Back to kernel-source-2.6.8 PTS page

Accepted kernel-source-2.6.8 2.6.8-16sarge5 (source all)

To: debian-changes@lists.debian.org
Subject: Accepted kernel-source-2.6.8 2.6.8-16sarge5 (source all)
From: dann frazier <dannf@debian.org>
Date: Sat, 28 Oct 2006 08:39:50 -0700
Mail-followup-to: debian-devel@lists.debian.org
Message-id: <E1GdqHm-0001mC-3T@spohr.debian.org>
Reply-to: debian-devel@lists.debian.org
Sender: Archive Administrator <dak@ftp-master.debian.org>
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.7
Date: Mon,  4 Sep 2006 23:46:05 -0600
Source: kernel-source-2.6.8
Binary: kernel-source-2.6.8 kernel-doc-2.6.8 kernel-tree-2.6.8 kernel-patch-debian-2.6.8
Architecture: source all
Version: 2.6.8-16sarge5
Distribution: stable-security
Urgency: high
Maintainer: Debian kernel team <debian-kernel@lists.debian.org>
Changed-By: dann frazier <dannf@debian.org>
Description: 
 kernel-doc-2.6.8 - Linux kernel specific documentation for version 2.6.8
 kernel-patch-debian-2.6.8 - Debian patches to Linux 2.6.8
 kernel-source-2.6.8 - Linux kernel source for version 2.6.8 with Debian patches
 kernel-tree-2.6.8 - Linux kernel source tree for building Debian kernel images
Changes: 
 kernel-source-2.6.8 (2.6.8-16sarge5) stable-security; urgency=high
 .
   * [ERRATA] madvise_remove-restrict.dpatch
     [SECURITY] The 2.6.8-16sarge3 changelog associated this patch with
     CVE-2006-1524. However, this patch fixes an mprotect issue that was
     split off from the original report into CVE-2006-2071. 2.6.8 is not
     vulnerable to CVE-2006-1524 the madvise_remove issue.
     See CVE-2006-2071
   * fs-ext3-bad-nfs-handle.dpatch
     [SECURITY] James McKenzie discovered a Denial of Service vulnerability
     in the NFS driver. When exporting an ext3 file system over NFS, a remote
     attacker could exploit this to trigger a file system panic by sending
     a specially crafted UDP packet.
     See CVE-2006-3468
   * direct-io-write-mem-leak.dpatch
     [SECURITY] Fix memory leak in O_DIRECT write.
     See CVE-2004-2660
   * nfs-handle-long-symlinks.dpatch
     [SECURITY] Fix buffer overflow in NFS readline handling that allows a
     remote server to cause a denial of service (crash) via a long symlink
     See CVE-2005-4798
   * cdrom-bad-cgc.buflen-assign.dpatch
     [SECURITY] Fix buffer overflow in dvd_read_bca which could potentially
     be used by a local user to trigger a buffer overflow via a specially
     crafted DVD, USB stick, or similar automatically mounted device.
     See CVE-2006-2935
   * usb-serial-ftdi_sio-dos.patch
     [SECURITY] fix userspace DoS in ftdi_sio driver
     See CVE-2006-2936
   * selinux-tracer-SID-fix.dpatch
     [SECURITY] Fix vulnerability in selinux_ptrace that prevents local
     users from changing the tracer SID to the SID of another process
     See CVE-2006-1052
   * netfilter-SO_ORIGINAL_DST-leak.dpatch
     [SECURITY] Fix information leak in SO_ORIGINAL_DST
     See CVE-2006-1343
   * sg-no-mmap-VM_IO.dpatch
     [SECURITY] Fix DoS vulnerability whereby a local user could attempt
     a dio/mmap and cause the sg driver to oops.
     See CVE-2006-1528
   * exit-bogus-bugon.dpatch
     [SECURITY] Remove bogus BUG() in exit.c which could be maliciously
     triggered by a local user
     See CVE-2006-1855
   * readv-writev-missing-lsm-check.dpatch,
     readv-writev-missing-lsm-check-compat.dpatch
     [SECURITY] Add missing file_permission callback in readv/writev syscalls
     See CVE-2006-1856
   * snmp-nat-mem-corruption-fix.dpatch
     [SECURITY] Fix memory corruption in snmp_trap_decode
     See CVE-2006-2444
   * kfree_skb-race.dpatch
     [SECURITY] Fix race between kfree_skb and __skb_unlink
     See CVE-2006-2446
   * hppa-mb-extraneous-semicolon.dpatch,
     sparc32-mb-extraneous-semicolons.dpatch,
     sparc64-mb-extraneous-semicolons.dpatch:
     Fix a syntax error caused by extranous semicolons in smp_mb() macros
     which resulted in a build failure with kfree_skb-race.dpatch
   * sctp-priv-elevation.dpatch
     [SECURITY] Fix SCTP privelege escalation
     See CVE-2006-3745
   * sctp-priv-elevation-2.dpatch
     [SECURITY] Fix local DoS resulting from sctp-priv-elevation.dpatch
     See CVE-2006-4535
   * ppc-hid0-dos.dpatch
     [SECURITY][ppc] Fix local DoS by clearing HID0 attention enable on
     PPC970 at boot time
     See CVE-2006-4093
   * udf-deadlock.dpatch
     [SECURITY] Fix possible UDF deadlock and memory corruption
     See CVE-2006-4145
Files: 
 ccd454121194183d44b49916c25c6480 1002 devel optional kernel-source-2.6.8_2.6.8-16sarge5.dsc
 6d623f68b9f4558b0e453f17c1129b34 1057522 devel optional kernel-source-2.6.8_2.6.8-16sarge5.diff.gz
 b81e9832dfd7f8489a9aed122493a640 1103964 devel optional kernel-patch-debian-2.6.8_2.6.8-16sarge5_all.deb
 8b10f7c83c981cc311e68c61b5d8ad87 34943256 devel optional kernel-source-2.6.8_2.6.8-16sarge5_all.deb
 dad58738d77db061e566e2212047b1cb 36142 devel optional kernel-tree-2.6.8_2.6.8-16sarge5_all.deb
 ff156b96da5b482d2c279858377162ae 6190814 doc optional kernel-doc-2.6.8_2.6.8-16sarge5_all.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (GNU/Linux)

iD8DBQFE/3e6huANDBmkLRkRAlgKAJ46hA8UbaOgBlTMmjoq1DlGngbZxACeNxjT
UIIViXjIySYzAEQaXk4M+jk=
=WeeS
-----END PGP SIGNATURE-----


Accepted:
kernel-doc-2.6.8_2.6.8-16sarge5_all.deb
  to pool/main/k/kernel-source-2.6.8/kernel-doc-2.6.8_2.6.8-16sarge5_all.deb
kernel-patch-debian-2.6.8_2.6.8-16sarge5_all.deb
  to pool/main/k/kernel-source-2.6.8/kernel-patch-debian-2.6.8_2.6.8-16sarge5_all.deb
kernel-source-2.6.8_2.6.8-16sarge5.diff.gz
  to pool/main/k/kernel-source-2.6.8/kernel-source-2.6.8_2.6.8-16sarge5.diff.gz
kernel-source-2.6.8_2.6.8-16sarge5.dsc
  to pool/main/k/kernel-source-2.6.8/kernel-source-2.6.8_2.6.8-16sarge5.dsc
kernel-source-2.6.8_2.6.8-16sarge5_all.deb
  to pool/main/k/kernel-source-2.6.8/kernel-source-2.6.8_2.6.8-16sarge5_all.deb
kernel-tree-2.6.8_2.6.8-16sarge5_all.deb
  to pool/main/k/kernel-source-2.6.8/kernel-tree-2.6.8_2.6.8-16sarge5_all.deb