-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Format: 1.7 Date: Sun, 17 Feb 2008 16:49:02 -0700 Source: kernel-image-2.4.27-i386 Binary: kernel-headers-2.4.27-4-k7-smp kernel-image-2.4.27-4-686 kernel-pcmcia-modules-2.4.27-4-k6 kernel-pcmcia-modules-2.4.27-4-386 kernel-pcmcia-modules-2.4.27-4-686 kernel-image-2.4.27-4-k7 kernel-pcmcia-modules-2.4.27-4-586tsc kernel-headers-2.4.27-4 kernel-image-2.4.27-4-686-smp kernel-headers-2.4.27-4-k7 kernel-headers-2.4.27-4-686 kernel-headers-2.4.27-4-k6 kernel-headers-2.4.27-4-586tsc kernel-headers-2.4.27-4-386 kernel-image-2.4.27-4-k6 kernel-image-2.4.27-4-k7-smp kernel-pcmcia-modules-2.4.27-4-686-smp kernel-pcmcia-modules-2.4.27-4-k7-smp kernel-headers-2.4.27-4-686-smp kernel-pcmcia-modules-2.4.27-4-k7 kernel-image-2.4.27-4-586tsc kernel-image-2.4.27-4-386 kernel-build-2.4.27-4 Architecture: source i386 Version: 2.4.27-10sarge6 Distribution: oldstable-security Urgency: high Maintainer: Debian Kernel Team <debian-kernel@lists.debian.org> Changed-By: dann frazier <dannf@debian.org> Description: kernel-build-2.4.27-4 - Headers for building modules for Linux 2.4.27 kernel-headers-2.4.27-4 - Header files related to Linux kernel version 2.4.27 kernel-headers-2.4.27-4-386 - Linux 2.4.27 kernel headers for 386 kernel-headers-2.4.27-4-586tsc - Linux 2.4.27 kernel headers for Pentium-Classic kernel-headers-2.4.27-4-686 - Linux 2.4.27 kernel headers for PPro/Celeron/PII/PIII/P4 kernel-headers-2.4.27-4-686-smp - Linux 2.4.27 kernel headers for PPro/Celeron/PII/PIII/P4 SMP kernel-headers-2.4.27-4-k6 - Linux 2.4.27 kernel headers for AMD K6/K6-II/K6-III kernel-headers-2.4.27-4-k7 - Linux 2.4.27 kernel headers for AMD K7 kernel-headers-2.4.27-4-k7-smp - Linux 2.4.27 kernel headers for AMD K7 SMP kernel-image-2.4.27-4-386 - Linux kernel image for version 2.4.27 on 386 kernel-image-2.4.27-4-586tsc - Linux kernel image for version 2.4.27 on Pentium-Classic kernel-image-2.4.27-4-686 - Linux kernel image for version 2.4.27 on PPro/Celeron/PII/PIII/P4 kernel-image-2.4.27-4-686-smp - Linux kernel image for version 2.4.27 on PPro/Celeron/PII/PIII/P4 kernel-image-2.4.27-4-k6 - Linux kernel image for version 2.4.27 on AMD K6/K6-II/K6-III kernel-image-2.4.27-4-k7 - Linux kernel image for version 2.4.27 on AMD K7 kernel-image-2.4.27-4-k7-smp - Linux kernel image for version 2.4.27 on AMD K7 SMP kernel-pcmcia-modules-2.4.27-4-386 - Mainstream PCMCIA modules 2.4.27 on 386 kernel-pcmcia-modules-2.4.27-4-586tsc - Mainstream PCMCIA modules 2.4.27 on Pentium-Classic kernel-pcmcia-modules-2.4.27-4-686 - Mainstream PCMCIA modules 2.4.27 on PPro/Celeron/PII/PIII/P4 kernel-pcmcia-modules-2.4.27-4-686-smp - Mainstream PCMCIA modules 2.4.27 on PPro/Celeron/PII/PIII/P4 SMP kernel-pcmcia-modules-2.4.27-4-k6 - Mainstream PCMCIA modules 2.4.27 on AMD K6/K6-II/K6-III kernel-pcmcia-modules-2.4.27-4-k7 - Mainstream PCMCIA modules 2.4.27 on AMD K7 kernel-pcmcia-modules-2.4.27-4-k7-smp - Mainstream PCMCIA modules 2.4.27 on AMD K7 SMP Changes: kernel-image-2.4.27-i386 (2.4.27-10sarge6) oldstable-security; urgency=high . * Build against kernel-tree-2.4.27-10sarge6: * 239_mincore-hang.diff [SECURITY] Fix a potential deadlock in mincore See CVE-2006-4814 * [ERRATA] 240_smbfs-honor-mount-opts-2.diff Fix some regressions with respect to file types (e.g., symlinks) introduced by the fix for CVE-2006-5871 in 2.4.27-10sarge5 * 241_bluetooth-capi-size-checks.diff [SECURITY] Add additional length checks to avoid potential remote DoS attacks in the handling of CAPI messages in the bluetooth driver See CVE-2006-6106 * 242_ext3-fsfuzz.diff [SECURITY] Fix a DoS vulnerability that can be triggered by a local user with the ability to mount a corrupted ext3 filesystem See CVE-2006-6053 * 243_ipv6_fl_socklist-no-share.diff [SECURITY] Fix local DoS vulnerability caused by inadvertently sharing ipv6_fl_socklist between the listening socket and the socket created for connection. See CVE-2007-1592 * 244_bluetooth-l2cap-hci-info-leaks.diff 245_bluetooth-l2cap-hci-info-leaks-2.diff [SECURITY] Fix information leaks in setsockopt() implementations See CVE-2007-1353 * 246_dn_fib-out-of-bounds.diff 266_ipv4-fib_props-out-of-bounds.diff 267_ipv4-fib_props-out-of-bounds-2.diff [SECURITY] Fix out of bounds condition in dn_fib_props[] See CVE-2007-2172 * 247_reset-pdeathsig-on-suid.diff [SECURITY] Fix potential privilege escalation caused by improper clearing of the child process' pdeath signal. Thanks to Marcel Holtmann for the patch. See CVE-2007-3848 * 248_random-reseed-sizeof-fix.diff [SECURITY] Fix a bug in the random driver reseeding code that reduces entropy by reseeding a smaller buffer size than expected See CVE-2007-4311 * 249_openpromfs-signedness-bug.diff 250_openpromfs-checks-1.diff 251_openpromfs-checks-2.diff 252_openpromfs-checks-3.diff [SECURITY] Fix a number of data checks in openprom code See CVE-2004-2731 * 253_coredump-only-to-same-uid.diff [SECURITY] Fix an issue where core dumping over a file that already exists retains the ownership of the original file See CVE-2007-6206 * 254_cramfs-check-block-length.diff [SECURITY] Add a sanity check of the block length in cramfs_readpage to avoid a potential oops condition See CVE-2006-5823 * 255_pppoe-socket-release-mem-leak.diff [SECURITY] fix unpriveleged memory leak when a PPPoE socket is released after connect but before PPPIOCGCHAN ioctl is called upon it See CVE-2007-2525 * 256_i4l-isdn_ioctl-mem-overrun.diff [SECURITY] Fix potential isdn ioctl memory overrun See CVE-2007-6151 * 257_isdn-net-overflow.diff [SECURITY] Fix potential overflows in the ISDN subsystem See CVE-2007-6063 * 258_ext2_readdir-f_pos-fix.diff, 259_ext2_readdir-infinite-loop.diff, 260_ext2-skip-pages-past-num-blocks.diff [SECURITY] Add some sanity checking for a corrupted i_size in ext2_find_entry() See CVE-2006-6054 * 261_listxattr-mem-corruption.diff [SECURITY] Fix userspace corruption vulnerability caused by incorrectly promoted return values in bad_inode_ops This patches changes the kernel ABI. See CVE-2006-5753 * 262_aacraid-ioctl-perm-check.diff [SECURITY] Require admin capabilities to issue ioctls to aacraid devices See CVE-2007-4308 * 263_usb-pwc-disconnect-block.diff [SECURITY] Fix issue with unplugging webcams that use the pwc driver. If userspace still has the device open it can result, the driver would wait for the device to close, blocking the USB subsystem. See CVE-2007-5093 * 264_mmap-VM_DONTEXPAND.diff [SECURITY] Add VM_DONTEXPAND to vm_flags in drivers that register a fault handler but do not bounds check the offset argument See CVE-2008-0007 * 265_powerpc-chrp-null-deref.diff [SECURITY][powerpc] Fix NULL pointer dereference if get_property fails on the subarchitecture See CVE-2007-6694 * ABI changing update, increment ABI number to 4. If you don't understand what this means, see http://wiki.debian.org/DebianKernelABIChanges Files: d905f8b5191e92587b2694776bfd2162 1582 devel optional kernel-image-2.4.27-i386_2.4.27-10sarge6.dsc c5fde5cda4bc40b613e3eb8389464e00 101379 devel optional kernel-image-2.4.27-i386_2.4.27-10sarge6.tar.gz 3727b12f2acaa3429b9f845c5fafa4b2 1857996 devel optional kernel-headers-2.4.27-4_2.4.27-10sarge6_i386.deb 0acd56708c0e9b1eb13ed65c301eb4e5 302150 base optional kernel-pcmcia-modules-2.4.27-4-686_2.4.27-10sarge6_i386.deb db4c30615a7cbdd1dc4e81b23b5e9a03 302266 devel optional kernel-headers-2.4.27-4-686_2.4.27-10sarge6_i386.deb 3892ecb2b0fb49a3ade013e27485320d 12357440 base optional kernel-image-2.4.27-4-686_2.4.27-10sarge6_i386.deb a124cb2d7c7cc1a0462f34f40f341eef 296314 base optional kernel-pcmcia-modules-2.4.27-4-586tsc_2.4.27-10sarge6_i386.deb e32d1efb04c53424e0b8760e155e807c 301974 devel optional kernel-headers-2.4.27-4-586tsc_2.4.27-10sarge6_i386.deb 85ecbc317471b19622aa4c881787ccc4 12040558 base optional kernel-image-2.4.27-4-586tsc_2.4.27-10sarge6_i386.deb 3aab4d4883d87b229d48fac30d41e603 301002 base optional kernel-pcmcia-modules-2.4.27-4-k7-smp_2.4.27-10sarge6_i386.deb a0124d96976fdb5295d88e4452c3e482 303960 devel optional kernel-headers-2.4.27-4-k7-smp_2.4.27-10sarge6_i386.deb fbc7f2c6e8a05225049e8cc5ff42fc32 12439378 base optional kernel-image-2.4.27-4-k7-smp_2.4.27-10sarge6_i386.deb 3a4cfc236fd895b79aa34a61aa25f4ea 307908 base optional kernel-pcmcia-modules-2.4.27-4-686-smp_2.4.27-10sarge6_i386.deb d3105a688746ddd36d618018e9b53d1a 303850 devel optional kernel-headers-2.4.27-4-686-smp_2.4.27-10sarge6_i386.deb 759c414f04d4765e26c2b40957fc9ab4 12700924 base optional kernel-image-2.4.27-4-686-smp_2.4.27-10sarge6_i386.deb ac3904823f38ee87f5d474b97989f1b7 290140 base optional kernel-pcmcia-modules-2.4.27-4-k6_2.4.27-10sarge6_i386.deb 09804682d0b2db2150fab0a9bd95d163 301394 devel optional kernel-headers-2.4.27-4-k6_2.4.27-10sarge6_i386.deb 1a891346b963cea2591e0c2a2b40d418 11725582 base optional kernel-image-2.4.27-4-k6_2.4.27-10sarge6_i386.deb d790eb36fc3213aefb7deba17a3cbeeb 296070 base optional kernel-pcmcia-modules-2.4.27-4-k7_2.4.27-10sarge6_i386.deb 00ce79f3215cf690cd6f9a5d588fb46a 302272 devel optional kernel-headers-2.4.27-4-k7_2.4.27-10sarge6_i386.deb 6b1b8f925a1ff13b140f061215f47e09 12107272 base optional kernel-image-2.4.27-4-k7_2.4.27-10sarge6_i386.deb 0ece32ae57e8bc07909d472a27f75fad 271418 base optional kernel-pcmcia-modules-2.4.27-4-386_2.4.27-10sarge6_i386.deb 9017891e4c79068047e4af5cb929c31c 301320 devel optional kernel-headers-2.4.27-4-386_2.4.27-10sarge6_i386.deb 11a2d541ae4be60fc4ca0b012e040731 11052808 base optional kernel-image-2.4.27-4-386_2.4.27-10sarge6_i386.deb 5eaca507dc75c7dd8a5fea8a98adae17 11964 devel optional kernel-build-2.4.27-4_2.4.27-10sarge6_i386.deb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (GNU/Linux) iD8DBQFHvNGghuANDBmkLRkRAh4LAJ9dEDPVX0vr1xbfTaNWSjtiilCt9gCfQCYQ RP4j7KLPed/HH+35pL16vsM= =q9VF -----END PGP SIGNATURE----- Accepted: kernel-build-2.4.27-4_2.4.27-10sarge6_i386.deb to pool/main/k/kernel-image-2.4.27-i386/kernel-build-2.4.27-4_2.4.27-10sarge6_i386.deb kernel-headers-2.4.27-4-386_2.4.27-10sarge6_i386.deb to pool/main/k/kernel-image-2.4.27-i386/kernel-headers-2.4.27-4-386_2.4.27-10sarge6_i386.deb kernel-headers-2.4.27-4-586tsc_2.4.27-10sarge6_i386.deb to pool/main/k/kernel-image-2.4.27-i386/kernel-headers-2.4.27-4-586tsc_2.4.27-10sarge6_i386.deb kernel-headers-2.4.27-4-686-smp_2.4.27-10sarge6_i386.deb to pool/main/k/kernel-image-2.4.27-i386/kernel-headers-2.4.27-4-686-smp_2.4.27-10sarge6_i386.deb kernel-headers-2.4.27-4-686_2.4.27-10sarge6_i386.deb to pool/main/k/kernel-image-2.4.27-i386/kernel-headers-2.4.27-4-686_2.4.27-10sarge6_i386.deb kernel-headers-2.4.27-4-k6_2.4.27-10sarge6_i386.deb to pool/main/k/kernel-image-2.4.27-i386/kernel-headers-2.4.27-4-k6_2.4.27-10sarge6_i386.deb kernel-headers-2.4.27-4-k7-smp_2.4.27-10sarge6_i386.deb to pool/main/k/kernel-image-2.4.27-i386/kernel-headers-2.4.27-4-k7-smp_2.4.27-10sarge6_i386.deb kernel-headers-2.4.27-4-k7_2.4.27-10sarge6_i386.deb to pool/main/k/kernel-image-2.4.27-i386/kernel-headers-2.4.27-4-k7_2.4.27-10sarge6_i386.deb kernel-headers-2.4.27-4_2.4.27-10sarge6_i386.deb to pool/main/k/kernel-image-2.4.27-i386/kernel-headers-2.4.27-4_2.4.27-10sarge6_i386.deb kernel-image-2.4.27-4-386_2.4.27-10sarge6_i386.deb to pool/main/k/kernel-image-2.4.27-i386/kernel-image-2.4.27-4-386_2.4.27-10sarge6_i386.deb kernel-image-2.4.27-4-586tsc_2.4.27-10sarge6_i386.deb to pool/main/k/kernel-image-2.4.27-i386/kernel-image-2.4.27-4-586tsc_2.4.27-10sarge6_i386.deb kernel-image-2.4.27-4-686-smp_2.4.27-10sarge6_i386.deb to pool/main/k/kernel-image-2.4.27-i386/kernel-image-2.4.27-4-686-smp_2.4.27-10sarge6_i386.deb kernel-image-2.4.27-4-686_2.4.27-10sarge6_i386.deb to pool/main/k/kernel-image-2.4.27-i386/kernel-image-2.4.27-4-686_2.4.27-10sarge6_i386.deb kernel-image-2.4.27-4-k6_2.4.27-10sarge6_i386.deb to pool/main/k/kernel-image-2.4.27-i386/kernel-image-2.4.27-4-k6_2.4.27-10sarge6_i386.deb kernel-image-2.4.27-4-k7-smp_2.4.27-10sarge6_i386.deb to pool/main/k/kernel-image-2.4.27-i386/kernel-image-2.4.27-4-k7-smp_2.4.27-10sarge6_i386.deb kernel-image-2.4.27-4-k7_2.4.27-10sarge6_i386.deb to pool/main/k/kernel-image-2.4.27-i386/kernel-image-2.4.27-4-k7_2.4.27-10sarge6_i386.deb kernel-image-2.4.27-i386_2.4.27-10sarge6.dsc to pool/main/k/kernel-image-2.4.27-i386/kernel-image-2.4.27-i386_2.4.27-10sarge6.dsc kernel-image-2.4.27-i386_2.4.27-10sarge6.tar.gz to pool/main/k/kernel-image-2.4.27-i386/kernel-image-2.4.27-i386_2.4.27-10sarge6.tar.gz kernel-pcmcia-modules-2.4.27-4-386_2.4.27-10sarge6_i386.deb to pool/main/k/kernel-image-2.4.27-i386/kernel-pcmcia-modules-2.4.27-4-386_2.4.27-10sarge6_i386.deb kernel-pcmcia-modules-2.4.27-4-586tsc_2.4.27-10sarge6_i386.deb to pool/main/k/kernel-image-2.4.27-i386/kernel-pcmcia-modules-2.4.27-4-586tsc_2.4.27-10sarge6_i386.deb kernel-pcmcia-modules-2.4.27-4-686-smp_2.4.27-10sarge6_i386.deb to pool/main/k/kernel-image-2.4.27-i386/kernel-pcmcia-modules-2.4.27-4-686-smp_2.4.27-10sarge6_i386.deb kernel-pcmcia-modules-2.4.27-4-686_2.4.27-10sarge6_i386.deb to pool/main/k/kernel-image-2.4.27-i386/kernel-pcmcia-modules-2.4.27-4-686_2.4.27-10sarge6_i386.deb kernel-pcmcia-modules-2.4.27-4-k6_2.4.27-10sarge6_i386.deb to pool/main/k/kernel-image-2.4.27-i386/kernel-pcmcia-modules-2.4.27-4-k6_2.4.27-10sarge6_i386.deb kernel-pcmcia-modules-2.4.27-4-k7-smp_2.4.27-10sarge6_i386.deb to pool/main/k/kernel-image-2.4.27-i386/kernel-pcmcia-modules-2.4.27-4-k7-smp_2.4.27-10sarge6_i386.deb kernel-pcmcia-modules-2.4.27-4-k7_2.4.27-10sarge6_i386.deb to pool/main/k/kernel-image-2.4.27-i386/kernel-pcmcia-modules-2.4.27-4-k7_2.4.27-10sarge6_i386.deb