-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Format: 1.7 Date: Mon, 4 Sep 2006 09:31:16 -0600 Source: kernel-image-2.6.8-ia64 Binary: kernel-headers-2.6-itanium kernel-headers-2.6-mckinley-smp kernel-headers-2.6.8-3-mckinley-smp kernel-image-2.6.8-3-mckinley kernel-headers-2.6-mckinley kernel-image-2.6.8-3-mckinley-smp kernel-image-2.6-mckinley-smp kernel-image-2.6.8-3-itanium-smp kernel-headers-2.6.8-3-mckinley kernel-headers-2.6.8-3 kernel-image-2.6.8-3-itanium kernel-image-2.6-itanium kernel-headers-2.6.8-3-itanium-smp kernel-image-2.6-mckinley kernel-headers-2.6.8-3-itanium kernel-headers-2.6-itanium-smp kernel-image-2.6-itanium-smp Architecture: source ia64 Version: 2.6.8-14sarge5 Distribution: stable-security Urgency: high Maintainer: Debian Kernel Team <debian-kernel@lists.debian.org> Changed-By: dann frazier <dannf@debian.org> Description: kernel-headers-2.6-itanium - Linux kernel headers 2.6 on Itanium kernel-headers-2.6-itanium-smp - Linux kernel headers 2.6 on Itanium SMP kernel-headers-2.6-mckinley - Linux kernel headers 2.6 on Itanium II kernel-headers-2.6-mckinley-smp - Linux kernel headers 2.6 on Itanium II SMP kernel-headers-2.6.8-3 - Header files related to Linux kernel version 2.6.8 kernel-headers-2.6.8-3-itanium - Linux kernel headers 2.6.8 on Itanium kernel-headers-2.6.8-3-itanium-smp - Linux kernel headers 2.6.8 on Itanium SMP kernel-headers-2.6.8-3-mckinley - Linux kernel headers 2.6.8 on Itanium II kernel-headers-2.6.8-3-mckinley-smp - Linux kernel headers 2.6.8 on Itanium II SMP kernel-image-2.6-itanium - Linux kernel image for version 2.6 on Itanium kernel-image-2.6-itanium-smp - Linux kernel image for version 2.6 on Itanium SMP kernel-image-2.6-mckinley - Linux kernel image for version 2.6 on Itanium II kernel-image-2.6-mckinley-smp - Linux kernel image for version 2.6 on Itanium II SMP kernel-image-2.6.8-3-itanium - Linux kernel image for version 2.6.8 on Itanium kernel-image-2.6.8-3-itanium-smp - Linux kernel image for version 2.6.8 on Itanium SMP kernel-image-2.6.8-3-mckinley - Linux kernel image for version 2.6.8 on Itanium II kernel-image-2.6.8-3-mckinley-smp - Linux kernel image for version 2.6.8 on Itanium II SMP Changes: kernel-image-2.6.8-ia64 (2.6.8-14sarge5) stable-security; urgency=high . * Build against kernel-tree-2.6.8-16sarge5: * [ERRATA] madvise_remove-restrict.dpatch [SECURITY] The 2.6.8-16sarge3 changelog associated this patch with CVE-2006-1524. However, this patch fixes an mprotect issue that was split off from the original report into CVE-2006-2071. 2.6.8 is not vulnerable to CVE-2006-1524 the madvise_remove issue. See CVE-2006-2071 * fs-ext3-bad-nfs-handle.dpatch [SECURITY] James McKenzie discovered a Denial of Service vulnerability in the NFS driver. When exporting an ext3 file system over NFS, a remote attacker could exploit this to trigger a file system panic by sending a specially crafted UDP packet. See CVE-2006-3468 * direct-io-write-mem-leak.dpatch [SECURITY] Fix memory leak in O_DIRECT write. See CVE-2004-2660 * nfs-handle-long-symlinks.dpatch [SECURITY] Fix buffer overflow in NFS readline handling that allows a remote server to cause a denial of service (crash) via a long symlink See CVE-2005-4798 * cdrom-bad-cgc.buflen-assign.dpatch [SECURITY] Fix buffer overflow in dvd_read_bca which could potentially be used by a local user to trigger a buffer overflow via a specially crafted DVD, USB stick, or similar automatically mounted device. See CVE-2006-2935 * usb-serial-ftdi_sio-dos.patch [SECURITY] fix userspace DoS in ftdi_sio driver See CVE-2006-2936 * selinux-tracer-SID-fix.dpatch [SECURITY] Fix vulnerability in selinux_ptrace that prevents local users from changing the tracer SID to the SID of another process See CVE-2006-1052 * netfilter-SO_ORIGINAL_DST-leak.dpatch [SECURITY] Fix information leak in SO_ORIGINAL_DST See CVE-2006-1343 * sg-no-mmap-VM_IO.dpatch [SECURITY] Fix DoS vulnerability whereby a local user could attempt a dio/mmap and cause the sg driver to oops. See CVE-2006-1528 * exit-bogus-bugon.dpatch [SECURITY] Remove bogus BUG() in exit.c which could be maliciously triggered by a local user See CVE-2006-1855 * readv-writev-missing-lsm-check.dpatch, readv-writev-missing-lsm-check-compat.dpatch [SECURITY] Add missing file_permission callback in readv/writev syscalls See CVE-2006-1856 * snmp-nat-mem-corruption-fix.dpatch [SECURITY] Fix memory corruption in snmp_trap_decode See CVE-2006-2444 * kfree_skb-race.dpatch [SECURITY] Fix race between kfree_skb and __skb_unlink See CVE-2006-2446 * hppa-mb-extraneous-semicolon.dpatch, sparc32-mb-extraneous-semicolons.dpatch, sparc64-mb-extraneous-semicolons.dpatch: Fix a syntax error caused by extranous semicolons in smp_mb() macros which resulted in a build failure with kfree_skb-race.dpatch * sctp-priv-elevation.dpatch [SECURITY] Fix SCTP privelege escalation See CVE-2006-3745 * sctp-priv-elevation-2.dpatch [SECURITY] Fix local DoS resulting from sctp-priv-elevation.dpatch See CVE-2006-4535 * ppc-hid0-dos.dpatch [SECURITY][ppc] Fix local DoS by clearing HID0 attention enable on PPC970 at boot time See CVE-2006-4093 * udf-deadlock.dpatch [SECURITY] Fix possible UDF deadlock and memory corruption See CVE-2006-4145 Files: b0603843539a0a75ccb286f2ace930c7 1191 devel optional kernel-image-2.6.8-ia64_2.6.8-14sarge5.dsc bad61e9854bff8ec53156d31839ee147 65230 devel optional kernel-image-2.6.8-ia64_2.6.8-14sarge5.tar.gz ab8b47e398096642e3d77f88fa7afa48 22159010 base optional kernel-image-2.6.8-3-mckinley-smp_2.6.8-14sarge5_ia64.deb 30e43a7b123a1c1cb04a2669138b525b 21486196 base optional kernel-image-2.6.8-3-itanium_2.6.8-14sarge5_ia64.deb 2d9bce2e35bb6400d5d80057b7f45898 201372 devel optional kernel-headers-2.6.8-3-itanium_2.6.8-14sarge5_ia64.deb 6eb5b2f29bb67004a043abe8651fe1a4 7884 base optional kernel-image-2.6-mckinley-smp_2.6.8-14sarge5_ia64.deb 1440ce8f6781a08ce1648925cb35e34d 201162 devel optional kernel-headers-2.6.8-3-mckinley_2.6.8-14sarge5_ia64.deb 4f5c9899b996ad86bb384899c900875e 7822 devel optional kernel-headers-2.6-mckinley_2.6.8-14sarge5_ia64.deb 0d50f6db944de51b032e1a558b65989b 3100286 devel optional kernel-headers-2.6.8-3_2.6.8-14sarge5_ia64.deb 4243fb7dc34f99cefd673bb3cee6a47d 7818 base optional kernel-image-2.6-mckinley_2.6.8-14sarge5_ia64.deb 01f5d1d5d4fe0986aac04973725f70ab 201182 devel optional kernel-headers-2.6.8-3-itanium-smp_2.6.8-14sarge5_ia64.deb 8cb4f893d1c76828e22f642a35039c6f 200724 devel optional kernel-headers-2.6.8-3-mckinley-smp_2.6.8-14sarge5_ia64.deb 8e0689d56a8ffff7b24120fcdc563b4d 21414114 base optional kernel-image-2.6.8-3-mckinley_2.6.8-14sarge5_ia64.deb 75c09ccecc2fbfd1367e9b2375eb3aa2 7850 base optional kernel-image-2.6-itanium-smp_2.6.8-14sarge5_ia64.deb 32dae7eeac53f9828b9209f88e46f350 7892 devel optional kernel-headers-2.6-mckinley-smp_2.6.8-14sarge5_ia64.deb 441986d03a7ecac076921a2dc204dde5 7790 devel optional kernel-headers-2.6-itanium_2.6.8-14sarge5_ia64.deb cef3005a14538dc6cc756a478897f080 22141992 base optional kernel-image-2.6.8-3-itanium-smp_2.6.8-14sarge5_ia64.deb 1b609adbf938b585c6375158a0f938ec 7862 devel optional kernel-headers-2.6-itanium-smp_2.6.8-14sarge5_ia64.deb 2ae8d5d742deec64baaecd1b95c41f2f 7786 base optional kernel-image-2.6-itanium_2.6.8-14sarge5_ia64.deb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.5 (GNU/Linux) iD8DBQFFCYEihuANDBmkLRkRAkXhAJ9Ww+rm9Iuw/1vdRl228nCKrcp0FwCcCSJZ vjc0ZsbjED66YmWtkw7P2Ec= =BSbb -----END PGP SIGNATURE----- Accepted: kernel-headers-2.6-itanium-smp_2.6.8-14sarge5_ia64.deb to pool/main/k/kernel-image-2.6.8-ia64/kernel-headers-2.6-itanium-smp_2.6.8-14sarge5_ia64.deb kernel-headers-2.6-itanium_2.6.8-14sarge5_ia64.deb to pool/main/k/kernel-image-2.6.8-ia64/kernel-headers-2.6-itanium_2.6.8-14sarge5_ia64.deb kernel-headers-2.6-mckinley-smp_2.6.8-14sarge5_ia64.deb to pool/main/k/kernel-image-2.6.8-ia64/kernel-headers-2.6-mckinley-smp_2.6.8-14sarge5_ia64.deb kernel-headers-2.6-mckinley_2.6.8-14sarge5_ia64.deb to pool/main/k/kernel-image-2.6.8-ia64/kernel-headers-2.6-mckinley_2.6.8-14sarge5_ia64.deb kernel-headers-2.6.8-3-itanium-smp_2.6.8-14sarge5_ia64.deb to pool/main/k/kernel-image-2.6.8-ia64/kernel-headers-2.6.8-3-itanium-smp_2.6.8-14sarge5_ia64.deb kernel-headers-2.6.8-3-itanium_2.6.8-14sarge5_ia64.deb to pool/main/k/kernel-image-2.6.8-ia64/kernel-headers-2.6.8-3-itanium_2.6.8-14sarge5_ia64.deb kernel-headers-2.6.8-3-mckinley-smp_2.6.8-14sarge5_ia64.deb to pool/main/k/kernel-image-2.6.8-ia64/kernel-headers-2.6.8-3-mckinley-smp_2.6.8-14sarge5_ia64.deb kernel-headers-2.6.8-3-mckinley_2.6.8-14sarge5_ia64.deb to pool/main/k/kernel-image-2.6.8-ia64/kernel-headers-2.6.8-3-mckinley_2.6.8-14sarge5_ia64.deb kernel-headers-2.6.8-3_2.6.8-14sarge5_ia64.deb to pool/main/k/kernel-image-2.6.8-ia64/kernel-headers-2.6.8-3_2.6.8-14sarge5_ia64.deb kernel-image-2.6-itanium-smp_2.6.8-14sarge5_ia64.deb to pool/main/k/kernel-image-2.6.8-ia64/kernel-image-2.6-itanium-smp_2.6.8-14sarge5_ia64.deb kernel-image-2.6-itanium_2.6.8-14sarge5_ia64.deb to pool/main/k/kernel-image-2.6.8-ia64/kernel-image-2.6-itanium_2.6.8-14sarge5_ia64.deb kernel-image-2.6-mckinley-smp_2.6.8-14sarge5_ia64.deb to pool/main/k/kernel-image-2.6.8-ia64/kernel-image-2.6-mckinley-smp_2.6.8-14sarge5_ia64.deb kernel-image-2.6-mckinley_2.6.8-14sarge5_ia64.deb to pool/main/k/kernel-image-2.6.8-ia64/kernel-image-2.6-mckinley_2.6.8-14sarge5_ia64.deb kernel-image-2.6.8-3-itanium-smp_2.6.8-14sarge5_ia64.deb to pool/main/k/kernel-image-2.6.8-ia64/kernel-image-2.6.8-3-itanium-smp_2.6.8-14sarge5_ia64.deb kernel-image-2.6.8-3-itanium_2.6.8-14sarge5_ia64.deb to pool/main/k/kernel-image-2.6.8-ia64/kernel-image-2.6.8-3-itanium_2.6.8-14sarge5_ia64.deb kernel-image-2.6.8-3-mckinley-smp_2.6.8-14sarge5_ia64.deb to pool/main/k/kernel-image-2.6.8-ia64/kernel-image-2.6.8-3-mckinley-smp_2.6.8-14sarge5_ia64.deb kernel-image-2.6.8-3-mckinley_2.6.8-14sarge5_ia64.deb to pool/main/k/kernel-image-2.6.8-ia64/kernel-image-2.6.8-3-mckinley_2.6.8-14sarge5_ia64.deb kernel-image-2.6.8-ia64_2.6.8-14sarge5.dsc to pool/main/k/kernel-image-2.6.8-ia64/kernel-image-2.6.8-ia64_2.6.8-14sarge5.dsc kernel-image-2.6.8-ia64_2.6.8-14sarge5.tar.gz to pool/main/k/kernel-image-2.6.8-ia64/kernel-image-2.6.8-ia64_2.6.8-14sarge5.tar.gz