[security] security updates

Lorenzo Iannuzzi nakis a libero.it
Lun 19 Apr 2004 10:35:13 CEST


Herbert Xu reported that local users could cause a denial of service
against iproute, a set of tools for controlling networking in Linux
kernels.  iproute uses the netlink interface to communicate with the
kernel, but failed to verify that the messages it received came from
the kernel (rather than from other user processes).


Netwosix has issued updates for cvs and neon.

Slackware has updated tcpdump (denial of service vulnerability).

Trustix has issued an update to the kernel.

Ciao e alla prossima!

Maggiori informazioni sulla lista security