Back to systemimager PTS page

Accepted systemimager 3.2.3-6sarge2 (source all)

To: debian-changes@lists.debian.org
Subject: Accepted systemimager 3.2.3-6sarge2 (source all)
From: dann frazier <dannf@debian.org>
Date: Wed, 30 Aug 2006 23:05:46 -0700
Mail-followup-to: debian-devel@lists.debian.org
Message-id: <E1GIfgQ-0006BL-Oj@spohr.debian.org>
Reply-to: debian-devel@lists.debian.org
Sender: Archive Administrator <dak@ftp-master.debian.org>
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.7
Date: Sat, 10 Jun 2006 12:29:53 -0600
Source: systemimager
Binary: systemimager-boot-i386-standard systemimager-boot-ia64-standard systemimager-client systemimager-common systemimager-doc systemimager-server systemimager-server-flamethrowerd
Architecture: source all
Version: 3.2.3-6sarge2
Distribution: stable-security
Urgency: high
Maintainer: dann frazier <dannf@debian.org>
Changed-By: dann frazier <dannf@debian.org>
Description: 
 systemimager-boot-i386-standard - SystemImager boot binaries for i386 client nodes
 systemimager-client - Utilities for creating an image and upgrading client machines
 systemimager-common - Utilities and libraries common to both the server and client
 systemimager-doc - Manual and other documentation
 systemimager-server - Automate GNU/Linux installs and upgrades over a network
 systemimager-server-flamethrowerd - SystemImager boot binaries for i386 client nodes
 systemimager-boot-ia64-standard - SystemImager boot binaries for ia64 client nodes

 systemimager-server-flamethrowerd - SystemImager boot binaries for ia64 client nodes
Changes: 
 systemimager (3.2.3-6sarge2) stable-security; urgency=high
 .
   * Rebuild against kernel-source-2.6.8 (2.6.8-16sarge3):
     * 207_smbfs-chroot-escape.diff
       [SECURITY] Fix directory traversal vulnerability in smbfs that permits
       local users to escape chroot restrictions
       See CVE-2006-1864
     * 208_ia64-die_if_kernel-returns.diff
       [SECURITY][ia64] Fix a potential local DoS on ia64 systems caused by
       an incorrect 'noreturn' attribute on die_if_kernel()
       See CVE-2006-0742
     * 209_sctp-discard-unexpected-in-closed.diff
       [SECURITY] Fix remote DoS in SCTP code by discarding unexpected chunks
       received in CLOSED state instead of calling BUG()
       See CVE-2006-2271
     * 210_ipv4-id-no-increment.diff
       [SECURITY] Fix vulnerability that allows remote attackers to conduct an
       Idle Scan attack, bypassing intended protections against such attacks
       See CVE-2006-1242
     * 211_usb-gadget-rndis-bufoverflow.diff
       [SECURITY] Fix buffer overflow in the USB Gadget RNDIS implementation
       that allows for a remote DoS attack (kmalloc'd memory corruption)
       See CVE-2006-1368
     * 212_ipv4-sin_zero_clear.diff
       [SECURITY] Fix local information leak in af_inet code
       See CVE-2006-1343
     * 213_madvise_remove-restrict.diff
       [SECURITY] Fix vulnerability that allows local users to bypass IPC
       permissions and replace portions of read-only tmpfs files with zeroes.
       See CVE-2006-1524
     * 214_mcast-ip-route-null-deref.diff
       [SECURITY] Fix local DoS vulnerability that allows local users to panic
       a system by requesting a route for a multicast IP
       See CVE-2006-1525
     * 215_sctp-fragment-recurse.diff
       [SECURITY] Fix remote DoS vulnerability that can lead to infinite
       recursion when a packet containing two or more DATA fragments is received
       See CVE-2006-2274
     * 216_sctp-fragmented-receive-fix.diff
       [SECURITY] Fix remote DoS vulnerability that allows IP fragmented
       COOKIE_ECHO and HEARTBEAT SCTP control chunks to cause a kernel panic
       See CVE-2006-2272
     * 217_amd64-fp-reg-leak.diff
       [SECURITY][amd64] Fix an information leak that allows a process to see
       a portion of the floating point state of other processes, possibly
       exposing sensitive information.
       See CVE-2006-1056
     * 218_do_add_counters-race.diff
       [SECURITY] Fix race condition in the do_add_counters() function in
       netfilter that allows local users with CAP_NET_ADMIN capabilities to
       read kernel memory
       See CVE-2006-0039
     * 219_sctp-hb-ack-overflow.diff
       [SECURITY] Fix a remote buffer overflow that can result from a badly
       formatted HB-ACK chunk
       See CVE-2006-1857
     * 220_sctp-param-bound-checks.diff
       [SECURITY] Fix a bound checking error (remote DoS) in the SCTP parameter
       checking code
       See CVE-2006-1858
     * 221_netfilter-do_replace-overflow.diff
       [SECURITY] Fix buffer overflow in netfilter do_replace which can could
       be triggered by users with CAP_NET_ADMIN rights.
       See CVE-2006-0038
     * 222_binfmt-bad-elf-entry-address.diff
       [SECURITY][amd64] Fix potential local DoS vulnerability in the binfmt_elf
       code on em64t processors
       See CVE-2006-0741
Files: 
 271d488ce319e95d567143228330e9a1 1012 admin optional systemimager_3.2.3-6sarge2.dsc
 9d7e6b12846c71e4d530375aacd1390b 15975839 admin optional systemimager_3.2.3-6sarge2.tar.gz
 a73dc8e6bb5119c7679d97d13b94cbc8 116802 admin optional systemimager-server_3.2.3-6sarge2_all.deb
 64658643dc4a9554a722ff1b724c916f 30482 admin optional systemimager-client_3.2.3-6sarge2_all.deb
 7cafd2b593e33cd0cb1ed5577a63142a 30730 admin optional systemimager-common_3.2.3-6sarge2_all.deb
 01476ba30e300b6b91a9a1a5d5c7f16b 631336 doc optional systemimager-doc_3.2.3-6sarge2_all.deb
 00be5d0f60f2e89dec74ec2a76310638 15944 admin optional systemimager-server-flamethrowerd_3.2.3-6sarge2_all.deb
 15c5bd7f61d7291f1267c12733ffcb5b 4759092 admin optional systemimager-boot-i386-standard_3.2.3-6sarge2_all.deb
 c225981a19829b44b8b2e61beea177c2 9545000 admin optional systemimager-boot-ia64-standard_3.2.3-6sarge2_all.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.3 (GNU/Linux)

iD8DBQFEjFL6huANDBmkLRkRAsWaAJ9mup91eDX+aesUJvYp3bH4icGBugCfd6jE
GDveANfk/NVJdekD8BLkl0s=
=9HSx
-----END PGP SIGNATURE-----


Accepted:
systemimager-boot-i386-standard_3.2.3-6sarge2_all.deb
  to pool/main/s/systemimager/systemimager-boot-i386-standard_3.2.3-6sarge2_all.deb
systemimager-boot-ia64-standard_3.2.3-6sarge2_all.deb
  to pool/main/s/systemimager/systemimager-boot-ia64-standard_3.2.3-6sarge2_all.deb
systemimager-client_3.2.3-6sarge2_all.deb
  to pool/main/s/systemimager/systemimager-client_3.2.3-6sarge2_all.deb
systemimager-common_3.2.3-6sarge2_all.deb
  to pool/main/s/systemimager/systemimager-common_3.2.3-6sarge2_all.deb
systemimager-doc_3.2.3-6sarge2_all.deb
  to pool/main/s/systemimager/systemimager-doc_3.2.3-6sarge2_all.deb
systemimager-server-flamethrowerd_3.2.3-6sarge2_all.deb
  to pool/main/s/systemimager/systemimager-server-flamethrowerd_3.2.3-6sarge2_all.deb
systemimager-server_3.2.3-6sarge2_all.deb
  to pool/main/s/systemimager/systemimager-server_3.2.3-6sarge2_all.deb
systemimager_3.2.3-6sarge2.dsc
  to pool/main/s/systemimager/systemimager_3.2.3-6sarge2.dsc
systemimager_3.2.3-6sarge2.tar.gz
  to pool/main/s/systemimager/systemimager_3.2.3-6sarge2.tar.gz