冷风
2003-11-25, 14:40
redhat ads 3.1 虽然刚发布不久但是已经出来新的补丁了
如果是注册用户可以用up2date命令在线更新
对于非正版用户只能下载源代码自己编译了方法如下
下载ads3.1源代码
地址是:ftp://updates.redhat.com/enterprise/3AS/en/os/SRPMS
现在有5个文件的升级
https://rhn.redhat.com/img/wrh_security-white.gif glibc
受影响的系统:
Red Hat Enterprise Linux AS (v. 3)
Red Hat Enterprise Linux ES (v. 3)
Red Hat Enterprise Linux WS (v. 3)
描述:
Security Advisory
Details:
Updated glibc packages that resolve a vulnerability and address several bugs
are now available.
The glibc packages contain GNU libc, which provides standard system libraries.
Herbert Xu reported that various applications can accept spoofed messages
sent on the kernel netlink interface by other users on the local machine.
This could lead to a local denial of service attack. The glibc function
getifaddrs uses netlink and could therefore be vulnerable to this issue.
The Common Vulnerabilities and Exposures project (cve.mitre.org) has
assigned the name CAN-2003-0859 to this issue.
In addition to the security issues, a number of other bugs were fixed.
Users are advised to upgrade to these erratum packages, which contain a
patch that checks that netlink messages actually came from the kernel
and patches for the various bug fixes.
编译源代码:
下载回来glibc的源代码用下面的命令编译
rpmbuild --rebuild --taget=i386 glibc-2.3.2-95.6.src.rpm
这样将编译出来针对i386的glibc的版本
rpmbuild --rebuild --taget=i686 glibc-2.3.2-95.6.src.rpm
这样将编译出来针对i686cpu的glib的binary
如果你是486的机器只需要执行第一条命令,如果你是奔腾机器请执行第2条命令
https://rhn.redhat.com/img/wrh_security-white.gif quagga
受影响的系统:
Red Hat Enterprise Linux AS (v. 3)
Red Hat Enterprise Linux ES (v. 3)
描述
Details:
Updated Quagga packages that close a locally-exploitable denial of service
vulnerability are now available.
Quagga is an open source implementation of TCP/IP routing software.
Herbert Xu reported that Quagga can accept spoofed messages sent on the
kernel netlink interface by other users on the local machine. This could
lead to a local denial of service attack. The Common Vulnerabilities and
Exposures project (cve.mitre.org) has assigned the name CAN-2003-0858 to
this issue.
Users of Quagga should upgrade to these erratum packages, which contain a
patch that checks that netlink messages actually came from the kernel.
This erratum also includes quagga-devel and quagga-contrib packages which
were not originally shipped with Red Hat Enterprise Linux 3.
编译源代码:
rpmbuild --rebuild quagga-0.96.2-8.3.src.rpm
https://rhn.redhat.com/img/wrh_security-white.gif iprouter
受影响的系统:
Red Hat Enterprise Linux AS (v. 2.1)
Red Hat Enterprise Linux AS (v. 3)
Red Hat Enterprise Linux ES (v. 2.1)
Red Hat Enterprise Linux ES (v. 3)
Red Hat Enterprise Linux WS (v. 2.1)
Red Hat Enterprise Linux WS (v. 3)
Red Hat Linux Advanced Workstation 2.1 for the Itanium Processor
描述:
Details:
Updated iproute packages that close a locally-exploitable denial of service
vulnerability are now available.
The iproute package contains advanced IP routing and network device
configuration tools.
Herbert Xu reported that iproute can accept spoofed messages sent on the
kernel netlink interface by other users on the local machine. This could
lead to a local denial of service attack. The Common Vulnerabilities and
Exposures project (cve.mitre.org) has assigned the name CAN-2003-0856 to
this issue.
Users of iproute should upgrade to these erratum packages, which contain a
patch that checks that netlink messages actually came from the kernel.
编译:
rpm --rebuild iproute-2.4.7-11.30E.1.src.rpm
https://rhn.redhat.com/img/wrh_security-white.gif Ethereal
受影响的系统:
Red Hat Enterprise Linux AS (v. 2.1)
Red Hat Enterprise Linux AS (v. 3)
Red Hat Enterprise Linux ES (v. 2.1)
Red Hat Enterprise Linux ES (v. 3)
Red Hat Enterprise Linux WS (v. 2.1)
Red Hat Enterprise Linux WS (v. 3)
Red Hat Linux Advanced Workstation 2.1 for the Itanium Processor
描述:
Details:
Updated Ethereal packages that fix a number of exploitable security issues
are now available.
Ethereal is a program for monitoring network traffic.
A number of security issues affect Ethereal. By exploiting these issues,
it may be possible to make Ethereal crash or run arbitrary code by
injecting a purposefully-malformed packet onto the wire or by convincing
someone to read a malformed packet trace file.
A buffer overflow in Ethereal 0.9.15 and earlier allows remote attackers
to cause a denial of service and possibly execute arbitrary code via a
malformed GTP MSISDN string. The Common Vulnerabilities and Exposures
project (cve.mitre.org) has assigned the name CAN-2003-0925 to
this issue.
Ethereal 0.9.15 and earlier allows remote attackers to cause a denial of
service (crash) via certain malformed ISAKMP or MEGACO packets. The Common
Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name
CAN-2003-0926 to this issue.
A heap-based buffer overflow in Ethereal 0.9.15 and earlier allows
remote attackers to cause a denial of service (crash) and possibly
execute arbitrary code via the SOCKS dissector. The Common Vulnerabilities
and Exposures project (cve.mitre.org) has assigned the name CAN-2003-0927
to this issue.
Users of Ethereal should update to these erratum packages containing
Ethereal version 0.9.16, which is not vulnerable to these issues.
编译:
rpm --rebuild ethereal-0.9.16-0.30E.1.src.rpm
https://rhn.redhat.com/img/wrh_bug-white.gif KERNEL
受影响的系统
Red Hat Enterprise Linux AS (v. 3)
Red Hat Enterprise Linux ES (v. 3)
Red Hat Enterprise Linux WS (v. 3)
描述:
Details:
Updated kernel packages are now available that allow 32-bit
compatibility-mode applications to utilize a larger address space on the
AMD64 architecture.
The Linux kernel handles the basic functions of the operating system.
The initial release of the Red Hat Enterprise Linux 3 kernel for the AMD64
architecture limited the amount of virtual address space available to
applications compiled on a 32-bit (x86) architecture to an unnecessary
degree. A side effect of this restriction was that some applications
with large address space requirements might execute successfully on an
x86-based platform, but might not run on an AMD64-based platform.
These updated kernel packages significantly raise this address space limit.
编译:
注意 请根据你系统cpu类型来编译属于自己的kernel
在rpmbuild 后加--target=cpu类型 例如i386,i586或者i686我们现在的机器一般都是PIII以上了都选i686就可以了
rpmbuild --rebuild --target=i686 kernel-2.4.21-4.0.1.EL.src.rpm
OK,全部编译完毕,编译好的rpm文件都在/usr/src/redhat/i386和/usr/src/redhat/i686目录下了,用
rpm -Fvh xxx.rpm来安装即可
注意glibc和kernel要选择适合你的kernel的版本来安装
如果是注册用户可以用up2date命令在线更新
对于非正版用户只能下载源代码自己编译了方法如下
下载ads3.1源代码
地址是:ftp://updates.redhat.com/enterprise/3AS/en/os/SRPMS
现在有5个文件的升级
https://rhn.redhat.com/img/wrh_security-white.gif glibc
受影响的系统:
Red Hat Enterprise Linux AS (v. 3)
Red Hat Enterprise Linux ES (v. 3)
Red Hat Enterprise Linux WS (v. 3)
描述:
Security Advisory
Details:
Updated glibc packages that resolve a vulnerability and address several bugs
are now available.
The glibc packages contain GNU libc, which provides standard system libraries.
Herbert Xu reported that various applications can accept spoofed messages
sent on the kernel netlink interface by other users on the local machine.
This could lead to a local denial of service attack. The glibc function
getifaddrs uses netlink and could therefore be vulnerable to this issue.
The Common Vulnerabilities and Exposures project (cve.mitre.org) has
assigned the name CAN-2003-0859 to this issue.
In addition to the security issues, a number of other bugs were fixed.
Users are advised to upgrade to these erratum packages, which contain a
patch that checks that netlink messages actually came from the kernel
and patches for the various bug fixes.
编译源代码:
下载回来glibc的源代码用下面的命令编译
rpmbuild --rebuild --taget=i386 glibc-2.3.2-95.6.src.rpm
这样将编译出来针对i386的glibc的版本
rpmbuild --rebuild --taget=i686 glibc-2.3.2-95.6.src.rpm
这样将编译出来针对i686cpu的glib的binary
如果你是486的机器只需要执行第一条命令,如果你是奔腾机器请执行第2条命令
https://rhn.redhat.com/img/wrh_security-white.gif quagga
受影响的系统:
Red Hat Enterprise Linux AS (v. 3)
Red Hat Enterprise Linux ES (v. 3)
描述
Details:
Updated Quagga packages that close a locally-exploitable denial of service
vulnerability are now available.
Quagga is an open source implementation of TCP/IP routing software.
Herbert Xu reported that Quagga can accept spoofed messages sent on the
kernel netlink interface by other users on the local machine. This could
lead to a local denial of service attack. The Common Vulnerabilities and
Exposures project (cve.mitre.org) has assigned the name CAN-2003-0858 to
this issue.
Users of Quagga should upgrade to these erratum packages, which contain a
patch that checks that netlink messages actually came from the kernel.
This erratum also includes quagga-devel and quagga-contrib packages which
were not originally shipped with Red Hat Enterprise Linux 3.
编译源代码:
rpmbuild --rebuild quagga-0.96.2-8.3.src.rpm
https://rhn.redhat.com/img/wrh_security-white.gif iprouter
受影响的系统:
Red Hat Enterprise Linux AS (v. 2.1)
Red Hat Enterprise Linux AS (v. 3)
Red Hat Enterprise Linux ES (v. 2.1)
Red Hat Enterprise Linux ES (v. 3)
Red Hat Enterprise Linux WS (v. 2.1)
Red Hat Enterprise Linux WS (v. 3)
Red Hat Linux Advanced Workstation 2.1 for the Itanium Processor
描述:
Details:
Updated iproute packages that close a locally-exploitable denial of service
vulnerability are now available.
The iproute package contains advanced IP routing and network device
configuration tools.
Herbert Xu reported that iproute can accept spoofed messages sent on the
kernel netlink interface by other users on the local machine. This could
lead to a local denial of service attack. The Common Vulnerabilities and
Exposures project (cve.mitre.org) has assigned the name CAN-2003-0856 to
this issue.
Users of iproute should upgrade to these erratum packages, which contain a
patch that checks that netlink messages actually came from the kernel.
编译:
rpm --rebuild iproute-2.4.7-11.30E.1.src.rpm
https://rhn.redhat.com/img/wrh_security-white.gif Ethereal
受影响的系统:
Red Hat Enterprise Linux AS (v. 2.1)
Red Hat Enterprise Linux AS (v. 3)
Red Hat Enterprise Linux ES (v. 2.1)
Red Hat Enterprise Linux ES (v. 3)
Red Hat Enterprise Linux WS (v. 2.1)
Red Hat Enterprise Linux WS (v. 3)
Red Hat Linux Advanced Workstation 2.1 for the Itanium Processor
描述:
Details:
Updated Ethereal packages that fix a number of exploitable security issues
are now available.
Ethereal is a program for monitoring network traffic.
A number of security issues affect Ethereal. By exploiting these issues,
it may be possible to make Ethereal crash or run arbitrary code by
injecting a purposefully-malformed packet onto the wire or by convincing
someone to read a malformed packet trace file.
A buffer overflow in Ethereal 0.9.15 and earlier allows remote attackers
to cause a denial of service and possibly execute arbitrary code via a
malformed GTP MSISDN string. The Common Vulnerabilities and Exposures
project (cve.mitre.org) has assigned the name CAN-2003-0925 to
this issue.
Ethereal 0.9.15 and earlier allows remote attackers to cause a denial of
service (crash) via certain malformed ISAKMP or MEGACO packets. The Common
Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name
CAN-2003-0926 to this issue.
A heap-based buffer overflow in Ethereal 0.9.15 and earlier allows
remote attackers to cause a denial of service (crash) and possibly
execute arbitrary code via the SOCKS dissector. The Common Vulnerabilities
and Exposures project (cve.mitre.org) has assigned the name CAN-2003-0927
to this issue.
Users of Ethereal should update to these erratum packages containing
Ethereal version 0.9.16, which is not vulnerable to these issues.
编译:
rpm --rebuild ethereal-0.9.16-0.30E.1.src.rpm
https://rhn.redhat.com/img/wrh_bug-white.gif KERNEL
受影响的系统
Red Hat Enterprise Linux AS (v. 3)
Red Hat Enterprise Linux ES (v. 3)
Red Hat Enterprise Linux WS (v. 3)
描述:
Details:
Updated kernel packages are now available that allow 32-bit
compatibility-mode applications to utilize a larger address space on the
AMD64 architecture.
The Linux kernel handles the basic functions of the operating system.
The initial release of the Red Hat Enterprise Linux 3 kernel for the AMD64
architecture limited the amount of virtual address space available to
applications compiled on a 32-bit (x86) architecture to an unnecessary
degree. A side effect of this restriction was that some applications
with large address space requirements might execute successfully on an
x86-based platform, but might not run on an AMD64-based platform.
These updated kernel packages significantly raise this address space limit.
编译:
注意 请根据你系统cpu类型来编译属于自己的kernel
在rpmbuild 后加--target=cpu类型 例如i386,i586或者i686我们现在的机器一般都是PIII以上了都选i686就可以了
rpmbuild --rebuild --target=i686 kernel-2.4.21-4.0.1.EL.src.rpm
OK,全部编译完毕,编译好的rpm文件都在/usr/src/redhat/i386和/usr/src/redhat/i686目录下了,用
rpm -Fvh xxx.rpm来安装即可
注意glibc和kernel要选择适合你的kernel的版本来安装