Kernel security update.

[Niki Guldbrand]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Hi All.

I have added patches to the 3 kernel module in the moonbase which fixes
a kernel security bug.

Here is a description provided in the patch.

# Several hash table implementations in the networking were
# remotely exploitable.  Remote attackers could launch attacks
# whereby, using carefully choosen forged source addresses, make
# every routing cache entry get hashed into the same hash chain.
#
# Netfilter's IP conntrack module and the TCP syn-queue implementation
# had identical vulnerabilities and have been fixed too.
#
# The choosen solution to the problem involved using Bob's Jenkins
# hash along with a randomly choosen input.  For the ipv4 routing
# cache we take things one step further and periodically choose a
# new random secret.  By default this happens every 10 minutes, but
# this is configurable by the user via sysctl knobs.


Here is the RedHat advisory:
http://rhn.redhat.com/errata/RHSA-2003-172.html



Best reagrds

Niki Guldbrand

- -- 
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.2 (GNU/Linux)

iD8DBQE+xnOPljJ8M8hBdegRAonHAJwIFNymS1nLyoUCKzeFjcA8eyn7ugCfeJ6S
Ybu13JUDQGp9K1NOGptgSaI=
=uzAW
-----END PGP SIGNATURE-----