Debian Package Tracker

From: dann frazier <dannf@debian.org>
To: <debian-changes@lists.debian.org>
Subject: Accepted kernel-image-2.4.27-alpha 2.4.27-10sarge4 (source alpha)
Date: Mon, 25 Sep 2006 15:50:07 -0700
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.7
Date: Sun,  3 Sep 2006 16:10:00 -0600
Source: kernel-image-2.4.27-alpha
Binary: kernel-image-2.4.27-3-generic kernel-headers-2.4.27-3-generic kernel-headers-2.4.27-3 kernel-build-2.4.27-3 kernel-image-2.4.27-3-smp kernel-headers-2.4.27-3-smp
Architecture: source alpha
Version: 2.4.27-10sarge4
Distribution: stable-security
Urgency: high
Maintainer: Debian Kernel Team <debian-kernel@lists.debian.org>
Changed-By: dann frazier <dannf@debian.org>
Description: 
 kernel-build-2.4.27-3 - Headers for building modules for Linux 2.4.27
 kernel-headers-2.4.27-3 - Header files related to Linux kernel version 2.4.27
 kernel-headers-2.4.27-3-generic - Linux kernel headers 2.4.27 on Alpha
 kernel-headers-2.4.27-3-smp - Linux kernel headers 2.4.27 on Alpha SMP
 kernel-image-2.4.27-3-generic - Linux kernel image for version 2.4.27 on Alpha.
 kernel-image-2.4.27-3-smp - Linux kernel image for version 2.4.27 on Alpha SMP.
Changes: 
 kernel-image-2.4.27-alpha (2.4.27-10sarge4) stable-security; urgency=high
 .
   * Build against kernel-tree-2.4.27-10sarge4:
     * [ERRATA] 213_madvise_remove-restrict.diff
       [SECURITY] The 2.4.27-10sarge3 changelog associated this patch with
       CVE-2006-1524. However, this patch fixes an mprotect issue that was
       split off from the original report into CVE-2006-2071. 2.4.27 is not
       vulnerable to CVE-2006-1524 the madvise_remove issue.
       See CVE-2006-2071
     * 223_nfs-handle-long-symlinks.diff
       [SECURITY] Fix buffer overflow in NFS readline handling that allows a
       remote server to cause a denial of service (crash) via a long symlink
       See CVE-2005-4798
     * 224_cdrom-bad-cgc.buflen-assign.diff
       [SECURITY] Fix buffer overflow in dvd_read_bca which could potentially
       be used by a local user to trigger a buffer overflow via a specially
       crafted DVD, USB stick, or similar automatically mounted device.
       See CVE-2006-2935
     * 225_sg-no-mmap-VM_IO.diff
       [SECURITY] Fix DoS vulnerability whereby a local user could attempt
       a dio/mmap and cause the sg driver to oops.
       See CVE-2006-1528
     * 226_snmp-nat-mem-corruption-fix.diff
       [SECURITY] Fix memory corruption in snmp_trap_decode
       See CVE-2006-2444
     * 227_kfree_skb.diff
       [SECURITY] Fix race between kfree_skb and __skb_unlink
       See CVE-2006-2446
     * 228_sparc-mb-extraneous-semicolons.diff
       Fix a syntax error caused by extranous semicolons in smp_mb() macros
       which resulted in a build failure with 227_kfree_skb.diff
     * 229_sctp-priv-elevation.diff, 230_sctp-priv-elevation-2.diff
       [SECURITY] Fix SCTP privelege escalation
       See CVE-2006-3745
     * 231_udf-deadlock.diff
       [SECURITY] Fix possible UDF deadlock and memory corruption
       See CVE-2006-4145
     * 232_sparc-membar-extraneous-semicolons.diff
       Fix an additional syntax error caused by extraneous semicolons
       in membar macros on sparc
Files: 
 88a98b9f6aa9ebd3cdfe4978f4ee56da 831 devel optional kernel-image-2.4.27-alpha_2.4.27-10sarge4.dsc
 6ab91f91278a604a4916a2b31905d515 31842 devel optional kernel-image-2.4.27-alpha_2.4.27-10sarge4.tar.gz
 e35e28151550092e60061c6f02bb73e7 16530564 base optional kernel-image-2.4.27-3-generic_2.4.27-10sarge4_alpha.deb
 d4f40822ff7d2b81745fcbad93c6c681 4574146 devel optional kernel-headers-2.4.27-3_2.4.27-10sarge4_alpha.deb
 b4e1b2a3e0a5536b0af285ecb8c06b02 16981142 base optional kernel-image-2.4.27-3-smp_2.4.27-10sarge4_alpha.deb
 9f1fff33bda8359a29401dfb5a68ae26 274864 devel optional kernel-headers-2.4.27-3-smp_2.4.27-10sarge4_alpha.deb
 2445e35987d49ac25d54e03f4d812278 7632 devel optional kernel-build-2.4.27-3_2.4.27-10sarge4_alpha.deb
 7441b62133c6f10e2556ec0703912049 272884 devel optional kernel-headers-2.4.27-3-generic_2.4.27-10sarge4_alpha.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (GNU/Linux)

iD8DBQFFDtjthuANDBmkLRkRAoWhAJsH0XBpsavBdQoO/cP9sZolRJmFZQCfYh2b
H+o/aZsmX70KVKN/as52Z/E=
=o7O+
-----END PGP SIGNATURE-----


Accepted:
kernel-build-2.4.27-3_2.4.27-10sarge4_alpha.deb
  to pool/main/k/kernel-image-2.4.27-alpha/kernel-build-2.4.27-3_2.4.27-10sarge4_alpha.deb
kernel-headers-2.4.27-3-generic_2.4.27-10sarge4_alpha.deb
  to pool/main/k/kernel-image-2.4.27-alpha/kernel-headers-2.4.27-3-generic_2.4.27-10sarge4_alpha.deb
kernel-headers-2.4.27-3-smp_2.4.27-10sarge4_alpha.deb
  to pool/main/k/kernel-image-2.4.27-alpha/kernel-headers-2.4.27-3-smp_2.4.27-10sarge4_alpha.deb
kernel-headers-2.4.27-3_2.4.27-10sarge4_alpha.deb
  to pool/main/k/kernel-image-2.4.27-alpha/kernel-headers-2.4.27-3_2.4.27-10sarge4_alpha.deb
kernel-image-2.4.27-3-generic_2.4.27-10sarge4_alpha.deb
  to pool/main/k/kernel-image-2.4.27-alpha/kernel-image-2.4.27-3-generic_2.4.27-10sarge4_alpha.deb
kernel-image-2.4.27-3-smp_2.4.27-10sarge4_alpha.deb
  to pool/main/k/kernel-image-2.4.27-alpha/kernel-image-2.4.27-3-smp_2.4.27-10sarge4_alpha.deb
kernel-image-2.4.27-alpha_2.4.27-10sarge4.dsc
  to pool/main/k/kernel-image-2.4.27-alpha/kernel-image-2.4.27-alpha_2.4.27-10sarge4.dsc
kernel-image-2.4.27-alpha_2.4.27-10sarge4.tar.gz
  to pool/main/k/kernel-image-2.4.27-alpha/kernel-image-2.4.27-alpha_2.4.27-10sarge4.tar.gz
News for package kernel-image-2.4.27-alpha
