[Ksplice][Fedora-15-updates] New updates available via Ksplice (FEDORA-2011-7823)
Tim Abbott
tabbott at ksplice.com
Wed Jun 8 21:45:24 PDT 2011
Synopsis: FEDORA-2011-7823 can now be patched using Ksplice
CVEs: CVE-2011-1577 CVE-2011-1770
Systems running Fedora 15 can now use Ksplice to patch against the latest
Fedora security update, FEDORA-2011-7823.
INSTALLING THE UPDATES
We recommend that all users of Ksplice Uptrack on Fedora 15 install these
updates. You can install these updates by running:
# /usr/sbin/uptrack-upgrade -y
On systems that have "autoinstall = yes" in /etc/uptrack/uptrack.conf,
these updates will be installed automatically and you do not need to take
any additional action.
DESCRIPTION
* CVE-2011-1770: Remote denial of service in DCCP options parsing.
Dan Rosenberg reported an issue in the Datagram Congestion Control
Protocol (DCCP). Remote users can cause a denial of service or
potentially obtain access to sensitive kernel memory.
* CVE-2011-1577: Missing boundary checks in GPT partition handling.
A heap overflow flaw in the Linux kernel's EFI GUID Partition Table (GPT)
implementation could allow a local attacker to cause a denial of service
by mounting a disk that contains specially-crafted partition tables.
SUPPORT
Ksplice support is available at support at ksplice.com or +1 765-577-5423.
More information about the Fedora-15-Updates
mailing list