Three security holes fixed in new kernel, and several other updates and bug fixes have been applied as well.
Three security holes have been fixed in the kernel. One involves ptrace, another involves sysctl, and the last is specific to some Intel CPUs. All three security holes involve local access only (they do not provide a hole to remote attackers without a local account). The ptrace and sysctl bugs provide local users with the potential to compromise the root account. Neither has an active exploit available at the time of this writing. The last security hole is a DOS (Denial Of Service) that does not provide access to the root account but does allow any user with shell access the ability to halt the CPU. All users are strongly recommended to upgrade. In addition to the security fixes, these kernels contain more advanced support for the Intel Pentium 4 processors, as well as a number of driver updates. These updates include e100, sis900, cs46xx, qla1x160, qla2x00, ServeRAID, and ipvs. In addition, a number of other bugs have been fixed. Most notably, the RAW I/O facility could corrupt data under certain usage patterns.