-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Format: 1.7 Date: Wed, 13 Sep 2006 20:21:24 -0600 Source: kernel-image-2.4.27-m68k Binary: kernel-image-2.4.27-sun3 kernel-image-2.4.27-atari kernel-image-2.4.27-q40 kernel-image-2.4.27-sun3x kernel-image-2.4.27-amiga kernel-image-2.4.27-mvme16x kernel-image-2.4.27-mac kernel-image-2.4.27-mvme147 kernel-image-2.4.27-bvme6000 Architecture: source m68k Version: 2.4.27-3sarge4 Distribution: stable-security Urgency: high Maintainer: Christian T. Steigies <cts@debian.org> Changed-By: dann frazier <dannf@debian.org> Description: kernel-image-2.4.27-amiga - Linux kernel image for Amiga computers kernel-image-2.4.27-atari - Linux kernel image for Atari computers kernel-image-2.4.27-bvme6000 - Linux kernel image for BVM BVME4000 and BVME6000 SBCs. kernel-image-2.4.27-mac - Linux kernel image for Macintosh computers kernel-image-2.4.27-mvme147 - Linux kernel image for Motorola MVME147 SBCs. kernel-image-2.4.27-mvme16x - Linux kernel image for Motorola MVME162/6/7, MVME172/7 SBCs. kernel-image-2.4.27-q40 - Linux kernel image for Q40 and Q60 computers Changes: kernel-image-2.4.27-m68k (2.4.27-3sarge4) stable-security; urgency=high . * Build against kernel-tree-2.4.27-10sarge4: * [ERRATA] 213_madvise_remove-restrict.diff [SECURITY] The 2.4.27-10sarge3 changelog associated this patch with CVE-2006-1524. However, this patch fixes an mprotect issue that was split off from the original report into CVE-2006-2071. 2.4.27 is not vulnerable to CVE-2006-1524 the madvise_remove issue. See CVE-2006-2071 * 223_nfs-handle-long-symlinks.diff [SECURITY] Fix buffer overflow in NFS readline handling that allows a remote server to cause a denial of service (crash) via a long symlink See CVE-2005-4798 * 224_cdrom-bad-cgc.buflen-assign.diff [SECURITY] Fix buffer overflow in dvd_read_bca which could potentially be used by a local user to trigger a buffer overflow via a specially crafted DVD, USB stick, or similar automatically mounted device. See CVE-2006-2935 * 225_sg-no-mmap-VM_IO.diff [SECURITY] Fix DoS vulnerability whereby a local user could attempt a dio/mmap and cause the sg driver to oops. See CVE-2006-1528 * 226_snmp-nat-mem-corruption-fix.diff [SECURITY] Fix memory corruption in snmp_trap_decode See CVE-2006-2444 * 227_kfree_skb.diff [SECURITY] Fix race between kfree_skb and __skb_unlink See CVE-2006-2446 * 228_sparc-mb-extraneous-semicolons.diff Fix a syntax error caused by extranous semicolons in smp_mb() macros which resulted in a build failure with 227_kfree_skb.diff * 229_sctp-priv-elevation.diff, 230_sctp-priv-elevation-2.diff [SECURITY] Fix SCTP privelege escalation See CVE-2006-3745 * 231_udf-deadlock.diff [SECURITY] Fix possible UDF deadlock and memory corruption See CVE-2006-4145 * 232_sparc-membar-extraneous-semicolons.diff Fix an additional syntax error caused by extraneous semicolons in membar macros on sparc Files: 43ed0b4fa60018a09b7b5dc9df3f7079 876 devel optional kernel-image-2.4.27-m68k_2.4.27-3sarge4.dsc a24fa72798951290096a5946be320b1c 12396 devel optional kernel-image-2.4.27-m68k_2.4.27-3sarge4.tar.gz 6f4a895ce13d72b0012e4c20e29d0b1d 2641912 base optional kernel-image-2.4.27-amiga_2.4.27-3sarge4_m68k.deb 4f6d92555461e4516f33240ffbeaa0bc 2545082 base optional kernel-image-2.4.27-atari_2.4.27-3sarge4_m68k.deb ecb64193223ba0a1921bada3b108bd0d 2396292 base optional kernel-image-2.4.27-bvme6000_2.4.27-3sarge4_m68k.deb 9ced9b8f0291c9805b4030953fc4af29 2478100 base optional kernel-image-2.4.27-mac_2.4.27-3sarge4_m68k.deb f465bf68703f087c24ed94a25a009b94 2325564 base optional kernel-image-2.4.27-mvme147_2.4.27-3sarge4_m68k.deb 88f45b3a8ea54a1cd0a88754fa3ed325 2396996 base optional kernel-image-2.4.27-mvme16x_2.4.27-3sarge4_m68k.deb aeb89e3e22cb2e10da5be7eeb6d673d7 2262170 base optional kernel-image-2.4.27-q40_2.4.27-3sarge4_m68k.deb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.5 (GNU/Linux) iD8DBQFFDa/KhuANDBmkLRkRAp+jAKCRkzYhyeQ/xLSvAcG/fCGsej2iawCfVIyF fWDiKEJciq2DZLgC/yxfZ+8= =LKoz -----END PGP SIGNATURE----- Accepted: kernel-image-2.4.27-amiga_2.4.27-3sarge4_m68k.deb to pool/main/k/kernel-image-2.4.27-m68k/kernel-image-2.4.27-amiga_2.4.27-3sarge4_m68k.deb kernel-image-2.4.27-atari_2.4.27-3sarge4_m68k.deb to pool/main/k/kernel-image-2.4.27-m68k/kernel-image-2.4.27-atari_2.4.27-3sarge4_m68k.deb kernel-image-2.4.27-bvme6000_2.4.27-3sarge4_m68k.deb to pool/main/k/kernel-image-2.4.27-m68k/kernel-image-2.4.27-bvme6000_2.4.27-3sarge4_m68k.deb kernel-image-2.4.27-m68k_2.4.27-3sarge4.dsc to pool/main/k/kernel-image-2.4.27-m68k/kernel-image-2.4.27-m68k_2.4.27-3sarge4.dsc kernel-image-2.4.27-m68k_2.4.27-3sarge4.tar.gz to pool/main/k/kernel-image-2.4.27-m68k/kernel-image-2.4.27-m68k_2.4.27-3sarge4.tar.gz kernel-image-2.4.27-mac_2.4.27-3sarge4_m68k.deb to pool/main/k/kernel-image-2.4.27-m68k/kernel-image-2.4.27-mac_2.4.27-3sarge4_m68k.deb kernel-image-2.4.27-mvme147_2.4.27-3sarge4_m68k.deb to pool/main/k/kernel-image-2.4.27-m68k/kernel-image-2.4.27-mvme147_2.4.27-3sarge4_m68k.deb kernel-image-2.4.27-mvme16x_2.4.27-3sarge4_m68k.deb to pool/main/k/kernel-image-2.4.27-m68k/kernel-image-2.4.27-mvme16x_2.4.27-3sarge4_m68k.deb kernel-image-2.4.27-q40_2.4.27-3sarge4_m68k.deb to pool/main/k/kernel-image-2.4.27-m68k/kernel-image-2.4.27-q40_2.4.27-3sarge4_m68k.deb