-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Format: 1.7 Date: Tue, 5 Sep 2006 00:24:23 -0600 Source: kernel-image-2.4.27-s390 Binary: kernel-image-2.4.27-3-s390 kernel-image-2.4.27-3-s390x kernel-headers-2.4.27-3 kernel-image-2.4.27-3-s390-tape Architecture: source s390 Version: 2.4.27-2sarge4 Distribution: stable-security Urgency: high Maintainer: Debian S/390 Team <debian-s390@lists.debian.org> Changed-By: dann frazier <dannf@debian.org> Description: kernel-headers-2.4.27-3 - Header files related to Linux kernel version 2.4.27 on IBM S/390 kernel-image-2.4.27-3-s390 - Linux kernel image for kernel version 2.4.21 on IBM S/390 kernel-image-2.4.27-3-s390-tape - Linux kernel image for kernel version 2.4.27 on IBM S/390 kernel-image-2.4.27-3-s390x - Linux kernel image for kernel version 2.4.27 on IBM zSeries. Changes: kernel-image-2.4.27-s390 (2.4.27-2sarge4) stable-security; urgency=high . * Build against kernel-tree-2.4.27-10sarge4: * [ERRATA] 213_madvise_remove-restrict.diff [SECURITY] The 2.4.27-10sarge3 changelog associated this patch with CVE-2006-1524. However, this patch fixes an mprotect issue that was split off from the original report into CVE-2006-2071. 2.4.27 is not vulnerable to CVE-2006-1524 the madvise_remove issue. See CVE-2006-2071 * 223_nfs-handle-long-symlinks.diff [SECURITY] Fix buffer overflow in NFS readline handling that allows a remote server to cause a denial of service (crash) via a long symlink See CVE-2005-4798 * 224_cdrom-bad-cgc.buflen-assign.diff [SECURITY] Fix buffer overflow in dvd_read_bca which could potentially be used by a local user to trigger a buffer overflow via a specially crafted DVD, USB stick, or similar automatically mounted device. See CVE-2006-2935 * 225_sg-no-mmap-VM_IO.diff [SECURITY] Fix DoS vulnerability whereby a local user could attempt a dio/mmap and cause the sg driver to oops. See CVE-2006-1528 * 226_snmp-nat-mem-corruption-fix.diff [SECURITY] Fix memory corruption in snmp_trap_decode See CVE-2006-2444 * 227_kfree_skb.diff [SECURITY] Fix race between kfree_skb and __skb_unlink See CVE-2006-2446 * 228_sparc-mb-extraneous-semicolons.diff Fix a syntax error caused by extranous semicolons in smp_mb() macros which resulted in a build failure with 227_kfree_skb.diff * 229_sctp-priv-elevation.diff, 230_sctp-priv-elevation-2.diff [SECURITY] Fix SCTP privelege escalation See CVE-2006-3745 * 231_udf-deadlock.diff [SECURITY] Fix possible UDF deadlock and memory corruption See CVE-2006-4145 * 232_sparc-membar-extraneous-semicolons.diff Fix an additional syntax error caused by extraneous semicolons in membar macros on sparc Files: 97bd5affa5f2a14c517d3a9a5d0e9e0b 832 devel optional kernel-image-2.4.27-s390_2.4.27-2sarge4.dsc 0e1a0b39d5e5546bc07c4228ee4f615b 10148 devel optional kernel-image-2.4.27-s390_2.4.27-2sarge4.tar.gz 41c6473b350b47b4652df8c3ec194647 2973100 base optional kernel-image-2.4.27-3-s390x_2.4.27-2sarge4_s390.deb 1507d4fa17cf60c0a618a3c1bb47cf88 4579242 devel optional kernel-headers-2.4.27-3_2.4.27-2sarge4_s390.deb 81c27854e61828072cde83feeb6114c2 2780816 base optional kernel-image-2.4.27-3-s390_2.4.27-2sarge4_s390.deb 29e81e95c729baa1e4068d048160e9f6 995236 base extra kernel-image-2.4.27-3-s390-tape_2.4.27-2sarge4_s390.deb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.5 (GNU/Linux) iD8DBQFFDupNhuANDBmkLRkRAug1AJ9cpU8VfYQrjmw21c8B9Uo30jVgFACffUJm oqpJBjWSEGcWfemSTti3n08= =dRlQ -----END PGP SIGNATURE----- Accepted: kernel-headers-2.4.27-3_2.4.27-2sarge4_s390.deb to pool/main/k/kernel-image-2.4.27-s390/kernel-headers-2.4.27-3_2.4.27-2sarge4_s390.deb kernel-image-2.4.27-3-s390-tape_2.4.27-2sarge4_s390.deb to pool/main/k/kernel-image-2.4.27-s390/kernel-image-2.4.27-3-s390-tape_2.4.27-2sarge4_s390.deb kernel-image-2.4.27-3-s390_2.4.27-2sarge4_s390.deb to pool/main/k/kernel-image-2.4.27-s390/kernel-image-2.4.27-3-s390_2.4.27-2sarge4_s390.deb kernel-image-2.4.27-3-s390x_2.4.27-2sarge4_s390.deb to pool/main/k/kernel-image-2.4.27-s390/kernel-image-2.4.27-3-s390x_2.4.27-2sarge4_s390.deb kernel-image-2.4.27-s390_2.4.27-2sarge4.dsc to pool/main/k/kernel-image-2.4.27-s390/kernel-image-2.4.27-s390_2.4.27-2sarge4.dsc kernel-image-2.4.27-s390_2.4.27-2sarge4.tar.gz to pool/main/k/kernel-image-2.4.27-s390/kernel-image-2.4.27-s390_2.4.27-2sarge4.tar.gz