-----BEGIN PGP SIGNED MESSAGE-----Hash: SHA1

[slackware-security]  kernel [updated] (SSA:2009-231-01)

This is a followup to the SSA:2009-230-01 advisory noting some errata.

The generic SMP kernel update for Slackware 12.2 was built using the
.config for a huge kernel, not a generic one.  The kernel previously
published as kernel-generic-smp and in the gemsmp.s directory works
and is secure, but is larger than it needs to be.  It has been
replaced in the Slackware 12.2 patches with a generic SMP kernel.

A new svgalib_helper package (compiled for a 2.6.27.31 kernel) was
added to the Slackware 12.2 /patches.

An error was noticed in the SSA:2009-230-01 advisory concerning the
packages for Slackware -current 32-bit.  The http links given refer to
packages with a -1 build version.  The actual packages have a build
number of -2.


Here are the details from the Slackware 12.2 ChangeLog:
+--------------------------+
patches/packages/linux-2.6.27.31/kernel-modules-smp-2.6.27.31_smp-i686-2.tgz:
  Rebuilt the modules using the config-generic-smp-2.6.27.31-smp .config.
patches/packages/linux-2.6.27.31/kernel-generic-smp-2.6.27.31_smp-i686-2.tgz:
  Fixed the .config to use config-generic-smp-2.6.27.31-smp.
  The config-generic-huge-2.6.27.31-smp was mistakenly used for build -1.
  Thanks to Chuck56 for the report.
patches/packages/linux-2.6.27.31/kernel-source-2.6.27.31_smp-noarch-2.tgz:
  Changed the included .config to the config-generic-smp-2.6.27.31-smp version.
patches/packages/svgalib_helper-1.9.25_2.6.27.31-i486-1_slack12.2.tgz:
  Recompiled for 2.6.27.31.
+--------------------------+


Where to find the new packages:
+-----------------------------+

HINT:  Getting slow download speeds from ftp.slackware.com?
Give slackware.osuosl.org a try.  This is another primary FTP site
for Slackware that can be considerably faster than downloading
directly from ftp.slackware.com.

Thanks to the friendly folks at the OSU Open Source Lab
(https://osuosl.org/) for donating additional FTP and rsync hosting
to the Slackware project!  :-)

Also see the "Get Slack" section on http://www.slackware.com/ for
additional mirror sites near you.

Updated kernel packages for Slackware 12.2 may be found here:
ftp://ftp.slackware.com/pub/slackware/slackware-12.2/patches/packages/linux-2.6.27.31/kernel-modules-smp-2.6.27.31_smp-i686-2.tgz
ftp://ftp.slackware.com/pub/slackware/slackware-12.2/patches/packages/linux-2.6.27.31/kernel-generic-smp-2.6.27.31_smp-i686-2.tgz
ftp://ftp.slackware.com/pub/slackware/slackware-12.2/patches/packages/linux-2.6.27.31/kernel-source-2.6.27.31_smp-noarch-2.tgz


Signatures:
+---------+

All packages are signed with the Slackware Security Team GPG signature for
verification of authenticity.  File may also be checked with the CHECKSUMS.md5
file provided in each Slackware directory tree, which is also signed with the
Slackware GPG key.


Installation instructions:
+------------------------+

Upgrade the kernel packages as root, rebuild the initrd with
mkinitrd, and reinstall LILO.  For details on the process of
updating the Slackware 12.2 kernels, see the README file in
/patches/packages/linux-2.6.27.31/.


+-----+

Slackware: 2009-231-01: kernel [d] Security Update

August 20, 2009

This is a followup to the SSA:2009-230-01 advisory noting some errata

Summary

Here are the details from the Slackware 12.2 ChangeLog: patches/packages/linux-2.6.27.31/kernel-modules-smp-2.6.27.31_smp-i686-2.tgz: Rebuilt the modules using the config-generic-smp-2.6.27.31-smp .config. patches/packages/linux-2.6.27.31/kernel-generic-smp-2.6.27.31_smp-i686-2.tgz: Fixed the .config to use config-generic-smp-2.6.27.31-smp. The config-generic-huge-2.6.27.31-smp was mistakenly used for build -1. Thanks to Chuck56 for the report. patches/packages/linux-2.6.27.31/kernel-source-2.6.27.31_smp-noarch-2.tgz: Changed the included .config to the config-generic-smp-2.6.27.31-smp version. patches/packages/svgalib_helper-1.9.25_2.6.27.31-i486-1_slack12.2.tgz: Recompiled for 2.6.27.31.

Where Find New Packages

HINT: Getting slow download speeds from ftp.slackware.com? Give slackware.osuosl.org a try. This is another primary FTP site for Slackware that can be considerably faster than downloading directly from ftp.slackware.com.
Thanks to the friendly folks at the OSU Open Source Lab (https://osuosl.org/) for donating additional FTP and rsync hosting to the Slackware project! :-)
Also see the "Get Slack" section on http://www.slackware.com/ for additional mirror sites near you.
Updated kernel packages for Slackware 12.2 may be found here: ftp://ftp.slackware.com/pub/slackware/slackware-12.2/patches/packages/linux-2.6.27.31/kernel-modules-smp-2.6.27.31_smp-i686-2.tgz ftp://ftp.slackware.com/pub/slackware/slackware-12.2/patches/packages/linux-2.6.27.31/kernel-generic-smp-2.6.27.31_smp-i686-2.tgz ftp://ftp.slackware.com/pub/slackware/slackware-12.2/patches/packages/linux-2.6.27.31/kernel-source-2.6.27.31_smp-noarch-2.tgz

Signatures:
All packages are signed with the Slackware Security Team GPG signature for verification of authenticity. File may also be checked with the CHECKSUMS.md5 file provided in each Slackware directory tree, which is also signed with the Slackware GPG key.

MD5 Signatures

Severity
[slackware-security] kernel [updated] (SSA:2009-231-01) This is a followup to the SSA:2009-230-01 advisory noting some errata. The generic SMP kernel update for Slackware 12.2 was built using the .config for a huge kernel, not a generic one. The kernel previously published as kernel-generic-smp and in the gemsmp.s directory works and is secure, but is larger than it needs to be. It has been replaced in the Slackware 12.2 patches with a generic SMP kernel. A new svgalib_helper package (compiled for a 2.6.27.31 kernel) was added to the Slackware 12.2 /patches. An error was noticed in the SSA:2009-230-01 advisory concerning the packages for Slackware -current 32-bit. The http links given refer to packages with a -1 build version. The actual packages have a build number of -2.

Installation Instructions

Installation instructions: Upgrade the kernel packages as root, rebuild the initrd with mkinitrd, and reinstall LILO. For details on the process of updating the Slackware 12.2 kernels, see the README file in /patches/packages/linux-2.6.27.31/.

Related News

11.Locks IsometricPattern Esm H320
2 - 3 min read
The Kinsing hacker group, or H2Miner, has been orchestrating illicit cryptocurrency mining campaigns since 2019 and poses a persistent security
32.Lock Code Circular Esm H320
2 - 3 min read
The Kimsuky APT group, reportedly linked to North Korea's Reconnaissance General Bureau (RGB), has been identified deploying a Linux version of its
4.Lock AbstractDigital Esm H320
2 - 3 min read
Recent research sheds light on the security vulnerabilities prevalent in Linux vendor kernels due to flawed engineering processes that backport
28.Lock Globe Esm H320
1 - 2 min read
The intersection of Linux and quantum computing has become increasingly apparent, emphasizing the importance of Linux-based operating systems in
6.EmailConnection Touch Esm H320
2 - 3 min read
Recent security updates for Ubuntu and Debian have been released to address vulnerabilities in Thunderbird, the popular open-source mail and
30.Lock Globe Motherboard Esm H320
1 - 2 min read
As cybersecurity practitioners, we are no strangers to the constant threat of malicious actors and the importance of remaining vigilant to protect
22.Lock ScreenEffect Esm H320
1 - 2 min read
EndeavorOS Gemini is a captivating and charming desktop operating system based on Arch Linux. The new release includes a kernel upgrade, 3D graphics
25.@Sign Hook Keyboard Esm H320
1 min read
Cyber risk is increasing for individuals and organizations, making flexible and robust solutions for identifying spam and malware increasingly

Get the Latest News & Insights

Sign up to get the latest security news affecting Linux and open source delivered straight to your inbox.

© 2024 Guardian Digital, Inc All Rights Reserved