-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.7
Date: Wed, 13 Sep 2006 21:33:51 -0600
Source: kernel-source-2.4.27
Binary: kernel-tree-2.4.27 kernel-source-2.4.27 kernel-patch-debian-2.4.27 kernel-doc-2.4.27
Architecture: source all
Version: 2.4.27-10sarge4
Distribution: stable-security
Urgency: high
Maintainer: Debian Kernel Team <debian-kernel@lists.debian.org>
Changed-By: dann frazier <dannf@debian.org>
Description:
kernel-doc-2.4.27 - Linux kernel specific documentation for version 2.4.27
kernel-patch-debian-2.4.27 - Debian patches to Linux 2.4.27
kernel-source-2.4.27 - Linux kernel source for version 2.4.27 with Debian patches
kernel-tree-2.4.27 - Linux kernel source tree for building Debian kernel images
Changes:
kernel-source-2.4.27 (2.4.27-10sarge4) stable-security; urgency=high
.
* [ERRATA] 213_madvise_remove-restrict.diff
[SECURITY] The 2.4.27-10sarge3 changelog associated this patch with
CVE-2006-1524. However, this patch fixes an mprotect issue that was
split off from the original report into CVE-2006-2071. 2.4.27 is not
vulnerable to CVE-2006-1524 the madvise_remove issue.
See CVE-2006-2071
* 223_nfs-handle-long-symlinks.diff
[SECURITY] Fix buffer overflow in NFS readline handling that allows a
remote server to cause a denial of service (crash) via a long symlink
See CVE-2005-4798
* 224_cdrom-bad-cgc.buflen-assign.diff
[SECURITY] Fix buffer overflow in dvd_read_bca which could potentially
be used by a local user to trigger a buffer overflow via a specially
crafted DVD, USB stick, or similar automatically mounted device.
See CVE-2006-2935
* 225_sg-no-mmap-VM_IO.diff
[SECURITY] Fix DoS vulnerability whereby a local user could attempt
a dio/mmap and cause the sg driver to oops.
See CVE-2006-1528
* 226_snmp-nat-mem-corruption-fix.diff
[SECURITY] Fix memory corruption in snmp_trap_decode
See CVE-2006-2444
* 227_kfree_skb.diff
[SECURITY] Fix race between kfree_skb and __skb_unlink
See CVE-2006-2446
* 228_sparc-mb-extraneous-semicolons.diff
Fix a syntax error caused by extranous semicolons in smp_mb() macros
which resulted in a build failure with 227_kfree_skb.diff
* 229_sctp-priv-elevation.diff, 230_sctp-priv-elevation-2.diff
[SECURITY] Fix SCTP privelege escalation
See CVE-2006-3745
* 231_udf-deadlock.diff
[SECURITY] Fix possible UDF deadlock and memory corruption
See CVE-2006-4145
* 232_sparc-membar-extraneous-semicolons.diff
Fix an additional syntax error caused by extraneous semicolons
in membar macros on sparc
Files:
0a2336025f8cbcfc621ba50b9660a7bf 900 devel optional kernel-source-2.4.27_2.4.27-10sarge4.dsc
b5b22b68654428a9da5b966b913c752a 748331 devel optional kernel-source-2.4.27_2.4.27-10sarge4.diff.gz
80d41a68d88ee856986bb8bcfe9bc793 700932 devel optional kernel-patch-debian-2.4.27_2.4.27-10sarge4_all.deb
02b22e7928c2c1492ac09027470522d5 3581526 doc optional kernel-doc-2.4.27_2.4.27-10sarge4_all.deb
534b6b2271445072053134883c3d751d 31037234 devel optional kernel-source-2.4.27_2.4.27-10sarge4_all.deb
ea7848043c9df3a95da9e5095da5893b 27318 devel optional kernel-tree-2.4.27_2.4.27-10sarge4_all.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (GNU/Linux)
iD8DBQFFCPB6huANDBmkLRkRAhYfAJ4y+9wtA6k/CNgtMVXC+NZO3rI1/gCfRVKr
Jb5Yn+P20FZaUW24hqPPcvU=
=ufT+
-----END PGP SIGNATURE-----
Accepted:
kernel-doc-2.4.27_2.4.27-10sarge4_all.deb
to pool/main/k/kernel-source-2.4.27/kernel-doc-2.4.27_2.4.27-10sarge4_all.deb
kernel-patch-debian-2.4.27_2.4.27-10sarge4_all.deb
to pool/main/k/kernel-source-2.4.27/kernel-patch-debian-2.4.27_2.4.27-10sarge4_all.deb
kernel-source-2.4.27_2.4.27-10sarge4.diff.gz
to pool/main/k/kernel-source-2.4.27/kernel-source-2.4.27_2.4.27-10sarge4.diff.gz
kernel-source-2.4.27_2.4.27-10sarge4.dsc
to pool/main/k/kernel-source-2.4.27/kernel-source-2.4.27_2.4.27-10sarge4.dsc
kernel-source-2.4.27_2.4.27-10sarge4_all.deb
to pool/main/k/kernel-source-2.4.27/kernel-source-2.4.27_2.4.27-10sarge4_all.deb
kernel-tree-2.4.27_2.4.27-10sarge4_all.deb
to pool/main/k/kernel-source-2.4.27/kernel-tree-2.4.27_2.4.27-10sarge4_all.deb
