news 28 Posted November 1, 2016 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 [slackware-security] kernel (SSA:2016-305-01) New kernel packages are available for Slackware 14.0, 14.1, 14.2, and -current to fix a security issue. Here are the details from the Slackware 14.2 ChangeLog: +--------------------------+ patches/packages/linux-4.4.29/*: Upgraded. This kernel fixes a security issue known as "Dirty COW". A race condition was found in the way the Linux kernel's memory subsystem handled the copy-on-write (COW) breakage of private read-only memory mappings. An unprivileged local user could use this flaw to gain write access to otherwise read-only memory mappings and thus increase their privileges on the system. Be sure to upgrade your initrd after upgrading the kernel packages. If you use lilo to boot your machine, be sure lilo.conf points to the correct kernel and initrd and run lilo as root to update the bootloader. If you use elilo to boot your machine, you should run eliloconfig to copy the kernel and initrd to the EFI System Partition. For more information, see: https://dirtycow.ninja/ https://www.kb.cert.org/vuls/id/243144 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5195 (* Security fix *) +--------------------------+ Where to find the new packages: +-----------------------------+ Thanks to the friendly folks at the OSU Open Source Lab (http://osuosl.org) for donating FTP and rsync hosting to the Slackware project! :-) Also see the "Get Slack" section on http://slackware.com for additional mirror sites near you. Updated packages for Slackware 14.0: ftp://ftp.slackware.com/pub/slackware/slackware-14.0/linux-3.2.83/kernel-generic-3.2.83-i486-1_slack14.0.txz ftp://ftp.slackware.com/pub/slackware/slackware-14.0/linux-3.2.83/kernel-generic-smp-3.2.83_smp-i686-1_slack14.0.txz ftp://ftp.slackware.com/pub/slackware/slackware-14.0/linux-3.2.83/kernel-headers-3.2.83_smp-x86-1_slack14.0.txz ftp://ftp.slackware.com/pub/slackware/slackware-14.0/linux-3.2.83/kernel-huge-3.2.83-i486-1_slack14.0.txz ftp://ftp.slackware.com/pub/slackware/slackware-14.0/linux-3.2.83/kernel-huge-smp-3.2.83_smp-i686-1_slack14.0.txz ftp://ftp.slackware.com/pub/slackware/slackware-14.0/linux-3.2.83/kernel-modules-3.2.83-i486-1_slack14.0.txz ftp://ftp.slackware.com/pub/slackware/slackware-14.0/linux-3.2.83/kernel-modules-smp-3.2.83_smp-i686-1_slack14.0.txz ftp://ftp.slackware.com/pub/slackware/slackware-14.0/linux-3.2.83/kernel-source-3.2.83_smp-noarch-1_slack14.0.txz Updated packages for Slackware x86_64 14.0: ftp://ftp.slackware.com/pub/slackware/slackware64-14.0/patches/packages/linux-3.2.83/kernel-generic-3.2.83-x86_64-1_slack14.0.txz ftp://ftp.slackware.com/pub/slackware/slackware64-14.0/patches/packages/linux-3.2.83/kernel-headers-3.2.83-x86-1_slack14.0.txz ftp://ftp.slackware.com/pub/slackware/slackware64-14.0/patches/packages/linux-3.2.83/kernel-huge-3.2.83-x86_64-1_slack14.0.txz ftp://ftp.slackware.com/pub/slackware/slackware64-14.0/patches/packages/linux-3.2.83/kernel-modules-3.2.83-x86_64-1_slack14.0.txz ftp://ftp.slackware.com/pub/slackware/slackware64-14.0/patches/packages/linux-3.2.83/kernel-source-3.2.83-noarch-1_slack14.0.txz Updated packages for Slackware 14.1: ftp://ftp.slackware.com/pub/slackware/slackware-14.1/patches/packages/linux-3.10.104/kernel-generic-3.10.104-i486-1_slack14.1.txz ftp://ftp.slackware.com/pub/slackware/slackware-14.1/patches/packages/linux-3.10.104/kernel-generic-smp-3.10.104_smp-i686-1_slack14.1.txz ftp://ftp.slackware.com/pub/slackware/slackware-14.1/patches/packages/linux-3.10.104/kernel-headers-3.10.104_smp-x86-1_slack14.1.txz ftp://ftp.slackware.com/pub/slackware/slackware-14.1/patches/packages/linux-3.10.104/kernel-huge-3.10.104-i486-1_slack14.1.txz ftp://ftp.slackware.com/pub/slackware/slackware-14.1/patches/packages/linux-3.10.104/kernel-huge-smp-3.10.104_smp-i686-1_slack14.1.txz ftp://ftp.slackware.com/pub/slackware/slackware-14.1/patches/packages/linux-3.10.104/kernel-modules-3.10.104-i486-1_slack14.1.txz ftp://ftp.slackware.com/pub/slackware/slackware-14.1/patches/packages/linux-3.10.104/kernel-modules-smp-3.10.104_smp-i686-1_slack14.1.txz ftp://ftp.slackware.com/pub/slackware/slackware-14.1/patches/packages/linux-3.10.104/kernel-source-3.10.104_smp-noarch-1_slack14.1.txz Updated packages for Slackware x86_64 14.1: ftp://ftp.slackware.com/pub/slackware/slackware64-14.1/patches/packages/linux-3.10.104/kernel-generic-3.10.104-x86_64-1_slack14.1.txz ftp://ftp.slackware.com/pub/slackware/slackware64-14.1/patches/packages/linux-3.10.104/kernel-headers-3.10.104-x86-1_slack14.1.txz ftp://ftp.slackware.com/pub/slackware/slackware64-14.1/patches/packages/linux-3.10.104/kernel-huge-3.10.104-x86_64-1_slack14.1.txz ftp://ftp.slackware.com/pub/slackware/slackware64-14.1/patches/packages/linux-3.10.104/kernel-modules-3.10.104-x86_64-1_slack14.1.txz ftp://ftp.slackware.com/pub/slackware/slackware64-14.1/patches/packages/linux-3.10.104/kernel-source-3.10.104-noarch-1_slack14.1.txz Updated packages for Slackware 14.2: ftp://ftp.slackware.com/pub/slackware/slackware-14.2/patches/packages/linux-4.4.29/kernel-generic-4.4.29-i586-1_slack14.2.txz ftp://ftp.slackware.com/pub/slackware/slackware-14.2/patches/packages/linux-4.4.29/kernel-generic-smp-4.4.29_smp-i686-1_slack14.2.txz ftp://ftp.slackware.com/pub/slackware/slackware-14.2/patches/packages/linux-4.4.29/kernel-headers-4.4.29_smp-x86-1_slack14.2.txz ftp://ftp.slackware.com/pub/slackware/slackware-14.2/patches/packages/linux-4.4.29/kernel-huge-4.4.29-i586-1_slack14.2.txz ftp://ftp.slackware.com/pub/slackware/slackware-14.2/patches/packages/linux-4.4.29/kernel-huge-smp-4.4.29_smp-i686-1_slack14.2.txz ftp://ftp.slackware.com/pub/slackware/slackware-14.2/patches/packages/linux-4.4.29/kernel-modules-4.4.29-i586-1_slack14.2.txz ftp://ftp.slackware.com/pub/slackware/slackware-14.2/patches/packages/linux-4.4.29/kernel-modules-smp-4.4.29_smp-i686-1_slack14.2.txz ftp://ftp.slackware.com/pub/slackware/slackware-14.2/patches/packages/linux-4.4.29/kernel-source-4.4.29_smp-noarch-1_slack14.2.txz Updated packages for Slackware x86_64 14.2: ftp://ftp.slackware.com/pub/slackware/slackware64-14.2/patches/packages/linux-4.4.29/kernel-generic-4.4.29-x86_64-1_slack14.2.txz ftp://ftp.slackware.com/pub/slackware/slackware64-14.2/patches/packages/linux-4.4.29/kernel-headers-4.4.29-x86-1_slack14.2.txz ftp://ftp.slackware.com/pub/slackware/slackware64-14.2/patches/packages/linux-4.4.29/kernel-huge-4.4.29-x86_64-1_slack14.2.txz ftp://ftp.slackware.com/pub/slackware/slackware64-14.2/patches/packages/linux-4.4.29/kernel-modules-4.4.29-x86_64-1_slack14.2.txz ftp://ftp.slackware.com/pub/slackware/slackware64-14.2/patches/packages/linux-4.4.29/kernel-source-4.4.29-noarch-1_slack14.2.txz Updated packages for Slackware -current: ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/a/kernel-generic-4.4.29-i586-1.txz ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/a/kernel-generic-smp-4.4.29_smp-i686-1.txz ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/a/kernel-huge-4.4.29-i586-1.txz ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/a/kernel-huge-smp-4.4.29_smp-i686-1.txz ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/a/kernel-modules-4.4.29-i586-1.txz ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/a/kernel-modules-smp-4.4.29_smp-i686-1.txz ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/d/kernel-headers-4.4.29_smp-x86-1.txz ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/k/kernel-source-4.4.29_smp-noarch-1.txz Updated packages for Slackware x86_64 -current: ftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/a/kernel-generic-4.4.29-x86_64-1.txz ftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/a/kernel-huge-4.4.29-x86_64-1.txz ftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/a/kernel-modules-4.4.29-x86_64-1.txz ftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/d/kernel-headers-4.4.29-x86-1.txz ftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/k/kernel-source-4.4.29-noarch-1.txz MD5 signatures: +-------------+ Slackware 14.0 packages: 9d31423cbc2d691075051611e47fccc3 kernel-generic-3.2.83-i486-1_slack14.0.txz 1de6a61bb7bc0ba6fcb2d0312b2007fa kernel-generic-smp-3.2.83_smp-i686-1_slack14.0.txz f37732224a455b481a51458b0f6f4cf0 kernel-headers-3.2.83_smp-x86-1_slack14.0.txz 7ddf907def979359b7cb2bb5df5d79ae kernel-huge-3.2.83-i486-1_slack14.0.txz 7abe4b1b16ae0658cfe81876922ed1a6 kernel-huge-smp-3.2.83_smp-i686-1_slack14.0.txz 804321f7746c6a1da3b48e7ccd7f039b kernel-modules-3.2.83-i486-1_slack14.0.txz 514182d51ec9536f3798a9edddbdced3 kernel-modules-smp-3.2.83_smp-i686-1_slack14.0.txz 408771f2aca86e8e12b496908fe320b5 kernel-source-3.2.83_smp-noarch-1_slack14.0.txz Slackware x86_64 14.0 packages: f6a1a838ef49e6c3f11fd792abffdfe3 kernel-generic-3.2.83-x86_64-1_slack14.0.txz 61a41ce9892921069a0897ca541c38ed kernel-headers-3.2.83-x86-1_slack14.0.txz 82f97a98ad47d9fcd8dd6c138b090987 kernel-huge-3.2.83-x86_64-1_slack14.0.txz b858d0d99b37e7d4dab9544db7c8ead5 kernel-modules-3.2.83-x86_64-1_slack14.0.txz 74d286781fa31a0b7fe7b7ea511563ba kernel-source-3.2.83-noarch-1_slack14.0.txz Slackware 14.1 packages: 4158db7170350ae80636c2884cb0b276 kernel-generic-3.10.104-i486-1_slack14.1.txz d2e09aa65882d4fbfd4cc8971f72b8d6 kernel-generic-smp-3.10.104_smp-i686-1_slack14.1.txz 82dd1b7902b7d9f74b0764ddae787e6b kernel-headers-3.10.104_smp-x86-1_slack14.1.txz 4c8a8115f2754e1e208808089ed2c78f kernel-huge-3.10.104-i486-1_slack14.1.txz 611a97c6b2afe90c92b1285d052728f6 kernel-huge-smp-3.10.104_smp-i686-1_slack14.1.txz 62e5ea99a84d4ff6fc6a60cac9bc2bbf kernel-modules-3.10.104-i486-1_slack14.1.txz fe18186221e19f59f4698a889e45da70 kernel-modules-smp-3.10.104_smp-i686-1_slack14.1.txz f51b72e3054f83c9674962e1d6cbcdfb kernel-source-3.10.104_smp-noarch-1_slack14.1.txz Slackware x86_64 14.1 packages: 043c64488e53a591a5cb6bb5a90682d4 kernel-generic-3.10.104-x86_64-1_slack14.1.txz ac84470b3834fc9d6928af2e8d949724 kernel-headers-3.10.104-x86-1_slack14.1.txz 176099b83a08cb193c857c7ea1ad8336 kernel-huge-3.10.104-x86_64-1_slack14.1.txz 240d7402c57b547dec0a448d326d4fc1 kernel-modules-3.10.104-x86_64-1_slack14.1.txz 27a7e86830a98f12e17fbe13f30263f7 kernel-source-3.10.104-noarch-1_slack14.1.txz Slackware 14.2 packages: 3c7c7144d53483c93e9fb148ce9df108 kernel-generic-4.4.29-i586-1_slack14.2.txz 0948e7329b7cd8ad051551177e1b9495 kernel-generic-smp-4.4.29_smp-i686-1_slack14.2.txz b853af24a50f12a1e35cbf58f3da9195 kernel-headers-4.4.29_smp-x86-1_slack14.2.txz b93c5316864b04df29d1e3dffc02179c kernel-huge-4.4.29-i586-1_slack14.2.txz ebbe654ebfb20c2b17b535a4eee568db kernel-huge-smp-4.4.29_smp-i686-1_slack14.2.txz 77705e2112a9aad7e5b1eda5ae40a544 kernel-modules-4.4.29-i586-1_slack14.2.txz f131c03dc4971b14f33267b6bc469018 kernel-modules-smp-4.4.29_smp-i686-1_slack14.2.txz 4020837286ff3678eafdfe8ca1b286dc kernel-source-4.4.29_smp-noarch-1_slack14.2.txz Slackware x86_64 14.2 packages: 7a3059455d20095c4914efc140eb93d3 kernel-generic-4.4.29-x86_64-1_slack14.2.txz ddae426aa1cb94ef4a20706d9562b349 kernel-headers-4.4.29-x86-1_slack14.2.txz a626808871b4543b932161e6024af471 kernel-huge-4.4.29-x86_64-1_slack14.2.txz 970ba7d37ad375a5e10ab35e4bf1c3c3 kernel-modules-4.4.29-x86_64-1_slack14.2.txz 245ff7965885ca956d2e5639c5f0f3a0 kernel-source-4.4.29-noarch-1_slack14.2.txz Slackware -current packages: 14641c14bcaa9a4abff88b79958df0e6 a/kernel-generic-4.4.29-i586-1.txz 808060a20d6656a5696cfd5cba53ed80 a/kernel-generic-smp-4.4.29_smp-i686-1.txz 322d42e0d09fcda5d1c7c666b82aa42c a/kernel-huge-4.4.29-i586-1.txz c4e4a12fe578c8d271706da7991cc951 a/kernel-huge-smp-4.4.29_smp-i686-1.txz e387e16d5d591c8e356ccf54f25d8573 a/kernel-modules-4.4.29-i586-1.txz c59f22b80fa306c4307290650699b5c0 a/kernel-modules-smp-4.4.29_smp-i686-1.txz 07f33b489f234c273744516bc1fd8900 d/kernel-headers-4.4.29_smp-x86-1.txz ff91eed31a58bdac17b7bef3ded737a8 k/kernel-source-4.4.29_smp-noarch-1.txz Slackware x86_64 -current packages: 3d355774da7a4a36f41041ab38ad2635 a/kernel-generic-4.4.29-x86_64-1.txz 552b9aaf58822a31991a4a84f37a7be2 a/kernel-huge-4.4.29-x86_64-1.txz 81b5b86c5b9793515ce473083514b637 a/kernel-modules-4.4.29-x86_64-1.txz 21c55dfb2e0986548cc654e69a2b5dc8 d/kernel-headers-4.4.29-x86-1.txz 5be03e0b8a0b65aec6db2c4a4f81360a k/kernel-source-4.4.29-noarch-1.txz Installation instructions: +------------------------+ Upgrade the packages as root: # upgradepkg kernel-*.txz If you are using an initrd, you'll need to rebuild it. For a 32-bit SMP machine, use this command (substitute the appropriate kernel version if you are not running Slackware 14.2): # /usr/share/mkinitrd/mkinitrd_command_generator.sh -k 4.4.29-smp | bash For a 64-bit machine, or a 32-bit uniprocessor machine, use this command (substitute the appropriate kernel version if you are not running Slackware 14.2): # /usr/share/mkinitrd/mkinitrd_command_generator.sh -k 4.4.29 | bash Please note that "uniprocessor" has to do with the kernel you are running, not with the CPU. Most systems should run the SMP kernel (if they can) regardless of the number of cores the CPU has. If you aren't sure which kernel you are running, run "uname -a". If you see SMP there, you are running the SMP kernel and should use the 4.4.29-smp version when running mkinitrd_command_generator. Note that this is only for 32-bit -- 64-bit systems should always use 4.4.29 as the version. If you are using lilo or elilo to boot the machine, you'll need to ensure that the machine is properly prepared before rebooting. If using LILO: By default, lilo.conf contains an image= line that references a symlink that always points to the correct kernel. No editing should be required unless your machine uses a custom lilo.conf. If that is the case, be sure that the image= line references the correct kernel file. Either way, you'll need to run "lilo" as root to reinstall the boot loader. If using elilo: Ensure that the /boot/vmlinuz symlink is pointing to the kernel you wish to use, and then run eliloconfig to update the EFI System Partition. +-----+ Slackware Linux Security Team http://slackware.com/gpg-key security ( -at -) slackware.com +------------------------------------------------------------------------+ Share this post Link to post
