Re: [linux-security] iptables security hole

[Martin Siegert <siegert@sfu.ca>]

On Thu, May 03, 2001 at 06:31:11PM -0700, Martin Siegert wrote:
> Topic
> =====
> security hole in iptables (2.4.x kernels)

RedHat has released new kernels for RedHat 7.1 that fix the iptables
security hole. Several other bugs are fixed as well

Upgrade Procedure
=================
see: http://www.redhat.com/support/docs/howto/kernel-upgrade/kernel-upgrade.html

first find out which kernel you have installed:

# rpm -qa | grep kernel

You should at least see one of the following lines:

kernel-2.4.2-2
kernel-smp-2.4.2-2
kernel-enterprise-2.4.2-2
kernel-BOOT-2.4.2-2

upgrade only the kernel package that was shown, i.e.,

# rpm -ivh kernel-2.4.3-12.ix86.rpm
or
# rpm -ivh kernel-smp-2.4.3-12.ix86.rpm
or
# rpm -ivh kernel-enterprise-2.4.3-12.i686.rpm

(replace the "x" in "ix86" in the lines above with 3, 5 or 6 corresponding
 to your processor) 

Then upgrade all the other kernel packages:

# rpm -Fvh kernel-doc-2.4.3-12.i386.rpm kernel-headers-2.4.3-12.i386.rpm \
           kernel-source-2.4.3-12.i386.rpm devfsd-2.4.3-12.i386.rpm

Then, if you are using an initial RAM disk run "mkinitrd" (see "man mkinitrd").
Finally, edit /etc/lilo.conf and run /sbin/lilo (see the redhat doc mentioned
above). Reboot.