Debian Package Tracker

From: dann frazier <dannf@debian.org>
To: <debian-changes@lists.debian.org>
Subject: Accepted fai-kernels 1.9.1sarge7.1 (source i386)
Date: Sat, 22 Mar 2008 19:52:16 +0000
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.7
Date: Wed, 20 Feb 2008 14:20:35 -0700
Source: fai-kernels
Binary: fai-kernels
Architecture: source i386
Version: 1.9.1sarge7.1
Distribution: oldstable
Urgency: high
Maintainer: Thomas Lange <lange@debian.org>
Changed-By: dann frazier <dannf@debian.org>
Description: 
 fai-kernels - special kernels for FAI (Fully Automatic Installation)
Changes: 
 fai-kernels (1.9.1sarge7.1) oldstable; urgency=high
 .
   * Build against kernel-tree-2.6.8-17sarge1:
     * compat_sys_mount-NULL-data_page.dpatch
       [SECURITY] Fix oops in compat_sys_mount triggered by NULL data_page
       See CVE-2006-7203
     * pppoe-socket-release-mem-leak.dpatch
       [SECURITY] fix unpriveleged memory leak when a PPPoE socket is released
       after connect but before PPPIOCGCHAN ioctl is called upon it
       See CVE-2007-2525
     * dn_fib-out-of-bounds.dpatch, ipv4-fib_props-out-of-bounds.dpatch
       [SECURITY] Fix out of bounds condition in dn_fib_props[]
       See CVE-2007-2172
     * aacraid-ioctl-perm-check.dpatch
       [SECURITY] Require admin capabilities to issue ioctls to aacraid devices
       See CVE-2007-4308
     * reset-pdeathsig-on-suid.dpatch
       [SECURITY] Fix potential privilege escalation caused by improper
       clearing of the child process' pdeath signal.
       See CVE-2007-3848
     * bluetooth-l2cap-hci-info-leaks.dpatch
       [SECURITY] Fix information leaks in setsockopt() implementations
       See CVE-2007-1353
     * coredump-only-to-same-uid.dpatch
       [SECURITY] Fix an issue where core dumping over a file that
       already exists retains the ownership of the original file
       See CVE-2007-6206
     * i4l-isdn_ioctl-mem-overrun.dpatch
       [SECURITY] Fix potential isdn ioctl memory overrun
       See CVE-2007-6151
     * cramfs-check-block-length.dpatch
       [SECURITY] Add a sanity check of the block length in cramfs_readpage to
       avoid a potential oops condition
       See CVE-2006-5823
     * ext2-skip-pages-past-num-blocks.dpatch
       [SECURITY] Add some sanity checking for a corrupted i_size in
       ext2_find_entry()
       See CVE-2006-6054
     * minixfs-printk-hang.dpatch
       [SECURITY] Rate-limit printks caused by accessing a corrupted minixfs
       filesystem that would otherwise cause a system to hang (printk storm)
       See CVE-2006-6058
     * isdn-net-overflow.dpatch
       [SECURITY] Fix potential overflows in the ISDN subsystem
       See CVE-2007-6063
     * prevent-stack-growth-into-hugetlb-region.dpatch
       [SECURITY] Prevent OOPS during stack expansion when the VMA crosses
       into address space reserved for hugetlb pages.
       See CVE-2007-3739
     * cifs-honor-umask.dpatch
       [SECURITY] Make CIFS honor a process' umask
       See CVE-2007-3740
     * hugetlb-prio_tree-unit-fix.dpatch
       [SECURITY] Fix misconversion of hugetlb_vmtruncate_list to prio_tree
       which could be used to trigger a BUG_ON() call in exit_mmap.
       See CVE-2007-4133
     * amd64-zero-extend-32bit-ptrace.dpatch
       [SECURITY] Zero extend all registers after ptrace in 32-bit entry path.
       See CVE-2007-4573
     * usb-pwc-disconnect-block.dpatch
       [SECURITY] Fix issue with unplugging webcams that use the pwc driver.
       If userspace still has the device open it can result, the driver would
       wait for the device to close, blocking the USB subsystem.
       See CVE-2007-5093
     * powerpc-chrp-null-deref.dpatch
       [SECURITY][powerpc] Fix NULL pointer dereference if get_property
       fails on the subarchitecture
       See CVE-2007-6694
     * random-bound-check-ordering.dpatch
       [SECURITY] Fix stack-based buffer overflow in the random number
       generator
       See CVE-2007-3105
     * mmap-VM_DONTEXPAND.dpatch
       [SECURITY] Add VM_DONTEXPAND to vm_flags in drivers that register
       a fault handler but do not bounds check the offset argument
       See CVE-2008-0007
Files: 
 443dc4f2db2a74304927bda11c55809b 625 admin extra fai-kernels_1.9.1sarge7.1.dsc
 96670cbc466f1a209639eed5f605b094 31954 admin extra fai-kernels_1.9.1sarge7.1.tar.gz
 e4cba3786a15a9231dea23291de85444 12008732 admin extra fai-kernels_1.9.1sarge7.1_i386.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)

iD8DBQFH5V0NhuANDBmkLRkRAtVgAJ95RMxFU9rw/x+vXrxhID9CyPFyNACfRpu6
SdBfTnEEGOTJfZHz5MaaK24=
=1cCg
-----END PGP SIGNATURE-----


Accepted:
fai-kernels_1.9.1sarge7.1.dsc
  to pool/main/f/fai-kernels/fai-kernels_1.9.1sarge7.1.dsc
fai-kernels_1.9.1sarge7.1.tar.gz
  to pool/main/f/fai-kernels/fai-kernels_1.9.1sarge7.1.tar.gz
fai-kernels_1.9.1sarge7.1_i386.deb
  to pool/main/f/fai-kernels/fai-kernels_1.9.1sarge7.1_i386.deb
News for package fai-kernels
