Slackware: 2020-086-01: Slackware 14.2 kernel Security Update

    Date26 Mar 2020
    196
    Posted ByLinuxSecurity Advisories
    New kernel packages are available for Slackware 14.2 to fix security issues.
    
    -----BEGIN PGP SIGNED MESSAGE-----
    Hash: SHA1
    
    [slackware-security]  Slackware 14.2 kernel (SSA:2020-086-01)
    
    New kernel packages are available for Slackware 14.2 to fix security issues.
    
    
    Here are the details from the Slackware 14.2 ChangeLog:
    +--------------------------+
    patches/packages/linux-4.4.217/*:  Upgraded.
      These updates fix various bugs and security issues.
      Be sure to upgrade your initrd after upgrading the kernel packages.
      If you use lilo to boot your machine, be sure lilo.conf points to the correct
      kernel and initrd and run lilo as root to update the bootloader.
      If you use elilo to boot your machine, you should run eliloconfig to copy the
      kernel and initrd to the EFI System Partition.
      For more information, see:
        Fixed in 4.4.209:
        https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19965
        Fixed in 4.4.210:
        https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19068
        https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14615
        https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14895
        https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19056
        https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19066
        Fixed in 4.4.211:
        https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15217
        https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-21008
        https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15220
        https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15221
        https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5108
        Fixed in 4.4.212:
        https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14896
        https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14897
        Fixed in 4.4.215:
        https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9383
        https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-2732
        https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16233
        https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-0009
        Fixed in 4.4.216:
        https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11487
        https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8647
        https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8649
        https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16234
        https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8648
        Fixed in 4.4.217:
        https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14901
      (* Security fix *)
    +--------------------------+
    
    
    Where to find the new packages:
    +-----------------------------+
    
    Thanks to the friendly folks at the OSU Open Source Lab
    (https://osuosl.org) for donating FTP and rsync hosting
    to the Slackware project!  :-)
    
    Also see the "Get Slack" section on https://slackware.com for
    additional mirror sites near you.
    
    Updated packages for Slackware 14.2:
    ftp://ftp.slackware.com/pub/slackware/slackware-14.2/patches/packages/linux-4.4.217/kernel-generic-4.4.217-i586-1.txz
    ftp://ftp.slackware.com/pub/slackware/slackware-14.2/patches/packages/linux-4.4.217/kernel-generic-smp-4.4.217_smp-i686-1.txz
    ftp://ftp.slackware.com/pub/slackware/slackware-14.2/patches/packages/linux-4.4.217/kernel-headers-4.4.217_smp-x86-1.txz
    ftp://ftp.slackware.com/pub/slackware/slackware-14.2/patches/packages/linux-4.4.217/kernel-huge-4.4.217-i586-1.txz
    ftp://ftp.slackware.com/pub/slackware/slackware-14.2/patches/packages/linux-4.4.217/kernel-huge-smp-4.4.217_smp-i686-1.txz
    ftp://ftp.slackware.com/pub/slackware/slackware-14.2/patches/packages/linux-4.4.217/kernel-modules-4.4.217-i586-1.txz
    ftp://ftp.slackware.com/pub/slackware/slackware-14.2/patches/packages/linux-4.4.217/kernel-modules-smp-4.4.217_smp-i686-1.txz
    ftp://ftp.slackware.com/pub/slackware/slackware-14.2/patches/packages/linux-4.4.217/kernel-source-4.4.217_smp-noarch-1.txz
    
    Updated packages for Slackware x86_64 14.2:
    ftp://ftp.slackware.com/pub/slackware/slackware64-14.2/patches/packages/linux-4.4.217/kernel-generic-4.4.217-x86_64-1.txz
    ftp://ftp.slackware.com/pub/slackware/slackware64-14.2/patches/packages/linux-4.4.217/kernel-headers-4.4.217-x86-1.txz
    ftp://ftp.slackware.com/pub/slackware/slackware64-14.2/patches/packages/linux-4.4.217/kernel-huge-4.4.217-x86_64-1.txz
    ftp://ftp.slackware.com/pub/slackware/slackware64-14.2/patches/packages/linux-4.4.217/kernel-modules-4.4.217-x86_64-1.txz
    ftp://ftp.slackware.com/pub/slackware/slackware64-14.2/patches/packages/linux-4.4.217/kernel-source-4.4.217-noarch-1.txz
    
    
    MD5 signatures:
    +-------------+
    
    Slackware 14.2 packages:
    a583999ff4d5aaf717389329af0bfebf  kernel-generic-4.4.217-i586-1.txz
    aa41f8b6cb7ca06779e11a803fd06881  kernel-generic-smp-4.4.217_smp-i686-1.txz
    ec98d6aa32743124ed317edfd9b5751d  kernel-headers-4.4.217_smp-x86-1.txz
    426ffbbd44d3ab47779518713079cbc2  kernel-huge-4.4.217-i586-1.txz
    f0b0c550771cdb9904e8a81e18e1c3a5  kernel-huge-smp-4.4.217_smp-i686-1.txz
    17580fde3d753faec92c69d9b1b296b3  kernel-modules-4.4.217-i586-1.txz
    35b06ec07cbc246f7e439c6ffc8b8146  kernel-modules-smp-4.4.217_smp-i686-1.txz
    aa3b2bdf35fa4c2202a03910d2c53d8d  kernel-source-4.4.217_smp-noarch-1.txz
    
    Slackware x86_64 14.2 packages:
    ef37a3afd3ad459a0714624b32f670a2  kernel-generic-4.4.217-x86_64-1.txz
    de239ba97ad7fd3d3487038bc8bf10a5  kernel-headers-4.4.217-x86-1.txz
    2ad3dca1aeff8429de2c03bd28afdd7d  kernel-huge-4.4.217-x86_64-1.txz
    ea75c40c4a486b3f25de482cae24e87c  kernel-modules-4.4.217-x86_64-1.txz
    933366ccd2ba028a03bed87cbeea3ac5  kernel-source-4.4.217-noarch-1.txz
    
    
    Installation instructions:
    +------------------------+
    
    Upgrade the packages as root:
    # upgradepkg kernel-*.txz
    
    If you are using an initrd, you'll need to rebuild it.
    
    For a 32-bit SMP machine, use this command (substitute the appropriate
    kernel version if you are not running Slackware 14.2):
    # /usr/share/mkinitrd/mkinitrd_command_generator.sh -k 4.4.217-smp | bash
    
    For a 64-bit machine, or a 32-bit uniprocessor machine, use this command
    (substitute the appropriate kernel version if you are not running
    Slackware 14.2):
    # /usr/share/mkinitrd/mkinitrd_command_generator.sh -k 4.4.217 | bash
    
    Please note that "uniprocessor" has to do with the kernel you are running,
    not with the CPU. Most systems should run the SMP kernel (if they can)
    regardless of the number of cores the CPU has. If you aren't sure which
    kernel you are running, run "uname -a". If you see SMP there, you are
    running the SMP kernel and should use the 4.4.217-smp version when running
    mkinitrd_command_generator. Note that this is only for 32-bit -- 64-bit
    systems should always use 4.4.217 as the version.
    
    If you are using lilo or elilo to boot the machine, you'll need to ensure
    that the machine is properly prepared before rebooting.
    
    If using LILO:
    By default, lilo.conf contains an image= line that references a symlink
    that always points to the correct kernel. No editing should be required
    unless your machine uses a custom lilo.conf. If that is the case, be sure
    that the image= line references the correct kernel file.  Either way,
    you'll need to run "lilo" as root to reinstall the boot loader.
    
    If using elilo:
    Ensure that the /boot/vmlinuz symlink is pointing to the kernel you wish
    to use, and then run eliloconfig to update the EFI System Partition.
    
    
    +-----+
    

    LinuxSecurity Poll

    What do you think of the LinuxSecurity Privacy news articles?

    No answer selected. Please try again.
    Please select either existing option or enter your own, however not both.
    Please select minimum 0 answer(s) and maximum 3 answer(s).
    /main-polls/25-what-do-you-think-of-the-linuxsecurity-privacy-news-articles?task=poll.vote&format=json
    25
    radio
    [{"id":"90","title":"Love them!","votes":"48","type":"x","order":"1","pct":88.89,"resources":[]},{"id":"91","title":"I'm indifferent","votes":"4","type":"x","order":"2","pct":7.41,"resources":[]},{"id":"92","title":"Not interested in this topic","votes":"2","type":"x","order":"3","pct":3.7,"resources":[]}]["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"]["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"]350
    bottom200

    We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.