-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Format: 1.7 Date: Tue, 19 Feb 2008 20:55:52 -0700 Source: kernel-image-2.6.8-sparc Binary: kernel-headers-2.6.8-4-sparc32 kernel-image-2.6.8-4-sparc64-smp kernel-headers-2.6.8-4-sparc64 kernel-image-2.6.8-4-sparc32 kernel-build-2.6.8-4 kernel-headers-2.6.8-4 kernel-image-2.6.8-4-sparc64 kernel-headers-2.6.8-4-sparc64-smp Architecture: source sparc Version: 2.6.8-16sarge1 Distribution: oldstable-security Urgency: high Maintainer: Debian Kernel Team <debian-kernel@lists.debian.org> Changed-By: dann frazier <dannf@debian.org> Description: kernel-build-2.6.8-4 - Headers for building modules for Linux 2.6.8 kernel-headers-2.6.8-4 - Header files related to Linux kernel version 2.6.8 kernel-headers-2.6.8-4-sparc32 - Header files for Linux kernel 2.6.8 on uniprocessor 32-bit SPARC kernel-headers-2.6.8-4-sparc64 - Header files for Linux kernel 2.6.8 on uniprocessor 64-bit SPARC kernel-headers-2.6.8-4-sparc64-smp - Header files for Linux kernel 2.6.8 on multiprocessor 64-bit SPAR kernel-image-2.6.8-4-sparc32 - Linux kernel binary image for Super/HyperSPARC (sparc32) systems kernel-image-2.6.8-4-sparc64 - Linux kernel binary image for UltraSPARC (sparc64) systems kernel-image-2.6.8-4-sparc64-smp - Linux kernel binary image for SMP UltraSPARC (sparc64) systems Changes: kernel-image-2.6.8-sparc (2.6.8-16sarge1) oldstable-security; urgency=high . * Rebuild against kernel-tree-2.6.8-17sarge1 * compat_sys_mount-NULL-data_page.dpatch [SECURITY] Fix oops in compat_sys_mount triggered by NULL data_page See CVE-2006-7203 * pppoe-socket-release-mem-leak.dpatch [SECURITY] fix unpriveleged memory leak when a PPPoE socket is released after connect but before PPPIOCGCHAN ioctl is called upon it See CVE-2007-2525 * dn_fib-out-of-bounds.dpatch, ipv4-fib_props-out-of-bounds.dpatch [SECURITY] Fix out of bounds condition in dn_fib_props[] See CVE-2007-2172 * aacraid-ioctl-perm-check.dpatch [SECURITY] Require admin capabilities to issue ioctls to aacraid devices See CVE-2007-4308 * reset-pdeathsig-on-suid.dpatch [SECURITY] Fix potential privilege escalation caused by improper clearing of the child process' pdeath signal. See CVE-2007-3848 * bluetooth-l2cap-hci-info-leaks.dpatch [SECURITY] Fix information leaks in setsockopt() implementations See CVE-2007-1353 * coredump-only-to-same-uid.dpatch [SECURITY] Fix an issue where core dumping over a file that already exists retains the ownership of the original file See CVE-2007-6206 * i4l-isdn_ioctl-mem-overrun.dpatch [SECURITY] Fix potential isdn ioctl memory overrun See CVE-2007-6151 * cramfs-check-block-length.dpatch [SECURITY] Add a sanity check of the block length in cramfs_readpage to avoid a potential oops condition See CVE-2006-5823 * ext2-skip-pages-past-num-blocks.dpatch [SECURITY] Add some sanity checking for a corrupted i_size in ext2_find_entry() See CVE-2006-6054 * minixfs-printk-hang.dpatch [SECURITY] Rate-limit printks caused by accessing a corrupted minixfs filesystem that would otherwise cause a system to hang (printk storm) See CVE-2006-6058 * isdn-net-overflow.dpatch [SECURITY] Fix potential overflows in the ISDN subsystem See CVE-2007-6063 * prevent-stack-growth-into-hugetlb-region.dpatch [SECURITY] Prevent OOPS during stack expansion when the VMA crosses into address space reserved for hugetlb pages. See CVE-2007-3739 * cifs-honor-umask.dpatch [SECURITY] Make CIFS honor a process' umask See CVE-2007-3740 * hugetlb-prio_tree-unit-fix.dpatch [SECURITY] Fix misconversion of hugetlb_vmtruncate_list to prio_tree which could be used to trigger a BUG_ON() call in exit_mmap. See CVE-2007-4133 * amd64-zero-extend-32bit-ptrace.dpatch [SECURITY] Zero extend all registers after ptrace in 32-bit entry path. See CVE-2007-4573 * usb-pwc-disconnect-block.dpatch [SECURITY] Fix issue with unplugging webcams that use the pwc driver. If userspace still has the device open it can result, the driver would wait for the device to close, blocking the USB subsystem. See CVE-2007-5093 * powerpc-chrp-null-deref.dpatch [SECURITY][powerpc] Fix NULL pointer dereference if get_property fails on the subarchitecture See CVE-2007-6694 * random-bound-check-ordering.dpatch [SECURITY] Fix stack-based buffer overflow in the random number generator See CVE-2007-3105 * mmap-VM_DONTEXPAND.dpatch [SECURITY] Add VM_DONTEXPAND to vm_flags in drivers that register a fault handler but do not bounds check the offset argument See CVE-2008-0007 Files: 088234b948dd74a6c869f743a5346a54 1036 devel optional kernel-image-2.6.8-sparc_2.6.8-16sarge1.dsc 676fdb7a2c0cb66cd6c13a75b836f755 32414 devel optional kernel-image-2.6.8-sparc_2.6.8-16sarge1.tar.gz 54cdf0c85119d5a049164705e54a24d9 2896286 devel optional kernel-headers-2.6.8-4_2.6.8-16sarge1_sparc.deb ccfa57772f57fc041c7e2f52fc09216c 116254 devel optional kernel-headers-2.6.8-4-sparc32_2.6.8-16sarge1_sparc.deb 2df1caceab9295aca03f8efb9abfa33a 4563634 base optional kernel-image-2.6.8-4-sparc32_2.6.8-16sarge1_sparc.deb ed82830f3020847472660683d0a8b5cd 150948 devel optional kernel-headers-2.6.8-4-sparc64_2.6.8-16sarge1_sparc.deb 1833928627fd502581b283c8d508b423 7449244 base optional kernel-image-2.6.8-4-sparc64_2.6.8-16sarge1_sparc.deb 0170da5a8e3a7179073a6ee42fe41b27 151548 devel optional kernel-headers-2.6.8-4-sparc64-smp_2.6.8-16sarge1_sparc.deb 2c30dc864de96d05d0a3426b36c26d3a 7645904 base optional kernel-image-2.6.8-4-sparc64-smp_2.6.8-16sarge1_sparc.deb 5866644f6a69cd14120b2f27b936097e 10856 devel optional kernel-build-2.6.8-4_2.6.8-16sarge1_sparc.deb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (GNU/Linux) iD8DBQFHvNpKhuANDBmkLRkRAoEBAJoDDu89i+N3Ad5JPRtWidgxiwjGkgCdFoX7 OdOKxFzW4xj4Y/KOM+cDm7A= =muZi -----END PGP SIGNATURE----- Accepted: kernel-build-2.6.8-4_2.6.8-16sarge1_sparc.deb to pool/main/k/kernel-image-2.6.8-sparc/kernel-build-2.6.8-4_2.6.8-16sarge1_sparc.deb kernel-headers-2.6.8-4-sparc32_2.6.8-16sarge1_sparc.deb to pool/main/k/kernel-image-2.6.8-sparc/kernel-headers-2.6.8-4-sparc32_2.6.8-16sarge1_sparc.deb kernel-headers-2.6.8-4-sparc64-smp_2.6.8-16sarge1_sparc.deb to pool/main/k/kernel-image-2.6.8-sparc/kernel-headers-2.6.8-4-sparc64-smp_2.6.8-16sarge1_sparc.deb kernel-headers-2.6.8-4-sparc64_2.6.8-16sarge1_sparc.deb to pool/main/k/kernel-image-2.6.8-sparc/kernel-headers-2.6.8-4-sparc64_2.6.8-16sarge1_sparc.deb kernel-headers-2.6.8-4_2.6.8-16sarge1_sparc.deb to pool/main/k/kernel-image-2.6.8-sparc/kernel-headers-2.6.8-4_2.6.8-16sarge1_sparc.deb kernel-image-2.6.8-4-sparc32_2.6.8-16sarge1_sparc.deb to pool/main/k/kernel-image-2.6.8-sparc/kernel-image-2.6.8-4-sparc32_2.6.8-16sarge1_sparc.deb kernel-image-2.6.8-4-sparc64-smp_2.6.8-16sarge1_sparc.deb to pool/main/k/kernel-image-2.6.8-sparc/kernel-image-2.6.8-4-sparc64-smp_2.6.8-16sarge1_sparc.deb kernel-image-2.6.8-4-sparc64_2.6.8-16sarge1_sparc.deb to pool/main/k/kernel-image-2.6.8-sparc/kernel-image-2.6.8-4-sparc64_2.6.8-16sarge1_sparc.deb kernel-image-2.6.8-sparc_2.6.8-16sarge1.dsc to pool/main/k/kernel-image-2.6.8-sparc/kernel-image-2.6.8-sparc_2.6.8-16sarge1.dsc kernel-image-2.6.8-sparc_2.6.8-16sarge1.tar.gz to pool/main/k/kernel-image-2.6.8-sparc/kernel-image-2.6.8-sparc_2.6.8-16sarge1.tar.gz