- Issued:
- 2009-01-20
- Updated:
- 2009-01-20
RHBA-2009:0204 - Bug Fix Advisory
Synopsis
iproute bug fix and enhancement update
Type/Severity
Bug Fix Advisory
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory.
Topic
An updated iproute package that fixes various bugs and adds enhancements is
now available.
Description
The iproute package contains networking utilities, such as ip and rtmon,
which use the advanced networking capabilities of the Linux 2.4 and 2.6
kernels.
This updated package fixes the following bugs:
- a bug in the way TCP sockets were being parsed, which resulted in the
"/usr/sbin/ss -n" command not displaying TCP states, for example, "ESTAB"
for established, has been resolved.
- running certain "ip xfrm" commands may have caused a "*** buffer overflow
detected ***: ip terminated" error, followed by a backtrace. The "buffer
overflow" message was caused by a false alarm, due to a "FORTIFY_SOURCE"
compiler option. Also, a bug in the parsing of "ip xfrm" commands may have
caused crashes. In this update, these commands are parsed correctly, and,
if wrong arguments are supplied, an "Invalid argument" error occurs, rather
than a crash or other errors.
Also, this updated package adds the following enhancements:
- the ip(8) manual page has been updated with information about the "ip
xfrm" command.
- support for "Default Address Selection for Internet Protocol version 6"
(RFC 3484) has been added, allowing administrators to control the behavior
of source address selection.
- support for the tunable TCP_RTO_MIN Linux kernel network option has been
added.
All iproute users should upgrade to this updated package, which resolves
these issues and adds these enhancements.
Solution
Before applying this update, make sure that all previously-released
errata relevant to your system have been applied.
This update is available via Red Hat Network. Details on how to use
the Red Hat Network to apply this update are available at
http://kbase.redhat.com/faq/docs/DOC-11259
Affected Products
- Red Hat Enterprise Linux Server 5 x86_64
- Red Hat Enterprise Linux Server 5 ia64
- Red Hat Enterprise Linux Server 5 i386
- Red Hat Enterprise Linux Workstation 5 x86_64
- Red Hat Enterprise Linux Workstation 5 i386
- Red Hat Enterprise Linux Desktop 5 x86_64
- Red Hat Enterprise Linux Desktop 5 i386
- Red Hat Enterprise Linux for IBM z Systems 5 s390x
- Red Hat Enterprise Linux for Power, big endian 5 ppc
- Red Hat Enterprise Linux Server from RHUI 5 x86_64
- Red Hat Enterprise Linux Server from RHUI 5 i386
Fixes
- BZ - 431011 - ip man page does not describe xfrm usage
- BZ - 446198 - /usr/sbin/ss does not show all socket states
- BZ - 449933 - buffer overflow when using command `ip xfrm`
CVEs
(none)
References
(none)
Red Hat Enterprise Linux Server 5
SRPM | |
---|---|
iproute-2.6.18-9.el5.src.rpm | SHA-256: 1d4ac4ad6a0c9d60d29700a13af487e5b2d27dd13d0765dac51385f812d6f65d |
x86_64 | |
iproute-2.6.18-9.el5.x86_64.rpm | SHA-256: 8b5e956d9b8c5995ec1ed375676b339b7306d7da6582032042f151654415ad8a |
ia64 | |
iproute-2.6.18-9.el5.ia64.rpm | SHA-256: 422cbaa8648f9e730e818bbb94735d3d6743a81d23658b03a9a71c9e2cede3e3 |
i386 | |
iproute-2.6.18-9.el5.i386.rpm | SHA-256: 65fdc0347462b99f7da08bc2c82cae1b008616bd73e4a299bfa597878f277b51 |
Red Hat Enterprise Linux Workstation 5
SRPM | |
---|---|
iproute-2.6.18-9.el5.src.rpm | SHA-256: 1d4ac4ad6a0c9d60d29700a13af487e5b2d27dd13d0765dac51385f812d6f65d |
x86_64 | |
iproute-2.6.18-9.el5.x86_64.rpm | SHA-256: 8b5e956d9b8c5995ec1ed375676b339b7306d7da6582032042f151654415ad8a |
i386 | |
iproute-2.6.18-9.el5.i386.rpm | SHA-256: 65fdc0347462b99f7da08bc2c82cae1b008616bd73e4a299bfa597878f277b51 |
Red Hat Enterprise Linux Desktop 5
SRPM | |
---|---|
iproute-2.6.18-9.el5.src.rpm | SHA-256: 1d4ac4ad6a0c9d60d29700a13af487e5b2d27dd13d0765dac51385f812d6f65d |
x86_64 | |
iproute-2.6.18-9.el5.x86_64.rpm | SHA-256: 8b5e956d9b8c5995ec1ed375676b339b7306d7da6582032042f151654415ad8a |
i386 | |
iproute-2.6.18-9.el5.i386.rpm | SHA-256: 65fdc0347462b99f7da08bc2c82cae1b008616bd73e4a299bfa597878f277b51 |
Red Hat Enterprise Linux for IBM z Systems 5
SRPM | |
---|---|
iproute-2.6.18-9.el5.src.rpm | SHA-256: 1d4ac4ad6a0c9d60d29700a13af487e5b2d27dd13d0765dac51385f812d6f65d |
s390x | |
iproute-2.6.18-9.el5.s390x.rpm | SHA-256: 8f8f84e0e28ea30928ec9635d7b614d0adabff64c014390372140a06c764072c |
Red Hat Enterprise Linux for Power, big endian 5
SRPM | |
---|---|
iproute-2.6.18-9.el5.src.rpm | SHA-256: 1d4ac4ad6a0c9d60d29700a13af487e5b2d27dd13d0765dac51385f812d6f65d |
ppc | |
iproute-2.6.18-9.el5.ppc.rpm | SHA-256: c3eefdd81c2c3e2b6504b518d1f547378249e48a9f0ce8acc125ad87d65ab623 |
Red Hat Enterprise Linux Server from RHUI 5
SRPM | |
---|---|
iproute-2.6.18-9.el5.src.rpm | SHA-256: 1d4ac4ad6a0c9d60d29700a13af487e5b2d27dd13d0765dac51385f812d6f65d |
x86_64 | |
iproute-2.6.18-9.el5.x86_64.rpm | SHA-256: 8b5e956d9b8c5995ec1ed375676b339b7306d7da6582032042f151654415ad8a |
i386 | |
iproute-2.6.18-9.el5.i386.rpm | SHA-256: 65fdc0347462b99f7da08bc2c82cae1b008616bd73e4a299bfa597878f277b51 |
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.