Debian Package Tracker

From: dann frazier <dannf@debian.org>
To: <debian-changes@lists.debian.org>
Subject: Accepted kernel-source-2.6.8 2.6.8-17sarge1 (source all)
Date: Wed, 27 Feb 2008 07:52:42 +0000
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.7
Date: Tue, 19 Feb 2008 00:49:53 -0700
Source: kernel-source-2.6.8
Binary: kernel-source-2.6.8 kernel-doc-2.6.8 kernel-tree-2.6.8 kernel-patch-debian-2.6.8
Architecture: source all
Version: 2.6.8-17sarge1
Distribution: oldstable-security
Urgency: high
Maintainer: Debian kernel team <debian-kernel@lists.debian.org>
Changed-By: dann frazier <dannf@debian.org>
Description: 
 kernel-doc-2.6.8 - Linux kernel specific documentation for version 2.6.8
 kernel-patch-debian-2.6.8 - Debian patches to Linux 2.6.8
 kernel-source-2.6.8 - Linux kernel source for version 2.6.8 with Debian patches
 kernel-tree-2.6.8 - Linux kernel source tree for building Debian kernel images
Changes: 
 kernel-source-2.6.8 (2.6.8-17sarge1) oldstable-security; urgency=high
 .
   * compat_sys_mount-NULL-data_page.dpatch
     [SECURITY] Fix oops in compat_sys_mount triggered by NULL data_page
     See CVE-2006-7203
   * pppoe-socket-release-mem-leak.dpatch
     [SECURITY] fix unpriveleged memory leak when a PPPoE socket is released
     after connect but before PPPIOCGCHAN ioctl is called upon it
     See CVE-2007-2525
   * dn_fib-out-of-bounds.dpatch, ipv4-fib_props-out-of-bounds.dpatch
     [SECURITY] Fix out of bounds condition in dn_fib_props[]
     See CVE-2007-2172
   * aacraid-ioctl-perm-check.dpatch
     [SECURITY] Require admin capabilities to issue ioctls to aacraid devices
     See CVE-2007-4308
   * reset-pdeathsig-on-suid.dpatch
     [SECURITY] Fix potential privilege escalation caused by improper
     clearing of the child process' pdeath signal.
     See CVE-2007-3848
   * bluetooth-l2cap-hci-info-leaks.dpatch
     [SECURITY] Fix information leaks in setsockopt() implementations
     See CVE-2007-1353
   * coredump-only-to-same-uid.dpatch
     [SECURITY] Fix an issue where core dumping over a file that
     already exists retains the ownership of the original file
     See CVE-2007-6206
   * i4l-isdn_ioctl-mem-overrun.dpatch
     [SECURITY] Fix potential isdn ioctl memory overrun
     See CVE-2007-6151
   * cramfs-check-block-length.dpatch
     [SECURITY] Add a sanity check of the block length in cramfs_readpage to
     avoid a potential oops condition
     See CVE-2006-5823
   * ext2-skip-pages-past-num-blocks.dpatch
     [SECURITY] Add some sanity checking for a corrupted i_size in
     ext2_find_entry()
     See CVE-2006-6054
   * minixfs-printk-hang.dpatch
     [SECURITY] Rate-limit printks caused by accessing a corrupted minixfs
     filesystem that would otherwise cause a system to hang (printk storm)
     See CVE-2006-6058
   * isdn-net-overflow.dpatch
     [SECURITY] Fix potential overflows in the ISDN subsystem
     See CVE-2007-6063
   * prevent-stack-growth-into-hugetlb-region.dpatch
     [SECURITY] Prevent OOPS during stack expansion when the VMA crosses
     into address space reserved for hugetlb pages.
     See CVE-2007-3739
   * cifs-honor-umask.dpatch
     [SECURITY] Make CIFS honor a process' umask
     See CVE-2007-3740
   * hugetlb-prio_tree-unit-fix.dpatch
     [SECURITY] Fix misconversion of hugetlb_vmtruncate_list to prio_tree
     which could be used to trigger a BUG_ON() call in exit_mmap.
     See CVE-2007-4133
   * amd64-zero-extend-32bit-ptrace.dpatch
     [SECURITY] Zero extend all registers after ptrace in 32-bit entry path.
     See CVE-2007-4573
   * usb-pwc-disconnect-block.dpatch
     [SECURITY] Fix issue with unplugging webcams that use the pwc driver.
     If userspace still has the device open it can result, the driver would
     wait for the device to close, blocking the USB subsystem.
     See CVE-2007-5093
   * powerpc-chrp-null-deref.dpatch
     [SECURITY][powerpc] Fix NULL pointer dereference if get_property
     fails on the subarchitecture
     See CVE-2007-6694
   * random-bound-check-ordering.dpatch
     [SECURITY] Fix stack-based buffer overflow in the random number
     generator
     See CVE-2007-3105
   * mmap-VM_DONTEXPAND.dpatch
     [SECURITY] Add VM_DONTEXPAND to vm_flags in drivers that register
     a fault handler but do not bounds check the offset argument
     See CVE-2008-0007
Files: 
 0a956bc9d48251885d52d4b4d4b07310 1002 devel optional kernel-source-2.6.8_2.6.8-17sarge1.dsc
 d0e37e157fd2c4a9889222377ae6a956 1124155 devel optional kernel-source-2.6.8_2.6.8-17sarge1.diff.gz
 dfc3e12e6e7739c91c17e150a7242fa2 1194926 devel optional kernel-patch-debian-2.6.8_2.6.8-17sarge1_all.deb
 ece884d31c0a9bd290d467f00973252e 34955480 devel optional kernel-source-2.6.8_2.6.8-17sarge1_all.deb
 12ee237ef5816a9c1f87697a0397802a 39758 devel optional kernel-tree-2.6.8_2.6.8-17sarge1_all.deb
 e7e672dd30a416f98fb8dd3ead7e938b 6190062 doc optional kernel-doc-2.6.8_2.6.8-17sarge1_all.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)

iD8DBQFHvMvShuANDBmkLRkRAqznAJ4zdJObSmJugMy2WfVx5U+L3rc9pgCfTdVo
E9JWu2KjbgfYvK4/RyY87bg=
=TZKv
-----END PGP SIGNATURE-----


Accepted:
kernel-doc-2.6.8_2.6.8-17sarge1_all.deb
  to pool/main/k/kernel-source-2.6.8/kernel-doc-2.6.8_2.6.8-17sarge1_all.deb
kernel-patch-debian-2.6.8_2.6.8-17sarge1_all.deb
  to pool/main/k/kernel-source-2.6.8/kernel-patch-debian-2.6.8_2.6.8-17sarge1_all.deb
kernel-source-2.6.8_2.6.8-17sarge1.diff.gz
  to pool/main/k/kernel-source-2.6.8/kernel-source-2.6.8_2.6.8-17sarge1.diff.gz
kernel-source-2.6.8_2.6.8-17sarge1.dsc
  to pool/main/k/kernel-source-2.6.8/kernel-source-2.6.8_2.6.8-17sarge1.dsc
kernel-source-2.6.8_2.6.8-17sarge1_all.deb
  to pool/main/k/kernel-source-2.6.8/kernel-source-2.6.8_2.6.8-17sarge1_all.deb
kernel-tree-2.6.8_2.6.8-17sarge1_all.deb
  to pool/main/k/kernel-source-2.6.8/kernel-tree-2.6.8_2.6.8-17sarge1_all.deb
News for package kernel-source-2.6.8
