Fix Log Rotation Problems Published: Jul 14, 2004
  • Rating

    5/5

Updated kernel packages that fix several minor security vulnerabilities are now available

Security Advisory - RHSA-2004:166-08
------------------------------------------------------------------------------
Summary:
Updated kernel packages resolve security vulnerabilities

Updated kernel packages that fix several minor security vulnerabilities are now available

Description:
The Linux kernel handles the basic functions of the operating system.

iDefense reported a buffer overflow flaw in the ISO9660 filesystem code.
An attacker could create a malicious filesystem in such a way that they could gain root privileges if that filesystem is mounted.  The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2004-0109 to this issue.

Solar Designer from OpenWall discovered a minor information leak in the ext3 filesystem code due to the lack of initialization of journal descriptor blocks.  This flaw has only minor security implications and exploitation requires privileged access to the raw device.  The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2004-0177 to this issue.

These packages also contain an updated fix with additional checks for issues in the R128 Direct Render Infrastructure.  The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2004-0003 to this issue.

Additionally, hardening of the mremap function was applied to prevent a potential local denial of service attack.

All users are advised to upgrade to these errata packages, which contain backported security patches that correct these issues.
------------------------------------------------------------------------------

  • Rating

    5/5

Related Articles

Comments (6)

  • Gravatar - Nicholas Tritchew
    Nicholas Tritchew 16:39, August 4, 2004
    For the: Home / Hosting Tutorials / Cpanel Tutorials / Fix Log Rotation Problems <br />
    <br />
    I was curious if this log rotate procedure outlined deletes the previous log files when it rotates.<br />
    <br />
    Or does it compress the previous log, stores it in a archive folder, and then creates a new log?<br />
    <br />
    -Nicholas
  • Gravatar - Vince
    Vince 21:53, August 8, 2004
    Hi,<br />
    <br />
    Prior that you mention this:<br />
    "but if you do find some more, please drop me a line so I can update the article."<br />
    <br />
    We have a file xferlog in our /var/log directory.<br />
    <br />
    /var/log/xferlog<br />
    This is about 8MB now.<br />
    <br />
    Can we apply the log rotate which you have provide in http://www.webhostgear.com/144.html<br />
    <br />
    pico /etc/logrotate.conf<br />
    add the below entry:<br />
    <br />
    /usr/local/cpanel/logs/error_log {<br />
    weekly<br />
    rotate 1<br />
    }<br />
    <br />
    Thanks for your advise.<br />
    Sincerely,<br />
    Vincent Kam<br />
    <br />
    <br />
  • Gravatar - Diana Ward
    Diana Ward 20:48, December 23, 2004
    You are quickly becoming my guru! Thank you!
  • Gravatar - tc
    tc 02:18, February 23, 2006
    i use cpanel and the logs for my websites are located at: /usr/local/apache/domlogs/<br />
    <br />
    They are getting rotated. I'm not sure how but they all go back to January 31 and today is February 22. 2006.<br />
    <br />
    This article is old, maybe its out of date as cPanel has gone through a lot of updates. So I'm posting this comment to let others know things may be different.<br />
  • Gravatar - Flash Alexander
    Flash Alexander 15:01, May 28, 2006
    The first instruction refers to apache 'system' logs. Therefore I read it to not cover the 'domlogs'. <br />
    <br />
    Should I also include a line for the domlogs?
  • Gravatar - Louish
    Louish 17:50, January 19, 2009
    My problem isn't the /usr/local/cpanel/logs/ log files, its the ones in /usr/local/apache/logs/ that are huge.<br />
    <br />
    I've had 3 servers lock up because the error_log has gotten over 2 gigs. Can I simply change your weekly rotate 1 code to point to the apache folder? Or is something else special needed?

Add Your Thoughts

WebHostGear.com is a hosting directory, not a web host.

Copyright © 1998-2018 WebHostGear.com