Ubuntu OS 的一些新内核漏洞,请注意更新!
01 Dec 2011以下是E文,我就不翻译了:
*Several more security vulnerabilities were recently discovered in the Linux kernel packages, affecting the Natty and Maverick backport, *
and EC2 Linux kernels of Ubuntu 10.04 LTS, and the OMAP4 Linux kernels of Ubuntu 10.10 and Ubuntu 11.04 operating systems.<!-- more -->
The following vulnerabilities affect the Ubuntu 10.04 LTS (Lucid Lynx) Linux kernel backport from Natty:
CVE-2011-2183, CVE-2011-2491, CVE-2011-2494, CVE-2011-2495, CVE-2011-2517, CVE-2011-2905, and CVE-2011-2909.
The following vulnerabilities affect the Ubuntu 10.04 LTS (Lucid Lynx) Linux kernel backport from Maverick:
CVE-2011-1585, CVE-2011-2183, CVE-2011-2491, CVE-2011-2496, and CVE-2011-2517.
The following vulnerabilities affect the Ubuntu 10.04 LTS (Lucid Lynx) EC2 Linux kernel:
CVE-2011-2491, CVE-2011-2496, CVE-2011-2517, and CVE-2011-2525.
The following vulnerabilities affect the Ubuntu 10.10 (Maverick Meerkat) Linux kernel for OMAP4:
CVE-2011-1585 andCVE-2011-2496.
The following Linux kernel vulnerabilities affect the Ubuntu 11.04 (Natty Narwhal) operating system:
CVE-2011-2183,CVE-2011-2479, CVE-2011-2491, CVE-2011-2494, CVE-2011-2495, CVE-2011-2496, CVE-2011-2517, CVE-2011-2905, CVE-2011-2909, and CVE-2011-3363.
As usual, you can click on each one to see how it affects your system, or go here, here, here, here and here for in-depth descriptions of the Linux kernel vulnerabilities.
The security flaws can be fixed if you upgrade your system(s) to the:
linux-image-2.6.38-13 (2.6.38-13.52~lucid1) package for Ubuntu 10.04 LTS Linux kernel backport from Natty; linux-image-2.6.35-31 (2.6.35-31.62~lucid1) package for Ubuntu 10.04 LTS Linux kernel backport from Maverick; linux-image-2.6.32-340-ec2 (2.6.32-340.40) package for Ubuntu 10.04 LTS EC2 kernel; linux-image-2.6.35-903-omap4 (2.6.35-903.27) package for Ubuntu 10.10 OMAP4 kernel; linux-image-2.6.38-1209-omap4 (2.6.38-1209.17) package for Ubuntu 11.04 OMAP4 kernel.
Don't forget to reboot your computer after the upgrade!
ATTENTION: Due to an unavoidable ABI change, the kernel packages have a new version number, which will force you to reinstall and recompile all third-party kernel modules
you might have installed. Moreover, if you use the linux-restricted-modules package, you have to update it as well to get modules which work with the new Linux kernel version.