Changeset f52ea4e

Timestamp:

01/09/2005 02:17:39 PM (19 years ago)

Author:

Matthew Burgess <matthew@…>

Children:

50bf600

Parents:

39bcf11a

Message:

• Add security patch for the kernel

git-svn-id: ​http://svn.linuxfromscratch.org/LFS/branches/testing/BOOK@4532 4aa44e1e-78dd-0310-a6d2-fbcd4c07a689

Files:

• chapter01/changelog.xml (modified) (2 diffs)
• chapter03/patches.xml (modified) (1 diff)
• chapter08/kernel.xml (modified) (1 diff)

chapter01/changelog.xml

@@ -56 +56 @@
 <listitem><para>Hotplug 2004_09_23</para></listitem>
 <listitem><para>Libol 0.3.14</para></listitem>
+<listitem><para>linux-2.6.10-security_fix-1.patch</para></listitem>
 <listitem><para>Syslog-ng 1.6.5</para></listitem>
 <listitem><para>util-linux-2.12p-cramfs-1.patch</para></listitem>
@@ -73 +74 @@
 </itemizedlist>
 </listitem>
+
+<listitem><para>January 9, 2005 [matt]: Added a security patch for the kernel</para></listitem>
 
 <listitem><para>January 9, 2005 [matt]: Added a security patch for vim</para></listitem>

chapter03/patches.xml

@@ -106 +106 @@
 
 <varlistentry>
+<term>Linux 2.6.10 Security Vulnerability Patch - 1 KB:</term>
+<listitem>
+<para><ulink url="&patches-root;linux-&linux-version;-security_fix-1.patch"/></para>
+</listitem>
+</varlistentry>
+
+<varlistentry>
 <term>Mktemp Tempfile Patch - 3 KB:</term>
 <listitem>

chapter08/kernel.xml

@@ -34 +34 @@
 file in the kernel source tree for alternate methods to the way this
 book configures the kernel.</para>
+
+<para>Kernel version 2.6.10 has a security vulnerability that will allow user
+processes to gain root privledges upon loading of a kernel module.  See:
+<ulink url="http://www.uwsg.iu.edu/hypermail/linux/kernel/0412.3/0679.html"/> for more information.  The following patch fixes this problem:</para>
+
+<screen><userinput>patch -Np1 -i ../linux-&linux-version;-security_fix-1.patch</userinput></screen>
 
 <para>Prepare for compilation by running the following command:</para>