-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Format: 1.7 Date: Tue, 19 Feb 2008 20:54:09 -0700 Source: kernel-patch-powerpc-2.6.8 Binary: kernel-image-2.6.8-4-power4 kernel-build-2.6.8-4-power3-smp kernel-build-2.6.8-4-power4-smp kernel-build-2.6.8-4-powerpc-smp kernel-build-2.6.8-4-power3 kernel-image-2.6.8-4-power4-smp kernel-image-2.6.8-4-powerpc kernel-image-2.6.8-4-powerpc-smp kernel-build-2.6.8-4-power4 kernel-image-2.6.8-4-power3 kernel-headers-2.6.8-4 kernel-build-2.6.8-4-powerpc kernel-image-2.6.8-4-power3-smp Architecture: source powerpc Version: 2.6.8-13sarge1 Distribution: oldstable-security Urgency: high Maintainer: Debian Kernel Team <debian-kernel@lists.debian.org> Changed-By: dann frazier <dannf@debian.org> Description: kernel-build-2.6.8-4-power3 - build infrastructure for kernel version 2.6.8-4-power3 kernel-build-2.6.8-4-power3-smp - build infrastructure for kernel version 2.6.8-4-power3-smp kernel-build-2.6.8-4-power4 - build infrastructure for kernel version 2.6.8-4-power4 kernel-build-2.6.8-4-power4-smp - build infrastructure for kernel version 2.6.8-4-power4-smp kernel-build-2.6.8-4-powerpc - build infrastructure for kernel version 2.6.8-4-powerpc kernel-build-2.6.8-4-powerpc-smp - build infrastructure for kernel version 2.6.8-4-powerpc-smp kernel-headers-2.6.8-4 - header files for the Linux kernel version 2.6.8-4 kernel-image-2.6.8-4-power3 - Linux kernel image for 2.6.8-4-power3 kernel-image-2.6.8-4-power3-smp - Linux kernel image for 2.6.8-4-power3-smp kernel-image-2.6.8-4-power4 - Linux kernel image for 2.6.8-4-power4 kernel-image-2.6.8-4-power4-smp - Linux kernel image for 2.6.8-4-power4-smp kernel-image-2.6.8-4-powerpc - Linux kernel image for 2.6.8-4-powerpc kernel-image-2.6.8-4-powerpc-smp - Linux kernel image for 2.6.8-4-powerpc-smp Changes: kernel-patch-powerpc-2.6.8 (2.6.8-13sarge1) oldstable-security; urgency=high . * Rebuild against kernel-tree-2.6.8-17sarge1 * compat_sys_mount-NULL-data_page.dpatch [SECURITY] Fix oops in compat_sys_mount triggered by NULL data_page See CVE-2006-7203 * pppoe-socket-release-mem-leak.dpatch [SECURITY] fix unpriveleged memory leak when a PPPoE socket is released after connect but before PPPIOCGCHAN ioctl is called upon it See CVE-2007-2525 * dn_fib-out-of-bounds.dpatch, ipv4-fib_props-out-of-bounds.dpatch [SECURITY] Fix out of bounds condition in dn_fib_props[] See CVE-2007-2172 * aacraid-ioctl-perm-check.dpatch [SECURITY] Require admin capabilities to issue ioctls to aacraid devices See CVE-2007-4308 * reset-pdeathsig-on-suid.dpatch [SECURITY] Fix potential privilege escalation caused by improper clearing of the child process' pdeath signal. See CVE-2007-3848 * bluetooth-l2cap-hci-info-leaks.dpatch [SECURITY] Fix information leaks in setsockopt() implementations See CVE-2007-1353 * coredump-only-to-same-uid.dpatch [SECURITY] Fix an issue where core dumping over a file that already exists retains the ownership of the original file See CVE-2007-6206 * i4l-isdn_ioctl-mem-overrun.dpatch [SECURITY] Fix potential isdn ioctl memory overrun See CVE-2007-6151 * cramfs-check-block-length.dpatch [SECURITY] Add a sanity check of the block length in cramfs_readpage to avoid a potential oops condition See CVE-2006-5823 * ext2-skip-pages-past-num-blocks.dpatch [SECURITY] Add some sanity checking for a corrupted i_size in ext2_find_entry() See CVE-2006-6054 * minixfs-printk-hang.dpatch [SECURITY] Rate-limit printks caused by accessing a corrupted minixfs filesystem that would otherwise cause a system to hang (printk storm) See CVE-2006-6058 * isdn-net-overflow.dpatch [SECURITY] Fix potential overflows in the ISDN subsystem See CVE-2007-6063 * prevent-stack-growth-into-hugetlb-region.dpatch [SECURITY] Prevent OOPS during stack expansion when the VMA crosses into address space reserved for hugetlb pages. See CVE-2007-3739 * cifs-honor-umask.dpatch [SECURITY] Make CIFS honor a process' umask See CVE-2007-3740 * hugetlb-prio_tree-unit-fix.dpatch [SECURITY] Fix misconversion of hugetlb_vmtruncate_list to prio_tree which could be used to trigger a BUG_ON() call in exit_mmap. See CVE-2007-4133 * amd64-zero-extend-32bit-ptrace.dpatch [SECURITY] Zero extend all registers after ptrace in 32-bit entry path. See CVE-2007-4573 * usb-pwc-disconnect-block.dpatch [SECURITY] Fix issue with unplugging webcams that use the pwc driver. If userspace still has the device open it can result, the driver would wait for the device to close, blocking the USB subsystem. See CVE-2007-5093 * powerpc-chrp-null-deref.dpatch [SECURITY][powerpc] Fix NULL pointer dereference if get_property fails on the subarchitecture See CVE-2007-6694 * random-bound-check-ordering.dpatch [SECURITY] Fix stack-based buffer overflow in the random number generator See CVE-2007-3105 * mmap-VM_DONTEXPAND.dpatch [SECURITY] Add VM_DONTEXPAND to vm_flags in drivers that register a fault handler but do not bounds check the offset argument See CVE-2008-0007 Files: 39e866b6617c57f4acf7e06d3b7ae82e 1071 devel optional kernel-patch-powerpc-2.6.8_2.6.8-13sarge1.dsc 406db278e655291be89254da5a4e15f8 32565 devel optional kernel-patch-powerpc-2.6.8_2.6.8-13sarge1.tar.gz 2f57ad5241d60f31e262541b1b9bf08a 5153168 devel optional kernel-headers-2.6.8-4_2.6.8-13sarge1_powerpc.deb 0ddb46fa72e94a9018eccfd3d2f0b40c 13599558 base optional kernel-image-2.6.8-4-power3_2.6.8-13sarge1_powerpc.deb 719ae014adea5b6a7c3c36b2b0e268ed 412788 devel optional kernel-build-2.6.8-4-power3_2.6.8-13sarge1_powerpc.deb 46a1861b3cd33737bdd60a0f72f397c4 13953866 base optional kernel-image-2.6.8-4-power3-smp_2.6.8-13sarge1_powerpc.deb 584de35626e4445772f28341560aae76 412708 devel optional kernel-build-2.6.8-4-power3-smp_2.6.8-13sarge1_powerpc.deb 0f334a6487d58f02b75f9102641d4541 13583634 base optional kernel-image-2.6.8-4-power4_2.6.8-13sarge1_powerpc.deb 0334c1128e3e843ebc68963633480ba4 412034 devel optional kernel-build-2.6.8-4-power4_2.6.8-13sarge1_powerpc.deb 153a4ba86086ae315977b069a3c8fa3c 13943782 base optional kernel-image-2.6.8-4-power4-smp_2.6.8-13sarge1_powerpc.deb bcf255c3858b2d9a01bbbb2b7c25aff2 411974 devel optional kernel-build-2.6.8-4-power4-smp_2.6.8-13sarge1_powerpc.deb e6762f501e5422e23f023b79037a8ca5 13616728 base optional kernel-image-2.6.8-4-powerpc_2.6.8-13sarge1_powerpc.deb 228e63e6d49179b0dc802b903b1b52e4 412382 devel optional kernel-build-2.6.8-4-powerpc_2.6.8-13sarge1_powerpc.deb f012b664fbc58bfcdfbba594d38bc855 13873214 base optional kernel-image-2.6.8-4-powerpc-smp_2.6.8-13sarge1_powerpc.deb a761c81f7e2c38637fecefeb197f8a5b 412136 devel optional kernel-build-2.6.8-4-powerpc-smp_2.6.8-13sarge1_powerpc.deb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (GNU/Linux) iD8DBQFHvNtChuANDBmkLRkRAkv9AJ9H+qikTDF1uQtoSTC9JLPeWs83ugCfXQUl 2RI7njD3Csl37uB7Rvd3um0= =ZGTN -----END PGP SIGNATURE----- Accepted: kernel-build-2.6.8-4-power3-smp_2.6.8-13sarge1_powerpc.deb to pool/main/k/kernel-patch-powerpc-2.6.8/kernel-build-2.6.8-4-power3-smp_2.6.8-13sarge1_powerpc.deb kernel-build-2.6.8-4-power3_2.6.8-13sarge1_powerpc.deb to pool/main/k/kernel-patch-powerpc-2.6.8/kernel-build-2.6.8-4-power3_2.6.8-13sarge1_powerpc.deb kernel-build-2.6.8-4-power4-smp_2.6.8-13sarge1_powerpc.deb to pool/main/k/kernel-patch-powerpc-2.6.8/kernel-build-2.6.8-4-power4-smp_2.6.8-13sarge1_powerpc.deb kernel-build-2.6.8-4-power4_2.6.8-13sarge1_powerpc.deb to pool/main/k/kernel-patch-powerpc-2.6.8/kernel-build-2.6.8-4-power4_2.6.8-13sarge1_powerpc.deb kernel-build-2.6.8-4-powerpc-smp_2.6.8-13sarge1_powerpc.deb to pool/main/k/kernel-patch-powerpc-2.6.8/kernel-build-2.6.8-4-powerpc-smp_2.6.8-13sarge1_powerpc.deb kernel-build-2.6.8-4-powerpc_2.6.8-13sarge1_powerpc.deb to pool/main/k/kernel-patch-powerpc-2.6.8/kernel-build-2.6.8-4-powerpc_2.6.8-13sarge1_powerpc.deb kernel-headers-2.6.8-4_2.6.8-13sarge1_powerpc.deb to pool/main/k/kernel-patch-powerpc-2.6.8/kernel-headers-2.6.8-4_2.6.8-13sarge1_powerpc.deb kernel-image-2.6.8-4-power3-smp_2.6.8-13sarge1_powerpc.deb to pool/main/k/kernel-patch-powerpc-2.6.8/kernel-image-2.6.8-4-power3-smp_2.6.8-13sarge1_powerpc.deb kernel-image-2.6.8-4-power3_2.6.8-13sarge1_powerpc.deb to pool/main/k/kernel-patch-powerpc-2.6.8/kernel-image-2.6.8-4-power3_2.6.8-13sarge1_powerpc.deb kernel-image-2.6.8-4-power4-smp_2.6.8-13sarge1_powerpc.deb to pool/main/k/kernel-patch-powerpc-2.6.8/kernel-image-2.6.8-4-power4-smp_2.6.8-13sarge1_powerpc.deb kernel-image-2.6.8-4-power4_2.6.8-13sarge1_powerpc.deb to pool/main/k/kernel-patch-powerpc-2.6.8/kernel-image-2.6.8-4-power4_2.6.8-13sarge1_powerpc.deb kernel-image-2.6.8-4-powerpc-smp_2.6.8-13sarge1_powerpc.deb to pool/main/k/kernel-patch-powerpc-2.6.8/kernel-image-2.6.8-4-powerpc-smp_2.6.8-13sarge1_powerpc.deb kernel-image-2.6.8-4-powerpc_2.6.8-13sarge1_powerpc.deb to pool/main/k/kernel-patch-powerpc-2.6.8/kernel-image-2.6.8-4-powerpc_2.6.8-13sarge1_powerpc.deb kernel-patch-powerpc-2.6.8_2.6.8-13sarge1.dsc to pool/main/k/kernel-patch-powerpc-2.6.8/kernel-patch-powerpc-2.6.8_2.6.8-13sarge1.dsc kernel-patch-powerpc-2.6.8_2.6.8-13sarge1.tar.gz to pool/main/k/kernel-patch-powerpc-2.6.8/kernel-patch-powerpc-2.6.8_2.6.8-13sarge1.tar.gz