-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Format: 1.7 Date: Tue, 19 Feb 2008 20:47:49 -0700 Source: kernel-image-2.6.8-amd64 Binary: kernel-headers-2.6.8-13-amd64-k8 kernel-image-2.6.8-13-em64t-p4-smp kernel-image-2.6.8-13-amd64-k8-smp kernel-headers-2.6.8-13 kernel-headers-2.6.8-13-amd64-generic kernel-image-2.6.8-13-amd64-k8 kernel-headers-2.6.8-13-em64t-p4 kernel-headers-2.6.8-13-amd64-k8-smp kernel-headers-2.6.8-13-em64t-p4-smp kernel-image-2.6.8-13-amd64-generic kernel-image-2.6.8-13-em64t-p4 Architecture: source i386 Version: 2.6.8-17sarge1 Distribution: oldstable-security Urgency: high Maintainer: Debian Kernel Team <debian-kernel@lists.debian.org> Changed-By: dann frazier <dannf@debian.org> Description: kernel-headers-2.6.8-13 - Header files related to Linux kernel version 2.6.8 kernel-headers-2.6.8-13-amd64-generic - Linux kernel headers 2.6.8 for generic x86_64 systems kernel-headers-2.6.8-13-amd64-k8 - Linux kernel headers for version 2.6.8 on AMD64 systems kernel-headers-2.6.8-13-amd64-k8-smp - Linux kernel headers for version 2.6.8 on AMD64 SMP systems kernel-headers-2.6.8-13-em64t-p4 - Linux kernel headers for version 2.6.8 on Intel EM64T systems kernel-headers-2.6.8-13-em64t-p4-smp - Linux kernel headers for version 2.6.8 on Intel EM64T SMP systems kernel-image-2.6.8-13-amd64-generic - Linux kernel image for version 2.6.8 on generic x86_64 systems kernel-image-2.6.8-13-amd64-k8 - Linux kernel image for version 2.6.8 on AMD64 systems kernel-image-2.6.8-13-amd64-k8-smp - Linux kernel image for version 2.6.8 on AMD64 SMP systems kernel-image-2.6.8-13-em64t-p4 - Linux kernel image for version 2.6.8 on Intel EM64T systems kernel-image-2.6.8-13-em64t-p4-smp - Linux kernel image for version 2.6.8 on Intel EM64T SMP systems Changes: kernel-image-2.6.8-amd64 (2.6.8-17sarge1) oldstable-security; urgency=high . * Rebuild against kernel-tree-2.6.8-17sarge1 * compat_sys_mount-NULL-data_page.dpatch [SECURITY] Fix oops in compat_sys_mount triggered by NULL data_page See CVE-2006-7203 * pppoe-socket-release-mem-leak.dpatch [SECURITY] fix unpriveleged memory leak when a PPPoE socket is released after connect but before PPPIOCGCHAN ioctl is called upon it See CVE-2007-2525 * dn_fib-out-of-bounds.dpatch, ipv4-fib_props-out-of-bounds.dpatch [SECURITY] Fix out of bounds condition in dn_fib_props[] See CVE-2007-2172 * aacraid-ioctl-perm-check.dpatch [SECURITY] Require admin capabilities to issue ioctls to aacraid devices See CVE-2007-4308 * reset-pdeathsig-on-suid.dpatch [SECURITY] Fix potential privilege escalation caused by improper clearing of the child process' pdeath signal. See CVE-2007-3848 * bluetooth-l2cap-hci-info-leaks.dpatch [SECURITY] Fix information leaks in setsockopt() implementations See CVE-2007-1353 * coredump-only-to-same-uid.dpatch [SECURITY] Fix an issue where core dumping over a file that already exists retains the ownership of the original file See CVE-2007-6206 * i4l-isdn_ioctl-mem-overrun.dpatch [SECURITY] Fix potential isdn ioctl memory overrun See CVE-2007-6151 * cramfs-check-block-length.dpatch [SECURITY] Add a sanity check of the block length in cramfs_readpage to avoid a potential oops condition See CVE-2006-5823 * ext2-skip-pages-past-num-blocks.dpatch [SECURITY] Add some sanity checking for a corrupted i_size in ext2_find_entry() See CVE-2006-6054 * minixfs-printk-hang.dpatch [SECURITY] Rate-limit printks caused by accessing a corrupted minixfs filesystem that would otherwise cause a system to hang (printk storm) See CVE-2006-6058 * isdn-net-overflow.dpatch [SECURITY] Fix potential overflows in the ISDN subsystem See CVE-2007-6063 * prevent-stack-growth-into-hugetlb-region.dpatch [SECURITY] Prevent OOPS during stack expansion when the VMA crosses into address space reserved for hugetlb pages. See CVE-2007-3739 * cifs-honor-umask.dpatch [SECURITY] Make CIFS honor a process' umask See CVE-2007-3740 * hugetlb-prio_tree-unit-fix.dpatch [SECURITY] Fix misconversion of hugetlb_vmtruncate_list to prio_tree which could be used to trigger a BUG_ON() call in exit_mmap. See CVE-2007-4133 * amd64-zero-extend-32bit-ptrace.dpatch [SECURITY] Zero extend all registers after ptrace in 32-bit entry path. See CVE-2007-4573 * usb-pwc-disconnect-block.dpatch [SECURITY] Fix issue with unplugging webcams that use the pwc driver. If userspace still has the device open it can result, the driver would wait for the device to close, blocking the USB subsystem. See CVE-2007-5093 * powerpc-chrp-null-deref.dpatch [SECURITY][powerpc] Fix NULL pointer dereference if get_property fails on the subarchitecture See CVE-2007-6694 * random-bound-check-ordering.dpatch [SECURITY] Fix stack-based buffer overflow in the random number generator See CVE-2007-3105 * mmap-VM_DONTEXPAND.dpatch [SECURITY] Add VM_DONTEXPAND to vm_flags in drivers that register a fault handler but do not bounds check the offset argument See CVE-2008-0007 Files: 27f8b65b1acae74eac82f6484edbc5e5 1103 devel optional kernel-image-2.6.8-amd64_2.6.8-17sarge1.dsc c90b3a12c9bf77807d0d5c3ab6cf1567 82008 devel optional kernel-image-2.6.8-amd64_2.6.8-17sarge1.tar.gz e2538d185c863ac7adf9dd41ac73f83d 2728376 devel optional kernel-headers-2.6.8-13_2.6.8-17sarge1_i386.deb 2172a8e3ff5107cb582b5a31111b904b 230266 devel optional kernel-headers-2.6.8-13-amd64-k8_2.6.8-17sarge1_i386.deb 541fc888c5aa5dee5e186185d1f2256f 13276128 base optional kernel-image-2.6.8-13-amd64-k8_2.6.8-17sarge1_i386.deb a9af96e38de18058a0bbb855ed0193f3 231474 devel optional kernel-headers-2.6.8-13-amd64-generic_2.6.8-17sarge1_i386.deb f6c685f628478fcc8f37257a6e71aedd 12579278 base optional kernel-image-2.6.8-13-amd64-generic_2.6.8-17sarge1_i386.deb 0232808c2f4af4679ff387fd5aef30c2 228124 devel optional kernel-headers-2.6.8-13-em64t-p4_2.6.8-17sarge1_i386.deb fad30247937094d606a01d53a2eff086 13236626 base optional kernel-image-2.6.8-13-em64t-p4_2.6.8-17sarge1_i386.deb 89ab2fe13383be55139f779983e76f56 226622 devel optional kernel-headers-2.6.8-13-amd64-k8-smp_2.6.8-17sarge1_i386.deb 83c9fa536a5039d9b7faaedd55c0d2df 13238830 base optional kernel-image-2.6.8-13-amd64-k8-smp_2.6.8-17sarge1_i386.deb c266db2ed1f497b91c8202c2e9511bd3 225052 devel optional kernel-headers-2.6.8-13-em64t-p4-smp_2.6.8-17sarge1_i386.deb 7d76aba45eeea785e68e144c93f8fa55 13208166 base optional kernel-image-2.6.8-13-em64t-p4-smp_2.6.8-17sarge1_i386.deb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (GNU/Linux) iD8DBQFHvNbwhuANDBmkLRkRArdAAJ92LmeYeAm9KklLjO+mBTFaI+toegCdEYYz 1iJu7HwD3XkEx9EpwupIxEY= =M626 -----END PGP SIGNATURE----- Accepted: kernel-headers-2.6.8-13-amd64-generic_2.6.8-17sarge1_i386.deb to pool/main/k/kernel-image-2.6.8-amd64/kernel-headers-2.6.8-13-amd64-generic_2.6.8-17sarge1_i386.deb kernel-headers-2.6.8-13-amd64-k8-smp_2.6.8-17sarge1_i386.deb to pool/main/k/kernel-image-2.6.8-amd64/kernel-headers-2.6.8-13-amd64-k8-smp_2.6.8-17sarge1_i386.deb kernel-headers-2.6.8-13-amd64-k8_2.6.8-17sarge1_i386.deb to pool/main/k/kernel-image-2.6.8-amd64/kernel-headers-2.6.8-13-amd64-k8_2.6.8-17sarge1_i386.deb kernel-headers-2.6.8-13-em64t-p4-smp_2.6.8-17sarge1_i386.deb to pool/main/k/kernel-image-2.6.8-amd64/kernel-headers-2.6.8-13-em64t-p4-smp_2.6.8-17sarge1_i386.deb kernel-headers-2.6.8-13-em64t-p4_2.6.8-17sarge1_i386.deb to pool/main/k/kernel-image-2.6.8-amd64/kernel-headers-2.6.8-13-em64t-p4_2.6.8-17sarge1_i386.deb kernel-headers-2.6.8-13_2.6.8-17sarge1_i386.deb to pool/main/k/kernel-image-2.6.8-amd64/kernel-headers-2.6.8-13_2.6.8-17sarge1_i386.deb kernel-image-2.6.8-13-amd64-generic_2.6.8-17sarge1_i386.deb to pool/main/k/kernel-image-2.6.8-amd64/kernel-image-2.6.8-13-amd64-generic_2.6.8-17sarge1_i386.deb kernel-image-2.6.8-13-amd64-k8-smp_2.6.8-17sarge1_i386.deb to pool/main/k/kernel-image-2.6.8-amd64/kernel-image-2.6.8-13-amd64-k8-smp_2.6.8-17sarge1_i386.deb kernel-image-2.6.8-13-amd64-k8_2.6.8-17sarge1_i386.deb to pool/main/k/kernel-image-2.6.8-amd64/kernel-image-2.6.8-13-amd64-k8_2.6.8-17sarge1_i386.deb kernel-image-2.6.8-13-em64t-p4-smp_2.6.8-17sarge1_i386.deb to pool/main/k/kernel-image-2.6.8-amd64/kernel-image-2.6.8-13-em64t-p4-smp_2.6.8-17sarge1_i386.deb kernel-image-2.6.8-13-em64t-p4_2.6.8-17sarge1_i386.deb to pool/main/k/kernel-image-2.6.8-amd64/kernel-image-2.6.8-13-em64t-p4_2.6.8-17sarge1_i386.deb kernel-image-2.6.8-amd64_2.6.8-17sarge1.dsc to pool/main/k/kernel-image-2.6.8-amd64/kernel-image-2.6.8-amd64_2.6.8-17sarge1.dsc kernel-image-2.6.8-amd64_2.6.8-17sarge1.tar.gz to pool/main/k/kernel-image-2.6.8-amd64/kernel-image-2.6.8-amd64_2.6.8-17sarge1.tar.gz