[Cucumber-linux-security] linux (security update is available)
A general purpose desktop and server Linux distribution.
Brought to you by:
z5t1
Menu
▾
▴
[Cucumber-linux-security] linux (security update is available)
|
From: Z5T1 <z5...@z5...> - 2017-09-20 17:48:54
|
Update Information A security update is available for linux for the following versions of Cucumber Linux: * 1.0 Here are the details from the Cucumber 1.0 changelog: +----------------+ Wed Sep 20 12:41:27 EDT 2017 base/linux upgraded from 4.9.50 to 4.9.51 to fix CVE-2017-14497 and CVE-2017-7558. CVE-2017-14497 possible allowed for a local user to cause a denial of service via the tpacket_rcv function in net/packet/af_packet.c. CVE-2017-7558 was a buffer overflow vulnerability in the sockaddr implementation of the kernel that allowed for up to 100 uninitialized bytes to leak into userspace. For more information see: http://security.cucumberlinux.com/security/details.php?id=25 http://security.cucumberlinux.com/security/details.php?id=40 https://nvd.nist.gov/vuln/detail/CVE-2017-14497 https://nvd.nist.gov/vuln/detail/CVE-2017-7558 * SECURITY FIX * +----------------+ ------------------------------------------------------------------------ CLD and CVE Information This update is associated with the following Cucumber Linux Deficiency (CLD) and CVE numbers: * CLD-25 [CVE-2017-14497] (http://security.cucumberlinux.com/security/details.php?id=25) * CLD-40 [CVE-2017-7558] (http://security.cucumberlinux.com/security/details.php?id=40) More information about these CLDs can be found at their respective pages on the Cucumber Linux Security Advisory Tracker (these are the URLs in parenthesis above). ------------------------------------------------------------------------ Installing the Update The updated package can be installed via Pickle by running the following commands (as root): # pickle --update # pickle Make sure linux is selected on the update list, and then select Ok. Pickle will then install the updated package. If you prefer to download the updated package manually, it can be found on the mirror at http://mirror.cucumberlinux.com/cucumber/. ------------------------------------------------------------------------ The Cucumber Linux Security Team cuc...@li... <mailto:cuc...@li...> http://www.cucumberlinux.com/security.php |
