-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Format: 1.7 Date: Thu, 7 Dec 2006 09:57:10 -0700 Source: systemimager Binary: systemimager-boot-i386-standard systemimager-boot-ia64-standard systemimager-client systemimager-common systemimager-doc systemimager-server systemimager-server-flamethrowerd Architecture: source all Version: 3.2.3-6sarge4 Distribution: stable-security Urgency: high Maintainer: dann frazier <dannf@debian.org> Changed-By: dann frazier <dannf@debian.org> Description: systemimager-boot-i386-standard - SystemImager boot binaries for i386 client nodes systemimager-client - Utilities for creating an image and upgrading client machines systemimager-common - Utilities and libraries common to both the server and client systemimager-doc - Manual and other documentation systemimager-server - Automate GNU/Linux installs and upgrades over a network systemimager-server-flamethrowerd - SystemImager boot binaries for i386 client nodes systemimager-boot-ia64-standard - SystemImager boot binaries for ia64 client nodes systemimager-server-flamethrowerd - SystemImager boot binaries for ia64 client nodes Closes: 310982 Changes: systemimager (3.2.3-6sarge4) stable-security; urgency=high . * Build against kernel-tree-2.4.27-10sarge5: * 233_ia64-sparc-cross-region-mappings.diff [SECURITY] Prevent cross-region mappings on ia64 and sparc which could be used in a local DoS attack (system crash) See CVE-2006-4538 * 234_atm-clip-freed-skb-deref.diff [SECURITY] Avoid dereferencing an already freed skb, preventing a potential remote DoS (system crash) vector See CVE-2006-4997 * 235_ppc-alignment-exception-table-check.diff [SECURITY][ppc] Avoid potential DoS which can be triggered by some futex ops See CVE-2006-5649 * 236_s390-uaccess-memleak.diff [SECURITY][s390] Fix memory leak in copy_from_user by clearing the remaining bytes of the kernel buffer after a fault on the userspace address in copy_from_user() See CVE-2006-5174 * 237_smbfs-honor-mount-opts.diff Honor uid, gid and mode mount options for smbfs even when unix extensions are enabled (closes: #310982) See CVE-2006-5871 * 238_ppc-hid0-dos.diff [SECURITY] [ppc] Fix local DoS by clearing HID0 attention enable on PPC970 at boot time See CVE-2006-4093 Files: 84f6a3040b4ca624d01532d0f0c023f9 979 admin optional systemimager_3.2.3-6sarge4.dsc 716fe24644ffdbd59b0ca5de5470629f 15979474 admin optional systemimager_3.2.3-6sarge4.tar.gz 8883b34d56263ef6f988c732482fde23 118244 admin optional systemimager-server_3.2.3-6sarge4_all.deb 2748bff28ec7b5b3f4bc90eb82dffb61 31516 admin optional systemimager-client_3.2.3-6sarge4_all.deb e267a4cc8c6fa408b6973ecf6eec3f7c 31728 admin optional systemimager-common_3.2.3-6sarge4_all.deb d67eef0cd39f650d8b5952914e9d9798 632496 doc optional systemimager-doc_3.2.3-6sarge4_all.deb 433d9eedf00bd67c08a47d69440c95b6 17068 admin optional systemimager-server-flamethrowerd_3.2.3-6sarge4_all.deb cc670bb7fe2cf731762f01eec8b460c3 4760018 admin optional systemimager-boot-i386-standard_3.2.3-6sarge4_all.deb d4d9d6da88eb634fe03ed8cd28baedb3 9546278 admin optional systemimager-boot-ia64-standard_3.2.3-6sarge4_all.deb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.5 (GNU/Linux) iD8DBQFFeFohhuANDBmkLRkRAuu0AJ9U9zhDbxr4DpG6jD88hAiuk8s0FQCfchFU oK0smZhanvf1r5n/zIQ0YjI= =AJ4u -----END PGP SIGNATURE----- Accepted: systemimager-boot-i386-standard_3.2.3-6sarge4_all.deb to pool/main/s/systemimager/systemimager-boot-i386-standard_3.2.3-6sarge4_all.deb systemimager-boot-ia64-standard_3.2.3-6sarge4_all.deb to pool/main/s/systemimager/systemimager-boot-ia64-standard_3.2.3-6sarge4_all.deb systemimager-client_3.2.3-6sarge4_all.deb to pool/main/s/systemimager/systemimager-client_3.2.3-6sarge4_all.deb systemimager-common_3.2.3-6sarge4_all.deb to pool/main/s/systemimager/systemimager-common_3.2.3-6sarge4_all.deb systemimager-doc_3.2.3-6sarge4_all.deb to pool/main/s/systemimager/systemimager-doc_3.2.3-6sarge4_all.deb systemimager-server-flamethrowerd_3.2.3-6sarge4_all.deb to pool/main/s/systemimager/systemimager-server-flamethrowerd_3.2.3-6sarge4_all.deb systemimager-server_3.2.3-6sarge4_all.deb to pool/main/s/systemimager/systemimager-server_3.2.3-6sarge4_all.deb systemimager_3.2.3-6sarge4.dsc to pool/main/s/systemimager/systemimager_3.2.3-6sarge4.dsc systemimager_3.2.3-6sarge4.tar.gz to pool/main/s/systemimager/systemimager_3.2.3-6sarge4.tar.gz