-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.7
Date: Sun, 17 Feb 2008 23:25:35 -0700
Source: kernel-image-2.4.27-ia64
Binary: kernel-image-2.4-mckinley-smp kernel-headers-2.4.27-4-mckinley-smp kernel-headers-2.4.27-4-itanium-smp kernel-image-2.4-itanium kernel-image-2.4.27-4-itanium kernel-headers-2.4.27-4-mckinley kernel-headers-2.4.27-4-itanium kernel-headers-2.4.27-4 kernel-image-2.4.27-4-mckinley-smp kernel-image-2.4.27-4-mckinley kernel-image-2.4-itanium-smp kernel-image-2.4-mckinley kernel-image-2.4.27-4-itanium-smp kernel-build-2.4.27-4
Architecture: source ia64
Version: 2.4.27-10sarge6
Distribution: oldstable-security
Urgency: high
Maintainer: Debian Kernel Team <debian-kernel@lists.debian.org>
Changed-By: dann frazier <dannf@debian.org>
Description:
kernel-build-2.4.27-4 - Headers for building modules for Linux 2.4.27
kernel-headers-2.4.27-4 - Header files related to Linux kernel version 2.4.27
kernel-headers-2.4.27-4-itanium - Linux kernel headers 2.4.27 on ia64
kernel-headers-2.4.27-4-itanium-smp - Linux kernel headers 2.4.27 on Itanium SMP
kernel-headers-2.4.27-4-mckinley - Linux kernel headers 2.4.27 on ia64
kernel-headers-2.4.27-4-mckinley-smp - Linux kernel headers 2.4.27 on Itanium II SMP
kernel-image-2.4-itanium - Linux kernel image for version 2.4 on Itanium
kernel-image-2.4-itanium-smp - Linux kernel image for version 2.4 on Itanium SMP
kernel-image-2.4-mckinley - Linux kernel image for version 2.4 on Itanium II
kernel-image-2.4-mckinley-smp - Linux kernel image for version 2.4 on Itanium II SMP
kernel-image-2.4.27-4-itanium - Linux kernel image for version 2.4.27 on Itanium
kernel-image-2.4.27-4-itanium-smp - Linux kernel image for version 2.4.27 on Itanium SMP
kernel-image-2.4.27-4-mckinley - Linux kernel image for version 2.4.27 on Itanium II
kernel-image-2.4.27-4-mckinley-smp - Linux kernel image for version 2.4.27 on Itanium II SMP
Changes:
kernel-image-2.4.27-ia64 (2.4.27-10sarge6) oldstable-security; urgency=high
.
* Build against kernel-tree-2.4.27-10sarge6:
* 239_mincore-hang.diff
[SECURITY] Fix a potential deadlock in mincore
See CVE-2006-4814
* [ERRATA] 240_smbfs-honor-mount-opts-2.diff
Fix some regressions with respect to file types (e.g., symlinks)
introduced by the fix for CVE-2006-5871 in 2.4.27-10sarge5
* 241_bluetooth-capi-size-checks.diff
[SECURITY] Add additional length checks to avoid potential remote
DoS attacks in the handling of CAPI messages in the bluetooth driver
See CVE-2006-6106
* 242_ext3-fsfuzz.diff
[SECURITY] Fix a DoS vulnerability that can be triggered by a local
user with the ability to mount a corrupted ext3 filesystem
See CVE-2006-6053
* 243_ipv6_fl_socklist-no-share.diff
[SECURITY] Fix local DoS vulnerability caused by inadvertently sharing
ipv6_fl_socklist between the listening socket and the socket created
for connection.
See CVE-2007-1592
* 244_bluetooth-l2cap-hci-info-leaks.diff
245_bluetooth-l2cap-hci-info-leaks-2.diff
[SECURITY] Fix information leaks in setsockopt() implementations
See CVE-2007-1353
* 246_dn_fib-out-of-bounds.diff
266_ipv4-fib_props-out-of-bounds.diff
267_ipv4-fib_props-out-of-bounds-2.diff
[SECURITY] Fix out of bounds condition in dn_fib_props[]
See CVE-2007-2172
* 247_reset-pdeathsig-on-suid.diff
[SECURITY] Fix potential privilege escalation caused by improper
clearing of the child process' pdeath signal.
Thanks to Marcel Holtmann for the patch.
See CVE-2007-3848
* 248_random-reseed-sizeof-fix.diff
[SECURITY] Fix a bug in the random driver reseeding code that reduces
entropy by reseeding a smaller buffer size than expected
See CVE-2007-4311
* 249_openpromfs-signedness-bug.diff
250_openpromfs-checks-1.diff
251_openpromfs-checks-2.diff
252_openpromfs-checks-3.diff
[SECURITY] Fix a number of data checks in openprom code
See CVE-2004-2731
* 253_coredump-only-to-same-uid.diff
[SECURITY] Fix an issue where core dumping over a file that
already exists retains the ownership of the original file
See CVE-2007-6206
* 254_cramfs-check-block-length.diff
[SECURITY] Add a sanity check of the block length in cramfs_readpage to
avoid a potential oops condition
See CVE-2006-5823
* 255_pppoe-socket-release-mem-leak.diff
[SECURITY] fix unpriveleged memory leak when a PPPoE socket is released
after connect but before PPPIOCGCHAN ioctl is called upon it
See CVE-2007-2525
* 256_i4l-isdn_ioctl-mem-overrun.diff
[SECURITY] Fix potential isdn ioctl memory overrun
See CVE-2007-6151
* 257_isdn-net-overflow.diff
[SECURITY] Fix potential overflows in the ISDN subsystem
See CVE-2007-6063
* 258_ext2_readdir-f_pos-fix.diff,
259_ext2_readdir-infinite-loop.diff,
260_ext2-skip-pages-past-num-blocks.diff
[SECURITY] Add some sanity checking for a corrupted i_size in
ext2_find_entry()
See CVE-2006-6054
* 261_listxattr-mem-corruption.diff
[SECURITY] Fix userspace corruption vulnerability caused by
incorrectly promoted return values in bad_inode_ops
This patches changes the kernel ABI.
See CVE-2006-5753
* 262_aacraid-ioctl-perm-check.diff
[SECURITY] Require admin capabilities to issue ioctls to aacraid devices
See CVE-2007-4308
* 263_usb-pwc-disconnect-block.diff
[SECURITY] Fix issue with unplugging webcams that use the pwc driver.
If userspace still has the device open it can result, the driver would
wait for the device to close, blocking the USB subsystem.
See CVE-2007-5093
* 264_mmap-VM_DONTEXPAND.diff
[SECURITY] Add VM_DONTEXPAND to vm_flags in drivers that register
a fault handler but do not bounds check the offset argument
See CVE-2008-0007
* 265_powerpc-chrp-null-deref.diff
[SECURITY][powerpc] Fix NULL pointer dereference if get_property
fails on the subarchitecture
See CVE-2007-6694
* ABI changing update, increment ABI number to 4. If you don't understand
what this means, see http://wiki.debian.org/DebianKernelABIChanges
Files:
1434f7f54c70afe26043692c12537e57 1143 devel optional kernel-image-2.4.27-ia64_2.4.27-10sarge6.dsc
4e1252ccc54094413af132b1e509c78a 57143 devel optional kernel-image-2.4.27-ia64_2.4.27-10sarge6.tar.gz
59ddcd5f8c89ceae7140b501cf215fa8 4762160 devel optional kernel-headers-2.4.27-4_2.4.27-10sarge6_ia64.deb
1798dbe17258645061927e62084de5eb 8762 base optional kernel-image-2.4-itanium-smp_2.4.27-10sarge6_ia64.deb
794bce10f1d65a28defc12609330a563 245076 devel optional kernel-headers-2.4.27-4-itanium-smp_2.4.27-10sarge6_ia64.deb
c6b9372d496ca07bc3b67be07ebba31b 17044112 base optional kernel-image-2.4.27-4-itanium-smp_2.4.27-10sarge6_ia64.deb
90ee1b2e9043eb5c304e341e4341f307 8784 base optional kernel-image-2.4-mckinley-smp_2.4.27-10sarge6_ia64.deb
d697c585822843bf50471b6e8d21242e 245194 devel optional kernel-headers-2.4.27-4-mckinley-smp_2.4.27-10sarge6_ia64.deb
ac671a15b2e59ab7e740fba0a275fdeb 16989836 base optional kernel-image-2.4.27-4-mckinley-smp_2.4.27-10sarge6_ia64.deb
d80a7c62442813fb1e25bfee7f1f48b7 8744 base optional kernel-image-2.4-itanium_2.4.27-10sarge6_ia64.deb
e992f7a9972a853416b9d661b9b1ed27 244176 devel optional kernel-headers-2.4.27-4-itanium_2.4.27-10sarge6_ia64.deb
4a0aad4af20efe7b377632b2fa1ecac7 16682160 base optional kernel-image-2.4.27-4-itanium_2.4.27-10sarge6_ia64.deb
c8b8a58a500877b95d05baca618b177c 8774 base optional kernel-image-2.4-mckinley_2.4.27-10sarge6_ia64.deb
97772e1967c86e1049a31bc3945d55bc 244174 devel optional kernel-headers-2.4.27-4-mckinley_2.4.27-10sarge6_ia64.deb
a9d4e077e6988de487f454462be71b29 16635868 base optional kernel-image-2.4.27-4-mckinley_2.4.27-10sarge6_ia64.deb
811a0f52aaf2699fcf5ce0b1f1a0bdbd 8980 devel optional kernel-build-2.4.27-4_2.4.27-10sarge6_ia64.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
iD8DBQFHvNI5huANDBmkLRkRAvByAKCSSv4aeZlgEqG62Co8q7n/uPUZpgCfSY5g
BN47tJ7qswQzoKAJavYw110=
=wrdS
-----END PGP SIGNATURE-----
Accepted:
kernel-build-2.4.27-4_2.4.27-10sarge6_ia64.deb
to pool/main/k/kernel-image-2.4.27-ia64/kernel-build-2.4.27-4_2.4.27-10sarge6_ia64.deb
kernel-headers-2.4.27-4-itanium-smp_2.4.27-10sarge6_ia64.deb
to pool/main/k/kernel-image-2.4.27-ia64/kernel-headers-2.4.27-4-itanium-smp_2.4.27-10sarge6_ia64.deb
kernel-headers-2.4.27-4-itanium_2.4.27-10sarge6_ia64.deb
to pool/main/k/kernel-image-2.4.27-ia64/kernel-headers-2.4.27-4-itanium_2.4.27-10sarge6_ia64.deb
kernel-headers-2.4.27-4-mckinley-smp_2.4.27-10sarge6_ia64.deb
to pool/main/k/kernel-image-2.4.27-ia64/kernel-headers-2.4.27-4-mckinley-smp_2.4.27-10sarge6_ia64.deb
kernel-headers-2.4.27-4-mckinley_2.4.27-10sarge6_ia64.deb
to pool/main/k/kernel-image-2.4.27-ia64/kernel-headers-2.4.27-4-mckinley_2.4.27-10sarge6_ia64.deb
kernel-headers-2.4.27-4_2.4.27-10sarge6_ia64.deb
to pool/main/k/kernel-image-2.4.27-ia64/kernel-headers-2.4.27-4_2.4.27-10sarge6_ia64.deb
kernel-image-2.4-itanium-smp_2.4.27-10sarge6_ia64.deb
to pool/main/k/kernel-image-2.4.27-ia64/kernel-image-2.4-itanium-smp_2.4.27-10sarge6_ia64.deb
kernel-image-2.4-itanium_2.4.27-10sarge6_ia64.deb
to pool/main/k/kernel-image-2.4.27-ia64/kernel-image-2.4-itanium_2.4.27-10sarge6_ia64.deb
kernel-image-2.4-mckinley-smp_2.4.27-10sarge6_ia64.deb
to pool/main/k/kernel-image-2.4.27-ia64/kernel-image-2.4-mckinley-smp_2.4.27-10sarge6_ia64.deb
kernel-image-2.4-mckinley_2.4.27-10sarge6_ia64.deb
to pool/main/k/kernel-image-2.4.27-ia64/kernel-image-2.4-mckinley_2.4.27-10sarge6_ia64.deb
kernel-image-2.4.27-4-itanium-smp_2.4.27-10sarge6_ia64.deb
to pool/main/k/kernel-image-2.4.27-ia64/kernel-image-2.4.27-4-itanium-smp_2.4.27-10sarge6_ia64.deb
kernel-image-2.4.27-4-itanium_2.4.27-10sarge6_ia64.deb
to pool/main/k/kernel-image-2.4.27-ia64/kernel-image-2.4.27-4-itanium_2.4.27-10sarge6_ia64.deb
kernel-image-2.4.27-4-mckinley-smp_2.4.27-10sarge6_ia64.deb
to pool/main/k/kernel-image-2.4.27-ia64/kernel-image-2.4.27-4-mckinley-smp_2.4.27-10sarge6_ia64.deb
kernel-image-2.4.27-4-mckinley_2.4.27-10sarge6_ia64.deb
to pool/main/k/kernel-image-2.4.27-ia64/kernel-image-2.4.27-4-mckinley_2.4.27-10sarge6_ia64.deb
kernel-image-2.4.27-ia64_2.4.27-10sarge6.dsc
to pool/main/k/kernel-image-2.4.27-ia64/kernel-image-2.4.27-ia64_2.4.27-10sarge6.dsc
kernel-image-2.4.27-ia64_2.4.27-10sarge6.tar.gz
to pool/main/k/kernel-image-2.4.27-ia64/kernel-image-2.4.27-ia64_2.4.27-10sarge6.tar.gz
