What the?

‘Undocumented patch for 3837c2df513f0088f0fdd19fc0db5adc’?
Can’t they come up with a more official ‘Summary’? I mean
this looks like the repo’s been hacked and someone just
stuffed it in there.

  • GofBorg,

go patch an Open Enterprise Server. That you should make you feel worse, and so you don’t find that message that annoying any more <G>

Uwe

> go patch an Open Enterprise Server. That you should make you feel worse,
> and so you don’t find that message that annoying any more <G>
>
> Uwe

The Novell school of ‘Let’s be obtuse’.

I tell you what, I refuse to install this update until it
gets addressed, CVE security issues be damned! :stuck_out_tongue:

That’s quite an uplifting way to answer a question… rotfl!

>> go patch an Open Enterprise Server. That you should make you feel worse,
>> and so you don’t find that message that annoying any more <G>
>>
>> Uwe
>
> The Novell school of ‘Let’s be obtuse’.
>
> I tell you what, I refuse to install this update until it
> gets addressed, CVE security issues be damned! :stuck_out_tongue:

Uwe, I hope my reply didn’t come across badly, I just reread it
and without a voice/face to put with it…could be interpreted that
I was less than pleased with your reply. Not the case, thought it
was quite funny. :slight_smile:

Anywho I still haven’t applied that update. I don’t see why they
can’t re-release it with a more official looking summary rather than
something that looks like a buffer-overrun.

  • GofBorg wrote, On 10/22/2008 10:53 PM:

> Uwe, I hope my reply didn’t come across badly, I just reread it
> and without a voice/face to put with it…could be interpreted that
> I was less than pleased with your reply. Not the case, thought it
> was quite funny. :slight_smile:

NP :slight_smile:

> Anywho I still haven’t applied that update. I don’t see why they
> can’t re-release it with a more official looking summary rather than
> something that looks like a buffer-overrun.

Is there a mail address in the update? I’d contact the maintainer. Or open a bug, maybe.

Uwe

> Is there a mail address in the update? I’d contact the maintainer. Or open
> a bug, maybe.
>
> Uwe
I don’t see anything. I’d post a screenie, but there have been mixed results
that it will work. The description is vague, if not alarming, and the
description contains typos and broken English. In my world all of that
equates to suspicion. Here’s the verbage:


Kernel undocumented patch for 3837c2df513f0088f0fdd19fc0db5adc Security
5700.0

The openSUSE 10.3 kernel was update to 2.6.22.19. This includes bugs and
security fixes. CVE-2008-4576: Fixed a crash in SCTP INIT-ACK, on mismatch
between SCTP AUTH availability. This might be exploited remotely for a
denial of service (crash) attack. CVE-2008-3528: The ext[234] filesystem
code fails to properly handle corrupted data structures. With a mounted
filesystem image or partition that have corrupted dir->i_size and
dir->i_blocks, a user performing either a read or write operation on the
mounted image or partition can lead to a possible denial of service by
spamming the logfile. CVE-2007-6716: fs/direct-io.c in the dio subsystem in
the Linux kernel did not properly zero out the dio struct, which allows
local users to cause a denial of service (OOPS), as demonstrated by a
certain fio test. CVE-2008-3525: Added missing capability checks in
sbni_ioctl(). CVE-2008-3272: Fixed range checking in the snd_seq OSS ioctl,
which could be used to leak information from the kernel. CVE-2008-3276: An
integer overflow flaw was found in the Linux kernel
dccp_setsockopt_change() function. An attacker may leverage this
vulnerability to trigger a kernel panic on a victim’s machine remotely.
CVE-2008-1673: Added range checking in ASN.1 handling for the CIFS and SNMP
NAT netfilter modules. CVE-2008-2826: A integer overflow in SCTP was fixed,
which might have been used by remote attackers to crash the machine or
potentially execute code. CVE-2008-2812: Various NULL ptr checks have been
added to tty op functions, which might have been used by local attackers to
execute code. We think that this affects only devices openable by root, so
the impact is limited.

>> Is there a mail address in the update? I’d contact the maintainer. Or
>> open a bug, maybe.
>>
>> Uwe

Uwe, the patch description has now disappeared completely as of 1:15 EST.
The summary still reads:


Kernel undocumented patch for 3837c2df513f0088f0fdd19fc0db5adc Security
5700.0

  • GofBorg wrote, On 10/23/2008 07:18 PM:

> --------------------------------------------------------
> Kernel undocumented patch for 3837c2df513f0088f0fdd19fc0db5adc Security
> 5700.0
> --------------------------------------------------------

http://www.nessus.org/plugins/index.php?view=single&id=34457
At least it has a nice summary with links to the underlying problems.

Uwe

>> --------------------------------------------------------
>> Kernel undocumented patch for 3837c2df513f0088f0fdd19fc0db5adc Security
>> 5700.0
>> --------------------------------------------------------
>
> http://www.nessus.org/plugins/index.php?view=single&id=34457
> At least it has a nice summary with links to the underlying problems.
>
> Uwe

Think I’ll have to recompile VMware?

On 10/24/2008 GofBorg wrote:
> >
>
> Think I’ll have to recompile VMware?

No idea.

Uwe