Debian Package Tracker

From: dann frazier <dannf@debian.org>
To: <debian-changes@lists.debian.org>
Subject: Accepted kernel-image-2.6.8-amd64 2.6.8-16sarge5 (source i386)
Date: Sat, 28 Oct 2006 08:25:54 -0700
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.7
Date: Mon,  4 Sep 2006 09:54:51 -0600
Source: kernel-image-2.6.8-amd64
Binary: kernel-headers-2.6.8-12-em64t-p4-smp kernel-headers-2.6.8-12-em64t-p4 kernel-headers-2.6.8-12-amd64-k8-smp kernel-image-2.6.8-12-amd64-k8-smp kernel-image-2.6.8-12-amd64-k8 kernel-image-2.6.8-12-em64t-p4 kernel-headers-2.6.8-12 kernel-headers-2.6.8-12-amd64-k8 kernel-image-2.6.8-12-amd64-generic kernel-headers-2.6.8-12-amd64-generic kernel-image-2.6.8-12-em64t-p4-smp
Architecture: source i386
Version: 2.6.8-16sarge5
Distribution: stable-security
Urgency: high
Maintainer: Debian Kernel Team <debian-kernel@lists.debian.org>
Changed-By: dann frazier <dannf@debian.org>
Description: 
 kernel-headers-2.6.8-12 - Header files related to Linux kernel version 2.6.8
 kernel-headers-2.6.8-12-amd64-generic - Linux kernel headers 2.6.8 for generic x86_64 systems
 kernel-headers-2.6.8-12-amd64-k8 - Linux kernel headers for version 2.6.8 on AMD64 systems
 kernel-headers-2.6.8-12-amd64-k8-smp - Linux kernel headers for version 2.6.8 on AMD64 SMP systems
 kernel-headers-2.6.8-12-em64t-p4 - Linux kernel headers for version 2.6.8 on Intel EM64T systems
 kernel-headers-2.6.8-12-em64t-p4-smp - Linux kernel headers for version 2.6.8 on Intel EM64T SMP systems
 kernel-image-2.6.8-12-amd64-generic - Linux kernel image for version 2.6.8 on generic x86_64 systems
 kernel-image-2.6.8-12-amd64-k8 - Linux kernel image for version 2.6.8 on AMD64 systems
 kernel-image-2.6.8-12-amd64-k8-smp - Linux kernel image for version 2.6.8 on AMD64 SMP systems
 kernel-image-2.6.8-12-em64t-p4 - Linux kernel image for version 2.6.8 on Intel EM64T systems
 kernel-image-2.6.8-12-em64t-p4-smp - Linux kernel image for version 2.6.8 on Intel EM64T SMP systems
Changes: 
 kernel-image-2.6.8-amd64 (2.6.8-16sarge5) stable-security; urgency=high
 .
   * Build against kernel-tree-2.6.8-16sarge5:
     * [ERRATA] madvise_remove-restrict.dpatch
       [SECURITY] The 2.6.8-16sarge3 changelog associated this patch with
       CVE-2006-1524. However, this patch fixes an mprotect issue that was
       split off from the original report into CVE-2006-2071. 2.6.8 is not
       vulnerable to CVE-2006-1524 the madvise_remove issue.
       See CVE-2006-2071
     * fs-ext3-bad-nfs-handle.dpatch
       [SECURITY] James McKenzie discovered a Denial of Service vulnerability
       in the NFS driver. When exporting an ext3 file system over NFS, a remote
       attacker could exploit this to trigger a file system panic by sending
       a specially crafted UDP packet.
       See CVE-2006-3468
     * direct-io-write-mem-leak.dpatch
       [SECURITY] Fix memory leak in O_DIRECT write.
       See CVE-2004-2660
     * nfs-handle-long-symlinks.dpatch
       [SECURITY] Fix buffer overflow in NFS readline handling that allows a
       remote server to cause a denial of service (crash) via a long symlink
       See CVE-2005-4798
     * cdrom-bad-cgc.buflen-assign.dpatch
       [SECURITY] Fix buffer overflow in dvd_read_bca which could potentially
       be used by a local user to trigger a buffer overflow via a specially
       crafted DVD, USB stick, or similar automatically mounted device.
       See CVE-2006-2935
     * usb-serial-ftdi_sio-dos.patch
       [SECURITY] fix userspace DoS in ftdi_sio driver
       See CVE-2006-2936
     * selinux-tracer-SID-fix.dpatch
       [SECURITY] Fix vulnerability in selinux_ptrace that prevents local
       users from changing the tracer SID to the SID of another process
       See CVE-2006-1052
     * netfilter-SO_ORIGINAL_DST-leak.dpatch
       [SECURITY] Fix information leak in SO_ORIGINAL_DST
       See CVE-2006-1343
     * sg-no-mmap-VM_IO.dpatch
       [SECURITY] Fix DoS vulnerability whereby a local user could attempt
       a dio/mmap and cause the sg driver to oops.
       See CVE-2006-1528
     * exit-bogus-bugon.dpatch
       [SECURITY] Remove bogus BUG() in exit.c which could be maliciously
       triggered by a local user
       See CVE-2006-1855
     * readv-writev-missing-lsm-check.dpatch,
       readv-writev-missing-lsm-check-compat.dpatch
       [SECURITY] Add missing file_permission callback in readv/writev syscalls
       See CVE-2006-1856
     * snmp-nat-mem-corruption-fix.dpatch
       [SECURITY] Fix memory corruption in snmp_trap_decode
       See CVE-2006-2444
     * kfree_skb-race.dpatch
       [SECURITY] Fix race between kfree_skb and __skb_unlink
       See CVE-2006-2446
     * hppa-mb-extraneous-semicolon.dpatch,
       sparc32-mb-extraneous-semicolons.dpatch,
       sparc64-mb-extraneous-semicolons.dpatch:
       Fix a syntax error caused by extranous semicolons in smp_mb() macros
       which resulted in a build failure with kfree_skb-race.dpatch
     * sctp-priv-elevation.dpatch
       [SECURITY] Fix SCTP privelege escalation
       See CVE-2006-3745
     * sctp-priv-elevation-2.dpatch
       [SECURITY] Fix local DoS resulting from sctp-priv-elevation.dpatch
       See CVE-2006-4535
     * ppc-hid0-dos.dpatch
       [SECURITY][ppc] Fix local DoS by clearing HID0 attention enable on
       PPC970 at boot time
       See CVE-2006-4093
     * udf-deadlock.dpatch
       [SECURITY] Fix possible UDF deadlock and memory corruption
       See CVE-2006-4145
Files: 
 3babaf0fab68f89b89bbe32b4eb5cc86 1103 devel optional kernel-image-2.6.8-amd64_2.6.8-16sarge5.dsc
 8a44e1f45213ef3a263b5f4934885cee 77603 devel optional kernel-image-2.6.8-amd64_2.6.8-16sarge5.tar.gz
 c47c0307b74ff3ad96e428f072ddc21c 12570136 base optional kernel-image-2.6.8-12-amd64-generic_2.6.8-16sarge5_i386.deb
 4417c8fbc0a5fc8c57f44b3224333c73 2723796 devel optional kernel-headers-2.6.8-12_2.6.8-16sarge5_i386.deb
 4b01f2e5d84ab049b4775bbe00e96c30 222382 devel optional kernel-headers-2.6.8-12-amd64-k8-smp_2.6.8-16sarge5_i386.deb
 7996b833450f8a189094abbb7a16a456 224170 devel optional kernel-headers-2.6.8-12-em64t-p4_2.6.8-16sarge5_i386.deb
 668f08d37f554035097bf12f3e0aa7f5 220744 devel optional kernel-headers-2.6.8-12-em64t-p4-smp_2.6.8-16sarge5_i386.deb
 0e40b1f1483cec93a07277b91648e1ae 226282 devel optional kernel-headers-2.6.8-12-amd64-k8_2.6.8-16sarge5_i386.deb
 ce873c665e873e0e64eb0326ee759044 227238 devel optional kernel-headers-2.6.8-12-amd64-generic_2.6.8-16sarge5_i386.deb
 c986a7533859313f32a16107e4cc48fa 13202148 base optional kernel-image-2.6.8-12-em64t-p4-smp_2.6.8-16sarge5_i386.deb
 aa7178f0eba544ecb5eb09daa8fa4464 13268342 base optional kernel-image-2.6.8-12-amd64-k8_2.6.8-16sarge5_i386.deb
 61cb755d2fefbee646f59cb8b067d180 13228902 base optional kernel-image-2.6.8-12-amd64-k8-smp_2.6.8-16sarge5_i386.deb
 7d4e7cc50ee13c04cea3676578a8d5eb 13227150 base optional kernel-image-2.6.8-12-em64t-p4_2.6.8-16sarge5_i386.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (GNU/Linux)

iD8DBQFFDt2ahuANDBmkLRkRAu2IAJ4kyrouC/SEREA11rS493NLVYniAACeODHh
6biFJBG6FMWI8VjzNUHFCO0=
=INvE
-----END PGP SIGNATURE-----


Accepted:
kernel-headers-2.6.8-12-amd64-generic_2.6.8-16sarge5_i386.deb
  to pool/main/k/kernel-image-2.6.8-amd64/kernel-headers-2.6.8-12-amd64-generic_2.6.8-16sarge5_i386.deb
kernel-headers-2.6.8-12-amd64-k8-smp_2.6.8-16sarge5_i386.deb
  to pool/main/k/kernel-image-2.6.8-amd64/kernel-headers-2.6.8-12-amd64-k8-smp_2.6.8-16sarge5_i386.deb
kernel-headers-2.6.8-12-amd64-k8_2.6.8-16sarge5_i386.deb
  to pool/main/k/kernel-image-2.6.8-amd64/kernel-headers-2.6.8-12-amd64-k8_2.6.8-16sarge5_i386.deb
kernel-headers-2.6.8-12-em64t-p4-smp_2.6.8-16sarge5_i386.deb
  to pool/main/k/kernel-image-2.6.8-amd64/kernel-headers-2.6.8-12-em64t-p4-smp_2.6.8-16sarge5_i386.deb
kernel-headers-2.6.8-12-em64t-p4_2.6.8-16sarge5_i386.deb
  to pool/main/k/kernel-image-2.6.8-amd64/kernel-headers-2.6.8-12-em64t-p4_2.6.8-16sarge5_i386.deb
kernel-headers-2.6.8-12_2.6.8-16sarge5_i386.deb
  to pool/main/k/kernel-image-2.6.8-amd64/kernel-headers-2.6.8-12_2.6.8-16sarge5_i386.deb
kernel-image-2.6.8-12-amd64-generic_2.6.8-16sarge5_i386.deb
  to pool/main/k/kernel-image-2.6.8-amd64/kernel-image-2.6.8-12-amd64-generic_2.6.8-16sarge5_i386.deb
kernel-image-2.6.8-12-amd64-k8-smp_2.6.8-16sarge5_i386.deb
  to pool/main/k/kernel-image-2.6.8-amd64/kernel-image-2.6.8-12-amd64-k8-smp_2.6.8-16sarge5_i386.deb
kernel-image-2.6.8-12-amd64-k8_2.6.8-16sarge5_i386.deb
  to pool/main/k/kernel-image-2.6.8-amd64/kernel-image-2.6.8-12-amd64-k8_2.6.8-16sarge5_i386.deb
kernel-image-2.6.8-12-em64t-p4-smp_2.6.8-16sarge5_i386.deb
  to pool/main/k/kernel-image-2.6.8-amd64/kernel-image-2.6.8-12-em64t-p4-smp_2.6.8-16sarge5_i386.deb
kernel-image-2.6.8-12-em64t-p4_2.6.8-16sarge5_i386.deb
  to pool/main/k/kernel-image-2.6.8-amd64/kernel-image-2.6.8-12-em64t-p4_2.6.8-16sarge5_i386.deb
kernel-image-2.6.8-amd64_2.6.8-16sarge5.dsc
  to pool/main/k/kernel-image-2.6.8-amd64/kernel-image-2.6.8-amd64_2.6.8-16sarge5.dsc
kernel-image-2.6.8-amd64_2.6.8-16sarge5.tar.gz
  to pool/main/k/kernel-image-2.6.8-amd64/kernel-image-2.6.8-amd64_2.6.8-16sarge5.tar.gz
News for package kernel-image-2.6.8-amd64
