-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Format: 1.7 Date: Mon, 18 Feb 2008 04:29:46 -0700 Source: kernel-patch-2.4.27-mips Binary: kernel-headers-2.4.27 kernel-image-2.4.27-sb1-swarm-bn mips-tools kernel-image-2.4.27-r4k-kn04 kernel-image-2.4.27-r4k-ip22 kernel-image-2.4.27-xxs1500 kernel-image-2.4.27-r5k-lasat kernel-image-2.4.27-r3k-kn02 kernel-image-2.4.27-r5k-cobalt kernel-image-2.4.27-r5k-ip22 Architecture: source i386 Version: 2.4.27-10.sarge4.040815-3 Distribution: oldstable-security Urgency: high Maintainer: Debian kernel team <debian-kernel@lists.debian.org> Changed-By: dann frazier <dannf@debian.org> Description: mips-tools - mips specific kernel tools Changes: kernel-patch-2.4.27-mips (2.4.27-10.sarge4.040815-3) oldstable-security; urgency=high . * Build against kernel-tree-2.4.27-10sarge6: * 239_mincore-hang.diff [SECURITY] Fix a potential deadlock in mincore See CVE-2006-4814 * [ERRATA] 240_smbfs-honor-mount-opts-2.diff Fix some regressions with respect to file types (e.g., symlinks) introduced by the fix for CVE-2006-5871 in 2.4.27-10sarge5 * 241_bluetooth-capi-size-checks.diff [SECURITY] Add additional length checks to avoid potential remote DoS attacks in the handling of CAPI messages in the bluetooth driver See CVE-2006-6106 * 242_ext3-fsfuzz.diff [SECURITY] Fix a DoS vulnerability that can be triggered by a local user with the ability to mount a corrupted ext3 filesystem See CVE-2006-6053 * 243_ipv6_fl_socklist-no-share.diff [SECURITY] Fix local DoS vulnerability caused by inadvertently sharing ipv6_fl_socklist between the listening socket and the socket created for connection. See CVE-2007-1592 * 244_bluetooth-l2cap-hci-info-leaks.diff 245_bluetooth-l2cap-hci-info-leaks-2.diff [SECURITY] Fix information leaks in setsockopt() implementations See CVE-2007-1353 * 246_dn_fib-out-of-bounds.diff 266_ipv4-fib_props-out-of-bounds.diff 267_ipv4-fib_props-out-of-bounds-2.diff [SECURITY] Fix out of bounds condition in dn_fib_props[] See CVE-2007-2172 * 247_reset-pdeathsig-on-suid.diff [SECURITY] Fix potential privilege escalation caused by improper clearing of the child process' pdeath signal. Thanks to Marcel Holtmann for the patch. See CVE-2007-3848 * 248_random-reseed-sizeof-fix.diff [SECURITY] Fix a bug in the random driver reseeding code that reduces entropy by reseeding a smaller buffer size than expected See CVE-2007-4311 * 249_openpromfs-signedness-bug.diff 250_openpromfs-checks-1.diff 251_openpromfs-checks-2.diff 252_openpromfs-checks-3.diff [SECURITY] Fix a number of data checks in openprom code See CVE-2004-2731 * 253_coredump-only-to-same-uid.diff [SECURITY] Fix an issue where core dumping over a file that already exists retains the ownership of the original file See CVE-2007-6206 * 254_cramfs-check-block-length.diff [SECURITY] Add a sanity check of the block length in cramfs_readpage to avoid a potential oops condition See CVE-2006-5823 * 255_pppoe-socket-release-mem-leak.diff [SECURITY] fix unpriveleged memory leak when a PPPoE socket is released after connect but before PPPIOCGCHAN ioctl is called upon it See CVE-2007-2525 * 256_i4l-isdn_ioctl-mem-overrun.diff [SECURITY] Fix potential isdn ioctl memory overrun See CVE-2007-6151 * 257_isdn-net-overflow.diff [SECURITY] Fix potential overflows in the ISDN subsystem See CVE-2007-6063 * 258_ext2_readdir-f_pos-fix.diff, 259_ext2_readdir-infinite-loop.diff, 260_ext2-skip-pages-past-num-blocks.diff [SECURITY] Add some sanity checking for a corrupted i_size in ext2_find_entry() See CVE-2006-6054 * 261_listxattr-mem-corruption.diff [SECURITY] Fix userspace corruption vulnerability caused by incorrectly promoted return values in bad_inode_ops This patches changes the kernel ABI. See CVE-2006-5753 * 262_aacraid-ioctl-perm-check.diff [SECURITY] Require admin capabilities to issue ioctls to aacraid devices See CVE-2007-4308 * 263_usb-pwc-disconnect-block.diff [SECURITY] Fix issue with unplugging webcams that use the pwc driver. If userspace still has the device open it can result, the driver would wait for the device to close, blocking the USB subsystem. See CVE-2007-5093 * 264_mmap-VM_DONTEXPAND.diff [SECURITY] Add VM_DONTEXPAND to vm_flags in drivers that register a fault handler but do not bounds check the offset argument See CVE-2008-0007 * 265_powerpc-chrp-null-deref.diff [SECURITY][powerpc] Fix NULL pointer dereference if get_property fails on the subarchitecture See CVE-2007-6694 Files: 2930e25b0b2978c257ea94b7c0f385f4 1050 devel optional kernel-patch-2.4.27-mips_2.4.27-10.sarge4.040815-3.dsc a95d863d77233921e79185c3dac62f94 310504 devel optional kernel-patch-2.4.27-mips_2.4.27-10.sarge4.040815-3.tar.gz 2811fbff5ff6904b4100d713b48ccffc 17980 devel optional mips-tools_2.4.27-10.sarge4.040815-3_i386.deb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (GNU/Linux) iD8DBQFHvNqXhuANDBmkLRkRAjh2AJ9+YteC9TSlupoauP3QRa5/6LiFFwCcCgqs OlrslqxtiDnDIqIcZrhmmEQ= =gEZ+ -----END PGP SIGNATURE----- Accepted: kernel-patch-2.4.27-mips_2.4.27-10.sarge4.040815-3.dsc to pool/main/k/kernel-patch-2.4.27-mips/kernel-patch-2.4.27-mips_2.4.27-10.sarge4.040815-3.dsc kernel-patch-2.4.27-mips_2.4.27-10.sarge4.040815-3.tar.gz to pool/main/k/kernel-patch-2.4.27-mips/kernel-patch-2.4.27-mips_2.4.27-10.sarge4.040815-3.tar.gz mips-tools_2.4.27-10.sarge4.040815-3_i386.deb to pool/main/k/kernel-patch-2.4.27-mips/mips-tools_2.4.27-10.sarge4.040815-3_i386.deb