-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Format: 1.7 Date: Thu, 7 Dec 2006 10:11:45 -0700 Source: fai-kernels Binary: fai-kernels Architecture: source i386 Version: 1.9.1sarge5 Distribution: stable-security Urgency: low Maintainer: Thomas Lange <lange@debian.org> Changed-By: dann frazier <dannf@debian.org> Description: fai-kernels - special kernels for FAI (Fully Automatic Installation) Closes: 310982 Changes: fai-kernels (1.9.1sarge5) stable-security; urgency=low . * NMU by the Security Team * Build against kernel-tree-2.4.27-10sarge5: * 233_ia64-sparc-cross-region-mappings.diff [SECURITY] Prevent cross-region mappings on ia64 and sparc which could be used in a local DoS attack (system crash) See CVE-2006-4538 * 234_atm-clip-freed-skb-deref.diff [SECURITY] Avoid dereferencing an already freed skb, preventing a potential remote DoS (system crash) vector See CVE-2006-4997 * 235_ppc-alignment-exception-table-check.diff [SECURITY][ppc] Avoid potential DoS which can be triggered by some futex ops See CVE-2006-5649 * 236_s390-uaccess-memleak.diff [SECURITY][s390] Fix memory leak in copy_from_user by clearing the remaining bytes of the kernel buffer after a fault on the userspace address in copy_from_user() See CVE-2006-5174 * 237_smbfs-honor-mount-opts.diff Honor uid, gid and mode mount options for smbfs even when unix extensions are enabled (closes: #310982) See CVE-2006-5871 * 238_ppc-hid0-dos.diff [SECURITY] [ppc] Fix local DoS by clearing HID0 attention enable on PPC970 at boot time See CVE-2006-4093 * Build against kernel-tree-2.6.8-16sarge6: * perfmon-fd-refcnt.dpatch [SECURITY][ia64] Fix file descriptor leak in perfmonctl system call which could be used as a local denial of service attack by depleting the system of file descriptors See CVE-2006-3741 * ia64-sparc-cross-region-mappings.dpatch [SECURITY] Prevent cross-region mappings on ia64 and sparc which could be used in a local DoS attack (system crash) See CVE-2006-4538 * __block_prepare_write-recovery.dpatch [SECURITY] Fix an information leak in __block_prepare_write() See CVE-2006-4813 * atm-clip-freed-skb-deref.dpatch [SECURITY] Avoid dereferencing an already freed skb, preventing a potential remote DoS (system crash) vector See CVE-2006-4997 * ip6_flowlabel-lockup.dpatch [SECURITY] Fix local DoS attack vector (lockups, oopses) in the sequence handling for /proc/net/ip6_flowlabel See CVE-2006-5619 * ppc-alignment-exception-table-check.dpatch [SECURITY][ppc] Avoid potential DoS which can be triggered by some futex ops See CVE-2006-5649 * s390-uaccess-memleak.dpatch [SECURITY][s390] Fix memory leak in copy_from_user by clearing the remaining bytes of the kernel buffer after a fault on the userspace address in copy_from_user() See CVE-2006-5174 * smbfs-honor-mount-opts.dpatch Honor uid, gid and mode mount options for smbfs even when unix extensions are enabled See CVE-2006-5871 * bridge-get_fdb_entries-overflow.dpatch Protect against possible overflow in get_fdb_entries See CVE-2006-5751 Files: 011ee5100e419cb2f0c7bc1cc30ac84a 621 admin extra fai-kernels_1.9.1sarge5.dsc d148029e7fe13f42ab21c5eb43de8204 29571 admin extra fai-kernels_1.9.1sarge5.tar.gz a235fc98f68f558e5ecc1ec7b42dd57e 12002364 admin extra fai-kernels_1.9.1sarge5_i386.deb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.5 (GNU/Linux) iD8DBQFFeFXihuANDBmkLRkRAmpUAJ9J5QqrAVGqFSR4pLT4BKdcx2dO5gCeOQ6t jnQK/6l2GHRm0K8AQ/vy9w0= =GNEC -----END PGP SIGNATURE----- Accepted: fai-kernels_1.9.1sarge5.dsc to pool/main/f/fai-kernels/fai-kernels_1.9.1sarge5.dsc fai-kernels_1.9.1sarge5.tar.gz to pool/main/f/fai-kernels/fai-kernels_1.9.1sarge5.tar.gz fai-kernels_1.9.1sarge5_i386.deb to pool/main/f/fai-kernels/fai-kernels_1.9.1sarge5_i386.deb
