Back to systemimager PTS page

Accepted systemimager 3.2.3-6sarge5 (source all)

To: debian-changes@lists.debian.org
Subject: Accepted systemimager 3.2.3-6sarge5 (source all)
From: dann frazier <dannf@debian.org>
Date: Wed, 27 Feb 2008 07:52:13 +0000
Message-id: <E1JUH5J-0004nP-A3@ries.debian.org>
Sender: Archive Administrator <dak@ftp-master.debian.org>
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.7
Date: Thu, 21 Feb 2008 00:53:28 -0700
Source: systemimager
Binary: systemimager-boot-i386-standard systemimager-boot-ia64-standard systemimager-client systemimager-common systemimager-doc systemimager-server systemimager-server-flamethrowerd
Architecture: source all
Version: 3.2.3-6sarge5
Distribution: oldstable-security
Urgency: high
Maintainer: dann frazier <dannf@debian.org>
Changed-By: dann frazier <dannf@debian.org>
Description: 
 systemimager-boot-i386-standard - SystemImager boot binaries for i386 client nodes
 systemimager-client - Utilities for creating an image and upgrading client machines
 systemimager-common - Utilities and libraries common to both the server and client
 systemimager-doc - Manual and other documentation
 systemimager-server - Automate GNU/Linux installs and upgrades over a network
 systemimager-server-flamethrowerd - SystemImager boot binaries for i386 client nodes
 systemimager-boot-ia64-standard - SystemImager boot binaries for ia64 client nodes

 systemimager-server-flamethrowerd - SystemImager boot binaries for ia64 client nodes
Changes: 
 systemimager (3.2.3-6sarge5) oldstable-security; urgency=high
 .
   * Build against kernel-tree-2.4.27-10sarge6:
     * 239_mincore-hang.diff
       [SECURITY] Fix a potential deadlock in mincore
       See CVE-2006-4814
     * [ERRATA] 240_smbfs-honor-mount-opts-2.diff
       Fix some regressions with respect to file types (e.g., symlinks)
       introduced by the fix for CVE-2006-5871 in 2.4.27-10sarge5
     * 241_bluetooth-capi-size-checks.diff
       [SECURITY] Add additional length checks to avoid potential remote
       DoS attacks in the handling of CAPI messages in the bluetooth driver
       See CVE-2006-6106
     * 242_ext3-fsfuzz.diff
       [SECURITY] Fix a DoS vulnerability that can be triggered by a local
       user with the ability to mount a corrupted ext3 filesystem
       See CVE-2006-6053
     * 243_ipv6_fl_socklist-no-share.diff
       [SECURITY] Fix local DoS vulnerability caused by inadvertently sharing
       ipv6_fl_socklist between the listening socket and the socket created
       for connection.
       See CVE-2007-1592
     * 244_bluetooth-l2cap-hci-info-leaks.diff
       245_bluetooth-l2cap-hci-info-leaks-2.diff
       [SECURITY] Fix information leaks in setsockopt() implementations
       See CVE-2007-1353
     * 246_dn_fib-out-of-bounds.diff
       266_ipv4-fib_props-out-of-bounds.diff
       267_ipv4-fib_props-out-of-bounds-2.diff
       [SECURITY] Fix out of bounds condition in dn_fib_props[]
       See CVE-2007-2172
     * 247_reset-pdeathsig-on-suid.diff
       [SECURITY] Fix potential privilege escalation caused by improper
       clearing of the child process' pdeath signal.
       Thanks to Marcel Holtmann for the patch.
       See CVE-2007-3848
     * 248_random-reseed-sizeof-fix.diff
       [SECURITY] Fix a bug in the random driver reseeding code that reduces
       entropy by reseeding a smaller buffer size than expected
       See CVE-2007-4311
     * 249_openpromfs-signedness-bug.diff
       250_openpromfs-checks-1.diff
       251_openpromfs-checks-2.diff
       252_openpromfs-checks-3.diff
       [SECURITY] Fix a number of data checks in openprom code
       See CVE-2004-2731
     * 253_coredump-only-to-same-uid.diff
       [SECURITY] Fix an issue where core dumping over a file that
       already exists retains the ownership of the original file
       See CVE-2007-6206
     * 254_cramfs-check-block-length.diff
       [SECURITY] Add a sanity check of the block length in cramfs_readpage to
       avoid a potential oops condition
       See CVE-2006-5823
     * 255_pppoe-socket-release-mem-leak.diff
       [SECURITY] fix unpriveleged memory leak when a PPPoE socket is released
       after connect but before PPPIOCGCHAN ioctl is called upon it
       See CVE-2007-2525
     * 256_i4l-isdn_ioctl-mem-overrun.diff
       [SECURITY] Fix potential isdn ioctl memory overrun
       See CVE-2007-6151
     * 257_isdn-net-overflow.diff
       [SECURITY] Fix potential overflows in the ISDN subsystem
       See CVE-2007-6063
     * 258_ext2_readdir-f_pos-fix.diff,
       259_ext2_readdir-infinite-loop.diff,
       260_ext2-skip-pages-past-num-blocks.diff
       [SECURITY] Add some sanity checking for a corrupted i_size in
       ext2_find_entry()
       See CVE-2006-6054
     * 261_listxattr-mem-corruption.diff
       [SECURITY] Fix userspace corruption vulnerability caused by
       incorrectly promoted return values in bad_inode_ops
       This patches changes the kernel ABI.
       See CVE-2006-5753
     * 262_aacraid-ioctl-perm-check.diff
       [SECURITY] Require admin capabilities to issue ioctls to aacraid devices
       See CVE-2007-4308
     * 263_usb-pwc-disconnect-block.diff
       [SECURITY] Fix issue with unplugging webcams that use the pwc driver.
       If userspace still has the device open it can result, the driver would
       wait for the device to close, blocking the USB subsystem.
       See CVE-2007-5093
     * 264_mmap-VM_DONTEXPAND.diff
       [SECURITY] Add VM_DONTEXPAND to vm_flags in drivers that register
       a fault handler but do not bounds check the offset argument
       See CVE-2008-0007
     * 265_powerpc-chrp-null-deref.diff
       [SECURITY][powerpc] Fix NULL pointer dereference if get_property
       fails on the subarchitecture
       See CVE-2007-6694
   * Add ia64 build-dep on python, needed to run mklibs
Files: 
 7152d7aa17c4632a0e9ef450e92d3850 1027 admin optional systemimager_3.2.3-6sarge5.dsc
 2ed3cdd33958dbbb79acad51633fed0e 15980836 admin optional systemimager_3.2.3-6sarge5.tar.gz
 6320eef7e64b58239bbf976787178a86 119874 admin optional systemimager-server_3.2.3-6sarge5_all.deb
 6e1a1822035ee3eacd9b64adc1e9af57 32790 admin optional systemimager-client_3.2.3-6sarge5_all.deb
 c38aa76390664cd61cd39fcafdc061e3 32908 admin optional systemimager-common_3.2.3-6sarge5_all.deb
 aa02fdc51feb16ab51aa2d0b864b5033 633864 doc optional systemimager-doc_3.2.3-6sarge5_all.deb
 8f686699219008d35136f3eda8846894 18512 admin optional systemimager-server-flamethrowerd_3.2.3-6sarge5_all.deb
 0e4f9547acf07ac7eac578acd7062289 4762284 admin optional systemimager-boot-i386-standard_3.2.3-6sarge5_all.deb
 f2d22e050aec4e3cdef89fa36d0a1acd 9548918 admin optional systemimager-boot-ia64-standard_3.2.3-6sarge5_all.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)

iD8DBQFHvTlQhuANDBmkLRkRAvy1AJ0Z+ZLiFPD/DnwrGEEJSX17hXB5LACgjPg7
Rk0221eoQ9QzazRZYt2GxDM=
=6Sje
-----END PGP SIGNATURE-----


Accepted:
systemimager-boot-i386-standard_3.2.3-6sarge5_all.deb
  to pool/main/s/systemimager/systemimager-boot-i386-standard_3.2.3-6sarge5_all.deb
systemimager-boot-ia64-standard_3.2.3-6sarge5_all.deb
  to pool/main/s/systemimager/systemimager-boot-ia64-standard_3.2.3-6sarge5_all.deb
systemimager-client_3.2.3-6sarge5_all.deb
  to pool/main/s/systemimager/systemimager-client_3.2.3-6sarge5_all.deb
systemimager-common_3.2.3-6sarge5_all.deb
  to pool/main/s/systemimager/systemimager-common_3.2.3-6sarge5_all.deb
systemimager-doc_3.2.3-6sarge5_all.deb
  to pool/main/s/systemimager/systemimager-doc_3.2.3-6sarge5_all.deb
systemimager-server-flamethrowerd_3.2.3-6sarge5_all.deb
  to pool/main/s/systemimager/systemimager-server-flamethrowerd_3.2.3-6sarge5_all.deb
systemimager-server_3.2.3-6sarge5_all.deb
  to pool/main/s/systemimager/systemimager-server_3.2.3-6sarge5_all.deb
systemimager_3.2.3-6sarge5.dsc
  to pool/main/s/systemimager/systemimager_3.2.3-6sarge5.dsc
systemimager_3.2.3-6sarge5.tar.gz
  to pool/main/s/systemimager/systemimager_3.2.3-6sarge5.tar.gz