SpyderByte: WinHPC.org EnterpriseLinux.org BigBlueLinux.org
      
 The #1 Site for News & Information Related to Linux High Performance Technical Computing, Linux High Availability and Linux Parallel Clustering
Home About News Archives Contribute News, Articles, Press Releases Mobile Edition Contact Sponsorship Search Privacy
More Links
  • Full Bugzilla report...
  • Printer friendly version
  • Share this story

  • Research and Services
    Cluster Quoter
    Windows HPC News
    Cluster Builder
    Hardware Vendors
    Software Vendors
    Training Vendors
    Golden Eggs
    Forums
    Employment/Jobs
    Beowulf
    Applications
    Interconnects
    High Availability
    AMD
    Intel

    News
    Submit News/Article/PR
    Latest News
    Newsletter
    News Archives
    Search Archives
    Reference
    Featured Articles
    Beginners
    Whitepapers
    Documentation
    Software
    Lists/Newsgroups
    Books
    User Groups
    Higher Education
    Cluster List
    Linux HPC News Update
    Stay current on Linux related HPC news, events and information.
    LinuxHPC Newsletter

    Other Mailing Lists:
    Linux High Availability
    Beowulf Mailing List
    Gelato.org (Linux Itanium)

    Linux HPC Links
    Beowulf.org
    Beowulf Users Group
    Cluster Monkey
    High Performance Computing Clusters
    Gelato.org
    The Aggregate
    Top500
    Cluster Benchmarks
    Cluster Computing Info Centre
    Coyote Gultch
    Linux Clustering Info Ctr.
    Robert Brown's Beowulf Page
    Sourceforge Cluster Foundry
    HPC DevChannel
    OpenSSI
    Grid-Scape.org
    HPCWire
    SuperComputingOnline
    HPC User Forum
    Scalability.org
    Gridtech
    News Feed
    LinuxHPC.org.org has an RSS/RDF feed if you wish to include it on your website.
    LinuxHPC.org
    Home
    About
    Contact
    Mobile Edition
    Sponsorship

    Linux Cluster RFQ Form
    Reach Multiple Vendors With One Linux Cluster RFQ Form. Save time and effort, let LinuxHPC.org do all the leg work for you free of charge. Request A Quote...

    LinuxHPC.org is Looking for Interns - If you have experience with Linux clusters and/or cluster applications and you're interested in helping out with LinuxHPC.org let me know. I can promise the experience will be rewarding and educational, plus it'll make good resume fodder. You'll work with vendors and cluster users from around the world. We're also looking for writers and people to do hardware/software reviews. Contact Ken Farmer.

    Latest News

    Updated IA64 kernel packages fix security vulnerabilities
    Sunday August 24 2003 @ 01:59PM EDT

    Advisory: RHSA-2003:198-16
    Last updated on: 21-AUG-03
    Affected Products: Red Hat Enterprise Linux AS (v. 2.1)
    Red Hat Linux Advanced Workstation 2.1 for the Itanium Processor

    Details:

    Updated kernel packages that address several security vulnerabilites are now available for the IA64 architecture.

    The Linux kernel handles the basic functions of the operating system.

    Al Viro found a security issue in the tty layer in which any user could cause a kernel oops. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2002-0247 to this issue.

    A vulnerability in the kernel's TCP/IP fragment reassembly handling allows remote attackers to cause a denial of service (CPU consumption) via packets that cause a large number of hash table collisions. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2003-0364 to this issue.

    Paul Starzetz discovered a file read race condition in the execve() system call, which could cause a local crash. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2003-0462 to this issue.

    The /proc file system under Linux allows local users to obtain sensitive information by opening various entries in /proc/self before executing a setuid program. This causes the program to fail to change the ownership and permissions of already-opened entries. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2003-0501 to this issue.

    The STP protocol is known to have no security, which could allow attackers to alter the bridge topology. STP is now turned off by default. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2003-0550 to this issue.

    The STP input processing is lax in its length checking, which could lead to a denial of service (DoS). The kernel contained in this erratum improves STP input processing. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2003-0551 to this issue.

    Jerry Kreuscher discovered that the Forwarding table could be spoofed by sending forged packets with bogus source addresses that are the same as the local host. The Common Vulnerabilities and Exposures project cve.mitre.org) has assigned the name CAN-2003-0552 to this issue.

    An integer signedness error in the decode_fh function of nfs3xdr.c allows remote attackers to cause a denial of service (kernel panic) via a negative size value within XDR data of an NFSv3 procedure call. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2003-0619 to this issue.

    The C-Media PCI sound driver in unpatched kernel versions prior to 2.4.21 accesses userspace without using the get_user function, which is a potential security hole. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2003-0699 to this issue.

    In addition, a number of bugfixes and updates have been applied to the IA32 emulation layer.

    All users should upgrade to these errata packages, which contain patches to the 2.4.18 kernel that address these issues.

    Full Bugzilla report...


    < $39,500 cluster gets over 471 GFLOPS | Foundry Networks Ranked #1 in Shipments of 10 Gigabit Ethernet >

    Sponsors






    WinHPC.org


    Stay up-to-date on the Progress of Microsoft's Windows Compute Cluster Server 2003

    Golden Eggs
    (HP Visual Diagram and Config Guides)
    Integrity:
    HP Integrity Family Portrait, IA64
    rx1620 1600MHz 2P MSA1000 Cluster IA64
    rx2620 1600MHz 2P MSA1000 Cluster IA64
    rx4640 1600MHz 4P MSA1000 Cluster IA64
    ProLiant:
    DL140 3060MHz 2P IA32
    DL140 G2 3600MHz 2P EM64T
    DL145 2600MHz 2P Opteron
    DL145 G2 2600MHz 2P Opteron Dual Core
    DL360 G4 3400MHz 2P EM64T
    DL360 G4p 3800MHz 2P EM64T
    DL380 G4 3800MHz 2P EM64T
    DL385 2800MHz 2P Opteron Dual Core
    DL560 3000MHz 4P IA32
    DL580 G3 3330MHz 4P EM64T
    DL585 2800MHz 4P Opteron Dual Core
    Clusters:
    CP3000 32x DL140G2 & DL360G4p GigE EM64T
    CP4000 32x DL145G2 GigE Opteron, Dual Core
    CP4000 64x DL145 GigE Opteron
    CP4000 102x DL145 GigE Opteron
    CP4000 32x DL145 Myri Opteron
    Rocks Cluster 16-22 DL145 Opteron
    Rocks Cluster 30-46 DL145 Opteron
    Rocks Cluster 64-84 DL145 Opteron
    LC3000 GigaE 24-36 DL145 Opteron
    LC3000 Myri 16-32x DL145 Opteron
    LC3000 GigaE 16-22x DL145 Opteron
    LC2000 GigaE 16-22x DL360G3 Xeon
    Storage:
    MSA500 G2, SCSI
    MSA1510i IP SAN 48TB, SCSI and SATA
    MSA1500 48TB, SCSI and SATA
    Misc:
    Dual Core AMD64 and EM64T systems with MSA1500









    Linux Magazine
    At Newstands Now!Linux Magazine

    Click for King, North Carolina Forecast

    PageRank is Google`s measure of the importance of this page!





       


    Home About News Archives Contribute News, Articles, Press Releases Mobile Edition Contact Sponsorship Search Privacy
         Copyright © 2001-2006 LinuxHPC.org
    Linux is a trademark of Linus Torvalds
    All other trademarks are those of their owners.
        
      SpyderByte.com ;Technical Portals