85.2.el4_8.6.x86_64.rpmgnbd-kernel-2.6.9-10.56.el4_8.8.x86_64.rpmgnbd-kernel-largesmp-2.6.9-10.56.el4_8.8.x86_64.rpmgnbd-kernel-smp-2.6.9-10.56.el4_8.8.x86_64.rpmgnbd-kernel-xenU-2.6.9-10.56.el4_8.8.x86_64.rpmgnbd-kernheaders-2.6.9-10.56.el4_8.8.x86_64.rpmTroyTroy J Dawson wrote:> Synopsis: Important: kernel security update> Issue date: 2009-11-03> CVE Names: CVE-2009-3547> > CVE-2009-3547 kernel: fs: pipe.c null pointer dereference> > This update fixes the following security issues:> > * a NULL pointer dereference flaw was found in each of the following> functions in the Linux kernel: pipe_read_open(), pipe_write_open(), and> pipe_rdwr_open(). When the mutex lock is not held, the i_pipe pointer > could be released by other processes before it is used to update the > pipe's reader and writer counters. This could lead to a local denial of > service or privilege escalation. (CVE-2009-3547, Important)> > The system must be rebooted for this update to take effect.> > SL 4.x> > SRPMS:> kernel-2.6.9-89.0.16.EL.src.rpm> i386:> kernel-2.6.9-89.0.16.EL.i686.rpm> kernel-devel-2.6.9-89.0.16.EL.i686.rpm> kernel-doc-2.6.9-89.0.16.EL.noarch.rpm> kernel-hugemem-2.6.9-89.0.16.EL.i686.rpm> kernel-hugemem-devel-2.6.9-89.0.16.EL.i686.rpm> kernel-smp-2.6.9-89.0.16.EL.i686.rpm> kernel-smp-devel-2.6.9-89.0.16.EL.i686.rpm> kernel-xenU-2.6.9-89.0.16.EL.i686.rpm> kernel-xenU-devel-2.6.9-89.0.16.EL.i686.rpm> Dependencies:> kernel-module-fuse-2.6.9-89.0.16.EL-2.7.3-1.SL.i686.rpm> kernel-module-fuse-2.6.9-89.0.16.ELhugemem-2.7.3-1.SL.i686.rpm> kernel-module-fuse-2.6.9-89.0.16.ELsmp-2.7.3-1.SL.i686.rpm> kernel-module-fuse-2.6.9-89.0.16.ELxenU-2.7.3-1.SL.i686.rpm> kernel-module-ipw3945-2.6.9-89.0.16.EL-1.1.0-1.SL4.i686.rpm> kernel-module-ipw3945-2.6.9-89.0.16.ELhugemem-1.1.0-1.SL4.i686.rpm> kernel-module-ipw3945-2.6.9-89.0.16.ELsmp-1.1.0-1.SL4.i686.rpm> kernel-module-ipw3945-2.6.9-89.0.16.ELxenU-1.1.0-1.SL4.i686.rpm> kernel-module-madwifi-2.6.9-89.0.16.EL-0.9.4-10.sl4.i686.rpm> kernel-module-madwifi-2.6.9-89.0.16.ELhugemem-0.9.4-10.sl4.i686.rpm> kernel-module-madwifi-2.6.9-89.0.16.ELsmp-0.9.4-10.sl4.i686.rpm> kernel-module-madwifi-hal-2.6.9-89.0.16.EL-0.9.4-10.sl4.i686.rpm> kernel-module-madwifi-hal-2.6.9-89.0.16.ELhugemem-0.9.4-10.sl4.i686.rpm> kernel-module-madwifi-hal-2.6.9-89.0.16.ELsmp-0.9.4-10.sl4.i686.rpm> kernel-module-ndiswrapper-2.6.9-89.0.16.EL-1.41-1.SL.i686.rpm> kernel-module-ndiswrapper-2.6.9-89.0.16.ELhugemem-1.41-1.SL.i686.rpm> kernel-module-ndiswrapper-2.6.9-89.0.16.ELsmp-1.41-1.SL.i686.rpm> kernel-module-ndiswrapper-2.6.9-89.0.16.ELxenU-1.41-1.SL.i686.rpm> kernel-module-openafs-2.6.9-89.0.16.EL-1.4.7-68.2.SL4.i686.rpm> kernel-module-openafs-2.6.9-89.0.16.ELhugemem-1.4.7-68.2.SL4.i686.rpm> kernel-module-openafs-2.6.9-89.0.16.ELsmp-1.4.7-68.2.SL4.i686.rpm> kernel-module-openafs-2.6.9-89.0.16.ELxenU-1.4.7-68.2.SL4.i686.rpm> kernel-module-r1000-2.6.9-89.0.16.EL-2.2-2.SL4x.i686.rpm> kernel-module-r1000-2.6.9-89.0.16.ELhugemem-2.2-2.SL4x.i686.rpm> kernel-module-r1000-2.6.9-89.0.16.ELsmp-2.2-2.SL4x.i686.rpm> kernel-module-r1000-2.6.9-89.0.16.ELxenU-2.2-2.SL4x.i686.rpm> kernel-module-squashfs-2.6.9-89.0.16.EL-3.1.2-3.i686.rpm> kernel-module-squashfs-2.6.9-89.0.16.ELhugemem-3.1.2-3.i686.rpm> kernel-module-squashfs-2.6.9-89.0.16.ELsmp-3.1.2-3.i686.rpm> kernel-module-squashfs-2.6.9-89.0.16.ELxenU-3.1.2-3.i686.rpm> kernel-module-unionfs-2.6.9-89.0.16.EL-1.1.5-3.i686.rpm> kernel-module-unionfs-2.6.9-89.0.16.ELsmp-1.1.5-3.i686.rpm> > x86_64:> kernel-2.6.9-89.0.16.EL.x86_64.rpm> kernel-devel-2.6.9-89.0.16.EL.x86_64.rpm> kernel-doc-2.6.9-89.0.16.EL.noarch.rpm> kernel-largesmp-2.6.9-89.0.16.EL.x86_64.rpm> kernel-largesmp-devel-2.6.9-89.0.16.EL.x86_64.rpm> kernel-smp-2.6.9-89.0.16.EL.x86_64.rpm> kernel-smp-devel-2.6.9-89.0.16.EL.x86_64.rpm> kernel-xenU-2.6.9-89.0.16.EL.x86_64.rpm> kernel-xenU-devel-2.6.9-89.0.16.EL.x86_64.rpm> Dependencies:> kernel-module-fuse-2.6.9-89.0.16.EL-2.7.3-1.SL.x86_64.rpm> kernel-module-fuse-2.6.9-89.0.16.ELlargesmp-2.7.3-1.SL.x86_64.rpm> kernel-module-fuse-2.6.9-89.0.16.ELsmp-2.7.3-1.SL.x86_64.rpm> kernel-module-fuse-2.6.9-89.0.16.ELxenU-2.7.3-1.SL.x86_64.rpm> kernel-module-ipw3945-2.6.9-89.0.16.EL-1.1.0-1.SL4.x86_64.rpm> kernel-module-ipw3945-2.6.9-89.0.16.ELlargesmp-1.1.0-1.SL4.x86_64.rpm> kernel-module-ipw3945-2.6.9-89.0.16.ELsmp-1.1.0-1.SL4.x86_64.rpm> kernel-module-ipw3945-2.6.9-89.0.16.ELxenU-1.1.0-1.SL4.x86_64.rpm> kernel-module-madwifi-2.6.9-89.0.16.EL-0.9.4-10.sl4.x86_64.rpm> kernel-module-madwifi-2.6.9-89.0.16.ELlargesmp-0.9.4-10.sl4.x86_64.rpm> kernel-module-madwifi-2.6.9-89.0.16.ELsmp-0.9.4-10.sl4.x86_64.rpm> kernel-module-madwifi-hal-2.6.9-89.0.16.EL-0.9.4-10.sl4.x86_64.rpm> kernel-module-madwifi-hal-2.6.9-89.0.16.ELlargesmp-0.9.4-10.sl4.x86_64.rpm> kernel-module-madwifi-hal-2.6.9-89.0.16.ELsmp-0.9.4-10.sl4.x86_64.rpm> kernel-module-ndiswrapper-2.6.9-89.0.16.EL-1.41-1.SL.x86_64.rpm> kernel-module-ndiswrapper-2.6.9-89.0.16.ELlargesmp-1.41-1.SL.x86_64.rpm> kernel-module-ndiswrapper-2.6.9-89.0.16.ELsmp-1.41-1.SL.x86_64.rpm> kernel-module-ndiswrapper-2.6.9-89.0.16.ELxenU-1.41-1.SL.x86_64.rpm> kernel-module-openafs-2.6.9-89.0.16.EL-1.4.7-68.2.SL4.x86_64.rpm> kernel-module-openafs-2.6.9-89.0.16.ELlargesmp-1.4.7-68.2.SL4.x86_64.rpm> kernel-module-openafs-2.6.9-89.0.16.ELsmp-1.4.7-68.2.SL4.x86_64.rpm> kernel-module-openafs-2.6.9-89.0.16.ELxenU-1.4.7-68.2.SL4.x86_64.rpm> kernel-module-r1000-2.6.9-89.0.16.EL-2.2-2.SL4x.x86_64.rpm> kernel-module-r1000-2.6.9-89.0.16.ELlargesmp-2.2-2.SL4x.x86_64.rpm> kernel-module-r1000-2.6.9-89.0.16.ELsmp-2.2-2.SL4x.x86_64.rpm> kernel-module-r1000-2.6.9-89.0.16.ELxenU-2.2-2.SL4x.x86_64.rpm> kernel-module-squashfs-2.6.9-89.0.16.EL-3.1.2-3.x86_64.rpm> kernel-module-squashfs-2.6.9-89.0.16.ELlargesmp-3.1.2-3.x86_64.rpm> kernel-module-squashfs-2.6.9-89.0.16.ELsmp-3.1.2-3.x86_64.rpm> kernel-module-squashfs-2.6.9-89.0.16.ELxenU-3.1.2-3.x86_64.rpm> kernel-module-unionfs-2.6.9-89.0.16.EL-1.1.5-3.x86_64.rpm> kernel-module-unionfs-2.6.9-89.0.16.ELsmp-1.1.5-3.x86_64.rpm> > -Connie Sieh> -Troy Dawson> > > -- __________________________________________________Troy Dawson dawson@fnal.gov (630)840-6468Fermilab ComputingDivision/LSCS/CSI/USS Group__________________________________________________Date: Wed, 11 Nov 2009 12:34:43 -0600Reply-To: Troy Dawson Sender: Security Errata for Scientific Linux From: Troy Dawson Subject: Security ERRATA Moderate: 4Suite on SL3.x, SL4.x i386/x86_64Comments: To: "scientific-linux-errata@fnal.gov" Synopsis: Moderate: 4Suite security updateIssue date: 2009-11-10CVE Names: CVE-2009-3720CVE-2009-3720 expat: buffer over-read and crash on XML with malformed UTF-8 sequencesA buffer over-read flaw was found in the way 4Suite's XML parser handlesmalformed UTF-8 sequences when processing XML files. A specially-craftedXML file could cause applications using the 4Suite library to crash while parsing the file. (CVE-2009-3720)After installing the updated package, applications using the 4Suite XML-related tools and libraries must be restarted for the update to take effect.SL 3.0.x SRPMS:4Suite-0.11.1-15.src.rpm i386:4Suite-0.11.1-15.i386.rpm x86_64:4Suite-0.11.1-15.x86_64.rpmSL 4.x SRPMS:4Suite-1.0-3.el4_8.1.src.rpm i386:4Suite-1.0-3.el4_8.1.i386.rpm x86_64:4Suite-1.0-3.el4_8.1.x86_64.rpm-Connie Sieh-Troy Dawson