-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Format: 1.7 Date: Wed, 30 Nov 2005 20:56:54 +0900 Source: kernel-source-2.4.27 Binary: kernel-tree-2.4.27 kernel-source-2.4.27 kernel-patch-debian-2.4.27 kernel-doc-2.4.27 Architecture: source all Version: 2.4.27-12 Distribution: unstable Urgency: low Maintainer: Debian Kernel Team <debian-kernel@lists.debian.org> Changed-By: Simon Horman <horms@verge.net.au> Description: kernel-doc-2.4.27 - Linux kernel specific documentation for version 2.4.27 kernel-patch-debian-2.4.27 - Debian patches to Linux 2.4.27 kernel-source-2.4.27 - Linux kernel source for version 2.4.27 with Debian patches kernel-tree-2.4.27 - Linux kernel source tree for building Debian kernel images Closes: 252187 255406 324591 325871 328707 329354 Changes: kernel-source-2.4.27 (2.4.27-12) unstable; urgency=low . [ Simon Horman ] * 184_arch-x86_64-ia32-ptrace32-oops.diff [Security, x86_64] 32 bit ltrace oops when tracing 64 bit executable http://lkml.org/lkml/2005/1/5/245 http://linux.bkbits.net:8080/linux-2.4/cset@41dd3455GwQPufrGvBJjcUOXQa3WXA See CAN-2005-2553 . * 185_net-sockglue-cap.diff [Security] Restrict socket policy loading to CAP_NET_ADMIN. From 2.6.12.6 See CAN-2005-2555. . * control Add build dependancy on gcc-3.3 (closes: #324591) . * There was a bit of a screw up in 2.4.27-11 (by me) as 183_zisofs.diff was actually a copy of 182_linux-zlib-fixes.diff, and due to a quirk in the apply scripts, basically caused the zlib 182_linux-zlib-fixes.diff fixes to be reversed, and thus neither patch was applied. 186_linux-zlib-fixes-2.diff and 187_zisofs-2.diff resolve this problem. More information below. (closes: #325871) . * 186_linux-zlib-fixes-2.diff [Security] Fix security bugs in the Linux zlib implementations. See CAN-2005-2458, CAN-2005-2459 From 2.6.12.5 and 2.6.12.6 http://sources.redhat.com/ml/bug-gnu-utils/1999-06/msg00183.html http://bugs.gentoo.org/show_bug.cgi?id=94584 . * 187_zisofs-2.diff [Security] Check input buffer size in zisofs From 2.6.12.5 See CAN-2005-2457. What 183_zisofs.diff (incorectly annotated as zisofs.dpatch) should have been. . * 188_fix-dst-leak-in-icmp_push_reply.diff [Maybe-Security: Can remote traffic trigger this] Fix DST leak in icmp_push_reply() From 2.6.12.6 . * 189_ipv6-skb-leak.diff [Maybe-Security: Seems like a local DoS] Fix SKB leak in ip6_input_finish() From 2.6.12.6 . * 180_fs-isofs-ignored-parameters.diff isofs ignores any mount parameters after iocharset, map or session. http://lists.debian.org/debian-kernel/2005/08/msg00581.html . * 178_fs_ext2_ext3_xattr-sharing.diff Included in 2.4.27-11 is CAN-2005-2801 . * 179_net-ipv4-netfilter-ip_recent-last_pkts.diff Included in 2.4.27-11 is CAN-2005-2872 . * 190_outs-2.diff (removed 143_outs.diff): [SECURITY]: AMD64, allows local users to write to privileged IO ports via OUTS instruction See CAN-2005-0204 143_outs.diff, included in 2.4.27-11 breaks the build as IO_BITMAP_BYTES is not defined. 190_outs-2.diff should resolve this problem by defining IO_BITMAP_BYTES (closes: #329354) . * 191_build_foo.diff Fix build problems that appear to be caused by recent binutils changes (closes: #328707) . * 192_orinoco-info-leak.diff [SECURITY] orinoco: Information leakage due to incorrect padding See CAN-2005-3180 From 2.6.13.4 . * 194_xfs-inode-race.diff [SECURITY] XFS: Handle inode creation race CAN-NOMATCH Links in Patch file . * 195_net-ipv6-udp_v6_get_port-loop.diff [SECURITY] Fix infinite loop in udp_v6_get_port(). See CVE-2005-2973 . * 196_net-bridge-if_del-panic.diff Fix panic when non-existant bridge is deleted (closes: #255406) . * 197_net-plip-invalid-ioctl.diff Detect invalid ioctls in plip driver (closes: #252187) Files: 2c22e5f1e9568bd5e56de47220457b75 897 devel optional kernel-source-2.4.27_2.4.27-12.dsc 250fa245ac2ae613f9f93469ff6414a7 711050 devel optional kernel-source-2.4.27_2.4.27-12.diff.gz d58b7bb162c53ec6aae211d325086b0b 667962 devel optional kernel-patch-debian-2.4.27_2.4.27-12_all.deb 05c75067afdd26136479d447c8fbd53e 2378488 doc optional kernel-doc-2.4.27_2.4.27-12_all.deb 9f4d67baf6a6a93d2851da081734ae3d 31038516 devel optional kernel-source-2.4.27_2.4.27-12_all.deb b94bca9944e40801f698d7caaee0c667 25244 devel optional kernel-tree-2.4.27_2.4.27-12_all.deb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.2 (GNU/Linux) iD8DBQFDjbBTA8ACPgVBDpcRAv+NAJ9UjRlczttuAVA56+sWLJfyPGk9kwCeKFwR mUGjTJr2o+d0FAbcXVPLxlE= =6uuP -----END PGP SIGNATURE----- Accepted: kernel-doc-2.4.27_2.4.27-12_all.deb to pool/main/k/kernel-source-2.4.27/kernel-doc-2.4.27_2.4.27-12_all.deb kernel-patch-debian-2.4.27_2.4.27-12_all.deb to pool/main/k/kernel-source-2.4.27/kernel-patch-debian-2.4.27_2.4.27-12_all.deb kernel-source-2.4.27_2.4.27-12.diff.gz to pool/main/k/kernel-source-2.4.27/kernel-source-2.4.27_2.4.27-12.diff.gz kernel-source-2.4.27_2.4.27-12.dsc to pool/main/k/kernel-source-2.4.27/kernel-source-2.4.27_2.4.27-12.dsc kernel-source-2.4.27_2.4.27-12_all.deb to pool/main/k/kernel-source-2.4.27/kernel-source-2.4.27_2.4.27-12_all.deb kernel-tree-2.4.27_2.4.27-12_all.deb to pool/main/k/kernel-source-2.4.27/kernel-tree-2.4.27_2.4.27-12_all.deb
