-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Format: 1.7 Date: Tue, 19 Feb 2008 19:25:06 -0700 Source: kernel-image-2.6.8-m68k Binary: kernel-image-2.6.8-sun3x kernel-image-2.6.8-bvme6000 kernel-image-2.6.8-q40 kernel-image-2.6.8-atari kernel-image-2.6.8-mvme147 kernel-image-2.6.8-amiga kernel-image-2.6.8-sun3 kernel-image-2.6.8-mac kernel-image-2.6.8-hp kernel-image-2.6.8-mvme16x Architecture: source m68k Version: 2.6.8-5sarge1 Distribution: oldstable-security Urgency: high Maintainer: Christian T. Steigies <cts@debian.org> Changed-By: dann frazier <dannf@debian.org> Description: kernel-image-2.6.8-amiga - Linux kernel image for Amiga computers kernel-image-2.6.8-atari - Linux kernel image for Atari computers kernel-image-2.6.8-bvme6000 - Linux kernel image for BVM BVME4000 and BVME6000 SBCs. kernel-image-2.6.8-hp - Linux kernel image for hp computers kernel-image-2.6.8-mac - Linux kernel image for Macintosh computers kernel-image-2.6.8-mvme147 - Linux kernel image for Motorola MVME147 SBCs. kernel-image-2.6.8-mvme16x - Linux kernel image for Motorola MVME162/6/7, MVME172/7 SBCs. kernel-image-2.6.8-q40 - Linux kernel image for Q40 and Q60 computers kernel-image-2.6.8-sun3 - Linux kernel image for sun3 computers Changes: kernel-image-2.6.8-m68k (2.6.8-5sarge1) oldstable-security; urgency=high . * Rebuild against kernel-tree-2.6.8-17sarge1 * compat_sys_mount-NULL-data_page.dpatch [SECURITY] Fix oops in compat_sys_mount triggered by NULL data_page See CVE-2006-7203 * pppoe-socket-release-mem-leak.dpatch [SECURITY] fix unpriveleged memory leak when a PPPoE socket is released after connect but before PPPIOCGCHAN ioctl is called upon it See CVE-2007-2525 * dn_fib-out-of-bounds.dpatch, ipv4-fib_props-out-of-bounds.dpatch [SECURITY] Fix out of bounds condition in dn_fib_props[] See CVE-2007-2172 * aacraid-ioctl-perm-check.dpatch [SECURITY] Require admin capabilities to issue ioctls to aacraid devices See CVE-2007-4308 * reset-pdeathsig-on-suid.dpatch [SECURITY] Fix potential privilege escalation caused by improper clearing of the child process' pdeath signal. See CVE-2007-3848 * bluetooth-l2cap-hci-info-leaks.dpatch [SECURITY] Fix information leaks in setsockopt() implementations See CVE-2007-1353 * coredump-only-to-same-uid.dpatch [SECURITY] Fix an issue where core dumping over a file that already exists retains the ownership of the original file See CVE-2007-6206 * i4l-isdn_ioctl-mem-overrun.dpatch [SECURITY] Fix potential isdn ioctl memory overrun See CVE-2007-6151 * cramfs-check-block-length.dpatch [SECURITY] Add a sanity check of the block length in cramfs_readpage to avoid a potential oops condition See CVE-2006-5823 * ext2-skip-pages-past-num-blocks.dpatch [SECURITY] Add some sanity checking for a corrupted i_size in ext2_find_entry() See CVE-2006-6054 * minixfs-printk-hang.dpatch [SECURITY] Rate-limit printks caused by accessing a corrupted minixfs filesystem that would otherwise cause a system to hang (printk storm) See CVE-2006-6058 * isdn-net-overflow.dpatch [SECURITY] Fix potential overflows in the ISDN subsystem See CVE-2007-6063 * prevent-stack-growth-into-hugetlb-region.dpatch [SECURITY] Prevent OOPS during stack expansion when the VMA crosses into address space reserved for hugetlb pages. See CVE-2007-3739 * cifs-honor-umask.dpatch [SECURITY] Make CIFS honor a process' umask See CVE-2007-3740 * hugetlb-prio_tree-unit-fix.dpatch [SECURITY] Fix misconversion of hugetlb_vmtruncate_list to prio_tree which could be used to trigger a BUG_ON() call in exit_mmap. See CVE-2007-4133 * amd64-zero-extend-32bit-ptrace.dpatch [SECURITY] Zero extend all registers after ptrace in 32-bit entry path. See CVE-2007-4573 * usb-pwc-disconnect-block.dpatch [SECURITY] Fix issue with unplugging webcams that use the pwc driver. If userspace still has the device open it can result, the driver would wait for the device to close, blocking the USB subsystem. See CVE-2007-5093 * powerpc-chrp-null-deref.dpatch [SECURITY][powerpc] Fix NULL pointer dereference if get_property fails on the subarchitecture See CVE-2007-6694 * random-bound-check-ordering.dpatch [SECURITY] Fix stack-based buffer overflow in the random number generator See CVE-2007-3105 * mmap-VM_DONTEXPAND.dpatch [SECURITY] Add VM_DONTEXPAND to vm_flags in drivers that register a fault handler but do not bounds check the offset argument See CVE-2008-0007 Files: 9db0c07fe9a8cc114a82f3d4f8a209a9 874 devel optional kernel-image-2.6.8-m68k_2.6.8-5sarge1.dsc 75027ce480514543ad6d565d43890a3e 22997 devel optional kernel-image-2.6.8-m68k_2.6.8-5sarge1.tar.gz 90b62190daab090dd211b2e2fa76e634 2997446 base optional kernel-image-2.6.8-sun3_2.6.8-5sarge1_m68k.deb 89321aa5c34c8c9c95a61a86d0337699 3018000 base optional kernel-image-2.6.8-bvme6000_2.6.8-5sarge1_m68k.deb 0a020af9116bd8ac96d2c3eb054b6840 3105192 base optional kernel-image-2.6.8-atari_2.6.8-5sarge1_m68k.deb 9876f36e6cbad66ac690362955b3ee6c 3053150 base optional kernel-image-2.6.8-mvme16x_2.6.8-5sarge1_m68k.deb 1160ae756c286e7e2845cbeb1326c3bb 3178962 base optional kernel-image-2.6.8-mac_2.6.8-5sarge1_m68k.deb 052d54a9c2e6eab73cf870634aaf78e3 3311580 base optional kernel-image-2.6.8-amiga_2.6.8-5sarge1_m68k.deb 677c66d0af2580084d6d061bfd63ffd4 2982482 base optional kernel-image-2.6.8-mvme147_2.6.8-5sarge1_m68k.deb 38fdf55f9f32aa26df0b3001fd6b77a2 3111618 base optional kernel-image-2.6.8-q40_2.6.8-5sarge1_m68k.deb cd498a3a110af341e7052fb06ec8b0bc 2992404 base optional kernel-image-2.6.8-hp_2.6.8-5sarge1_m68k.deb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (GNU/Linux) iD8DBQFHvRSHhuANDBmkLRkRAgFoAJ4va2ymNxUkl0jPny7K8/JU/bgiHQCeKWz+ /TdASUkz3LQ5oIbDNeRN4q0= =BpPe -----END PGP SIGNATURE----- Accepted: kernel-image-2.6.8-amiga_2.6.8-5sarge1_m68k.deb to pool/main/k/kernel-image-2.6.8-m68k/kernel-image-2.6.8-amiga_2.6.8-5sarge1_m68k.deb kernel-image-2.6.8-atari_2.6.8-5sarge1_m68k.deb to pool/main/k/kernel-image-2.6.8-m68k/kernel-image-2.6.8-atari_2.6.8-5sarge1_m68k.deb kernel-image-2.6.8-bvme6000_2.6.8-5sarge1_m68k.deb to pool/main/k/kernel-image-2.6.8-m68k/kernel-image-2.6.8-bvme6000_2.6.8-5sarge1_m68k.deb kernel-image-2.6.8-hp_2.6.8-5sarge1_m68k.deb to pool/main/k/kernel-image-2.6.8-m68k/kernel-image-2.6.8-hp_2.6.8-5sarge1_m68k.deb kernel-image-2.6.8-m68k_2.6.8-5sarge1.dsc to pool/main/k/kernel-image-2.6.8-m68k/kernel-image-2.6.8-m68k_2.6.8-5sarge1.dsc kernel-image-2.6.8-m68k_2.6.8-5sarge1.tar.gz to pool/main/k/kernel-image-2.6.8-m68k/kernel-image-2.6.8-m68k_2.6.8-5sarge1.tar.gz kernel-image-2.6.8-mac_2.6.8-5sarge1_m68k.deb to pool/main/k/kernel-image-2.6.8-m68k/kernel-image-2.6.8-mac_2.6.8-5sarge1_m68k.deb kernel-image-2.6.8-mvme147_2.6.8-5sarge1_m68k.deb to pool/main/k/kernel-image-2.6.8-m68k/kernel-image-2.6.8-mvme147_2.6.8-5sarge1_m68k.deb kernel-image-2.6.8-mvme16x_2.6.8-5sarge1_m68k.deb to pool/main/k/kernel-image-2.6.8-m68k/kernel-image-2.6.8-mvme16x_2.6.8-5sarge1_m68k.deb kernel-image-2.6.8-q40_2.6.8-5sarge1_m68k.deb to pool/main/k/kernel-image-2.6.8-m68k/kernel-image-2.6.8-q40_2.6.8-5sarge1_m68k.deb kernel-image-2.6.8-sun3_2.6.8-5sarge1_m68k.deb to pool/main/k/kernel-image-2.6.8-m68k/kernel-image-2.6.8-sun3_2.6.8-5sarge1_m68k.deb