-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.7
Date: Tue, 19 Feb 2008 20:46:31 -0700
Source: kernel-image-2.6.8-alpha
Binary: kernel-headers-2.6.8-4 kernel-image-2.6.8-4-smp kernel-headers-2.6.8-4-smp kernel-image-2.6.8-4-generic kernel-headers-2.6.8-4-generic
Architecture: source alpha
Version: 2.6.8-17sarge1
Distribution: oldstable-security
Urgency: high
Maintainer: Debian Kernel Team <debian-kernel@lists.debian.org>
Changed-By: dann frazier <dannf@debian.org>
Description:
kernel-headers-2.6.8-4 - Header files related to Linux kernel version 2.6.8
kernel-headers-2.6.8-4-generic - Linux kernel headers 2.6.8 on Alpha
kernel-headers-2.6.8-4-smp - Linux kernel headers 2.6.8 on Alpha SMP
kernel-image-2.6.8-4-generic - Linux kernel image for version 2.6.8 on Alpha.
kernel-image-2.6.8-4-smp - Linux kernel image for version 2.6.8 on Alpha SMP.
Changes:
kernel-image-2.6.8-alpha (2.6.8-17sarge1) oldstable-security; urgency=high
.
* Rebuild against kernel-tree-2.6.8-17sarge1
* compat_sys_mount-NULL-data_page.dpatch
[SECURITY] Fix oops in compat_sys_mount triggered by NULL data_page
See CVE-2006-7203
* pppoe-socket-release-mem-leak.dpatch
[SECURITY] fix unpriveleged memory leak when a PPPoE socket is released
after connect but before PPPIOCGCHAN ioctl is called upon it
See CVE-2007-2525
* dn_fib-out-of-bounds.dpatch, ipv4-fib_props-out-of-bounds.dpatch
[SECURITY] Fix out of bounds condition in dn_fib_props[]
See CVE-2007-2172
* aacraid-ioctl-perm-check.dpatch
[SECURITY] Require admin capabilities to issue ioctls to aacraid devices
See CVE-2007-4308
* reset-pdeathsig-on-suid.dpatch
[SECURITY] Fix potential privilege escalation caused by improper
clearing of the child process' pdeath signal.
See CVE-2007-3848
* bluetooth-l2cap-hci-info-leaks.dpatch
[SECURITY] Fix information leaks in setsockopt() implementations
See CVE-2007-1353
* coredump-only-to-same-uid.dpatch
[SECURITY] Fix an issue where core dumping over a file that
already exists retains the ownership of the original file
See CVE-2007-6206
* i4l-isdn_ioctl-mem-overrun.dpatch
[SECURITY] Fix potential isdn ioctl memory overrun
See CVE-2007-6151
* cramfs-check-block-length.dpatch
[SECURITY] Add a sanity check of the block length in cramfs_readpage to
avoid a potential oops condition
See CVE-2006-5823
* ext2-skip-pages-past-num-blocks.dpatch
[SECURITY] Add some sanity checking for a corrupted i_size in
ext2_find_entry()
See CVE-2006-6054
* minixfs-printk-hang.dpatch
[SECURITY] Rate-limit printks caused by accessing a corrupted minixfs
filesystem that would otherwise cause a system to hang (printk storm)
See CVE-2006-6058
* isdn-net-overflow.dpatch
[SECURITY] Fix potential overflows in the ISDN subsystem
See CVE-2007-6063
* prevent-stack-growth-into-hugetlb-region.dpatch
[SECURITY] Prevent OOPS during stack expansion when the VMA crosses
into address space reserved for hugetlb pages.
See CVE-2007-3739
* cifs-honor-umask.dpatch
[SECURITY] Make CIFS honor a process' umask
See CVE-2007-3740
* hugetlb-prio_tree-unit-fix.dpatch
[SECURITY] Fix misconversion of hugetlb_vmtruncate_list to prio_tree
which could be used to trigger a BUG_ON() call in exit_mmap.
See CVE-2007-4133
* amd64-zero-extend-32bit-ptrace.dpatch
[SECURITY] Zero extend all registers after ptrace in 32-bit entry path.
See CVE-2007-4573
* usb-pwc-disconnect-block.dpatch
[SECURITY] Fix issue with unplugging webcams that use the pwc driver.
If userspace still has the device open it can result, the driver would
wait for the device to close, blocking the USB subsystem.
See CVE-2007-5093
* powerpc-chrp-null-deref.dpatch
[SECURITY][powerpc] Fix NULL pointer dereference if get_property
fails on the subarchitecture
See CVE-2007-6694
* random-bound-check-ordering.dpatch
[SECURITY] Fix stack-based buffer overflow in the random number
generator
See CVE-2007-3105
* mmap-VM_DONTEXPAND.dpatch
[SECURITY] Add VM_DONTEXPAND to vm_flags in drivers that register
a fault handler but do not bounds check the offset argument
See CVE-2008-0007
Files:
e12f4f68ee249f53bab5b4752d6b2795 812 devel optional kernel-image-2.6.8-alpha_2.6.8-17sarge1.dsc
4e68e046835cd0dce3ba2dc096f21924 44625 devel optional kernel-image-2.6.8-alpha_2.6.8-17sarge1.tar.gz
6f857f2bc6f2f0d5a94a98ae814c4e87 2765374 devel optional kernel-headers-2.6.8-4_2.6.8-17sarge1_alpha.deb
0f789080227336bd274f4ddacc4a749b 232626 devel optional kernel-headers-2.6.8-4-smp_2.6.8-17sarge1_alpha.deb
e0a3941fdaa513458f54b78e5b3ebd41 20094120 base optional kernel-image-2.6.8-4-smp_2.6.8-17sarge1_alpha.deb
8dd62b8c39cceeedd5efaa4b2eee4582 238146 devel optional kernel-headers-2.6.8-4-generic_2.6.8-17sarge1_alpha.deb
0944d9b857e2383f2748fab122de3a5d 20242970 base optional kernel-image-2.6.8-4-generic_2.6.8-17sarge1_alpha.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
iD8DBQFHvNZahuANDBmkLRkRApk0AJ9Hmm3hgzv/ceUfTJcAA7erqtiQFgCfQMa0
rFeYE2uWTo5aG7VYnW8c+W0=
=a7+Z
-----END PGP SIGNATURE-----
Accepted:
kernel-headers-2.6.8-4-generic_2.6.8-17sarge1_alpha.deb
to pool/main/k/kernel-image-2.6.8-alpha/kernel-headers-2.6.8-4-generic_2.6.8-17sarge1_alpha.deb
kernel-headers-2.6.8-4-smp_2.6.8-17sarge1_alpha.deb
to pool/main/k/kernel-image-2.6.8-alpha/kernel-headers-2.6.8-4-smp_2.6.8-17sarge1_alpha.deb
kernel-headers-2.6.8-4_2.6.8-17sarge1_alpha.deb
to pool/main/k/kernel-image-2.6.8-alpha/kernel-headers-2.6.8-4_2.6.8-17sarge1_alpha.deb
kernel-image-2.6.8-4-generic_2.6.8-17sarge1_alpha.deb
to pool/main/k/kernel-image-2.6.8-alpha/kernel-image-2.6.8-4-generic_2.6.8-17sarge1_alpha.deb
kernel-image-2.6.8-4-smp_2.6.8-17sarge1_alpha.deb
to pool/main/k/kernel-image-2.6.8-alpha/kernel-image-2.6.8-4-smp_2.6.8-17sarge1_alpha.deb
kernel-image-2.6.8-alpha_2.6.8-17sarge1.dsc
to pool/main/k/kernel-image-2.6.8-alpha/kernel-image-2.6.8-alpha_2.6.8-17sarge1.dsc
kernel-image-2.6.8-alpha_2.6.8-17sarge1.tar.gz
to pool/main/k/kernel-image-2.6.8-alpha/kernel-image-2.6.8-alpha_2.6.8-17sarge1.tar.gz
