作者:kent
影响系统的 setuid 程序 (Linux,补丁) 涉及程序:Red Hat Linux
描述RedHat Linux 核心安全漏洞 影响系统的 setuid 程序
详细
存在漏洞的版本:
Red Hat Linux 6.0 - i386 alpha sparc
Red Hat Linux 6.1 - i386 alpha sparc
Red Hat Linux 6.2 - i386 alpha sparc
在漏洞补丁中对核心加入或更新的驱动程序:
更新了 AMI MegaRAID 驱动程序
更新了 Acenic Gigabit Ethernet 驱动程序
更新了 Adaptec RAID (aacraid) 驱动程序
更新了 3com 最新的 3c90x 驱动程序
更新了 agpgart handling for latest Intel 810 chipset
更新了 SCSI 的错误处理
MD5 的 package 名总计
--------------------------------------------------------------------------
6.2/SRPMS/kernel-2.2.16-3.src.rpm
6.2/alpha/kernel-2.2.16-3.alpha.rpm
6.2/alpha/kernel-BOOT-2.2.16-3.alpha.rpm
6.2/alpha/kernel-doc-2.2.16-3.alpha.rpm
6.2/alpha/kernel-headers-2.2.16-3.alpha.rpm
6.2/alpha/kernel-smp-2.2.16-3.alpha.rpm
6.2/alpha/kernel-source-2.2.16-3.alpha.rpm
6.2/alpha/kernel-utils-2.2.16-3.alpha.rpm
6.2/i386/kernel-2.2.16-3.i386.rpm
6.2/i386/kernel-BOOT-2.2.16-3.i386.rpm
6.2/i386/kernel-doc-2.2.16-3.i386.rpm
6.2/i386/kernel-headers-2.2.16-3.i386.rpm
6.2/i386/kernel-ibcs-2.2.16-3.i386.rpm
6.2/i386/kernel-pcmcia-cs-2.2.16-3.i386.rpm
6.2/i386/kernel-smp-2.2.16-3.i386.rpm
6.2/i386/kernel-source-2.2.16-3.i386.rpm
6.2/i386/kernel-utils-2.2.16-3.i386.rpm
6.2/sparc/kernel-2.2.16-3.sparc.rpm
6.2/sparc/kernel-BOOT-2.2.16-3.sparc.rpm
6.2/sparc/kernel-doc-2.2.16-3.sparc.rpm
6.2/sparc/kernel-headers-2.2.16-3.sparc.rpm
6.2/sparc/kernel-smp-2.2.16-3.sparc.rpm
6.2/sparc/kernel-source-2.2.16-3.sparc.rpm
6.2/sparc/kernel-utils-2.2.16-3.sparc.rpm
这些 package 被以 GPG 签名处理过,GPG key 可在 http://www.redhat.com/corp/contact.html处得到。
使用下面的命令可检验这些 package:
rpm --checksig
使用下面的命令可检验 package 是否被破坏或改动过:
rpm --checksig --nogpg
解决方案下载补丁后运行 “rpm -Fvh [RPM 文件名]” 命令进行安装,再执行以下步骤:
1)运行 mkinitrd 来建立一个新的 ramdisk 映象文件
2)更新 lilo.conf 文件
3)运行 /sbin/lilo
Red Hat Linux 6.2:
intel:
ftp://updates.redhat.com/6.2/i386/kernel2.2.16-3.i386.rpm
ftp://updates.redhat.com/6.2/i386/kernel-headers-2.2.16-3.i386.rpm
ftp://updates.redhat.com/6.2/i386/kernel-source-2.2.16-3.i386.rpm
ftp://updates.redhat.com/6.2/i386/kernel-doc-2.2.16-3.i386.rpm
ftp://updates.redhat.com/6.2/i386/kernel-utils-2.2.16-3.i386.rpm
ftp://updates.redhat.com/6.2/i386/kernel-smp-2.2.16-3.i386.rpm
ftp://updates.redhat.com/6.2/i386/kernel-BOOT-2.2.16-3.i386.rpm
ftp://updates.redhat.com/6.2/i386/kernel-pcmcia-cs-2.2.16-3.i386.rpm
ftp://updates.redhat.com/6.2/i386/kernel-ibcs-2.2.16-3.i386.rpm
alpha:
ftp://updates.redhat.com/6.2/alpha/kernel-2.2.16-3.alpha.rpm
ftp://updates.redhat.com/6.2/alpha/kernel-headers-2.2.16-3.alpha.rpm
ftp://updates.redhat.com/6.2/alpha/kernel-source-2.2.16-3.alpha.rpm
ftp://updates.redhat.com/6.2/alpha/kernel-doc-2.2.16-3.alpha.rpm
ftp://updates.redhat.com/6.2/alpha/kernel-utils-2.2.16-3.alpha.rpm
ftp://updates.redhat.com/6.2/alpha/kernel-smp-2.2.16-3.alpha.rpm
ftp://updates.redhat.com/6.2/alpha/kernel-BOOT-2.2.16-3.alpha.rpm
sparc:
ftp://updates.redhat.com/6.2/sparc/kernel-2.2.16-3.sparc.rpm
ftp://updates.redhat.com/6.2/sparc/kernel-headers-2.2.16-3.sparc.rpm
ftp://updates.redhat.com/6.2/sparc/kernel-source-2.2.16-3.sparc.rpm
ftp://updates.redhat.com/6.2/sparc/kernel-doc-2.2.16-3.sparc.rpm
ftp://updates.redhat.com/6.2/sparc/kernel-utils-2.2.16-3.sparc.rpm
ftp://updates.redhat.com/6.2/sparc/kernel-smp-2.2.16-3.sparc.rpm
ftp://updates.redhat.com/6.2/sparc/kernel-BOOT-2.2.16-3.sparc.rpm
源码ftp://updates.redhat.com/6.2/SRPMS/kernel-2.2.16-3.src.rpm