Debian Package Tracker

From: dann frazier <dannf@debian.org>
To: <debian-changes@lists.debian.org>
Subject: Accepted user-mode-linux 2.6.18-1um-2etch3 (source i386)
Date: Fri, 17 Aug 2007 07:56:53 +0000
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.7
Date: Wed, 15 Aug 2007 17:27:01 -0600
Source: user-mode-linux
Binary: user-mode-linux
Architecture: source i386
Version: 2.6.18-1um-2etch3
Distribution: stable-security
Urgency: high
Maintainer: User Mode Linux Maintainers <pkg-uml-pkgs@lists.alioth.debian.org>
Changed-By: dann frazier <dannf@debian.org>
Description: 
 user-mode-linux - User-mode Linux (kernel)
Changes: 
 user-mode-linux (2.6.18-1um-2etch3) stable-security; urgency=high
 .
   * NMU by the Security Team
     * Rebuild against linux-source-2.6.18 (2.6.18.dfsg.1-13etch1):
     * Update abi reference files for ABI 5
     * bugfix/bluetooth-l2cap-hci-info-leaks.patch
       [SECURITY] Fix information leaks in setsockopt() implementations
       See CVE-2007-1353
     * bugfix/usblcd-limit-memory-consumption.patch
       [SECURITY] limit memory consumption during write in the usblcd driver
       See CVE-2007-3513
     * bugfix/pppoe-socket-release-mem-leak.patch
       [SECURITY] fix unpriveleged memory leak when a PPPoE socket is released
       after connect but before PPPIOCGCHAN ioctl is called upon it
       See CVE-2007-2525
     * bugfix/nf_conntrack_h323-bounds-checking.patch
       [SECURITY] nf_conntrack_h323: add checking of out-of-range on choices'
       index values
       See CVE-2007-3642
     * bugfix/dn_fib-out-of-bounds.patch
       [SECURITY] Fix out of bounds condition in dn_fib_props[]
       See CVE-2007-2172
     * bugfix/random-fix-seeding-with-zero-entropy.patch
       bugfix/random-fix-error-in-entropy-extraction.patch
       [SECURITY] Avoid seeding with the same values at boot time when a
       system has no entropy source and fix a casting error in entropy
       extraction that resulted in slightly less random numbers.
       See CVE-2007-2453
     * bugfix/nf_conntrack_sctp-null-deref.patch
       [SECURITY] Fix remotely triggerable NULL pointer dereference
       by sending an unknown chunk type.
       See CVE-2007-2876
     * bugfix/i965-secure-batchbuffer.patch
       [SECURITY] Fix i965 secured batchbuffer usage
       See CVE-2007-3851
     * bugfix/reset-pdeathsig-on-suid.patch
       [SECURITY] Fix potential privilege escalation caused by improper
       clearing of the child process' pdeath signal.
       Thanks to Marcel Holtmann for the patch.
       See CVE-2007-3848
Files: 
 aa751a05223c0584be0f57286936c3b0 865 misc extra user-mode-linux_2.6.18-1um-2etch3.dsc
 89a1b1d042c1a3c105d1be2616e43fb5 13585 misc extra user-mode-linux_2.6.18-1um-2etch3.diff.gz
 ed306c7d3a31590060dca08d65134b51 25580950 misc extra user-mode-linux_2.6.18-1um-2etch3_i386.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)

iD8DBQFGw5GDhuANDBmkLRkRAlcsAJ9AyN96BilSs1XkwaTJMRRs9YiMLQCfYaYm
8UDXBsilgChjBefHmWUi0Mk=
=hqb3
-----END PGP SIGNATURE-----


Accepted:
user-mode-linux_2.6.18-1um-2etch3.diff.gz
  to pool/main/u/user-mode-linux/user-mode-linux_2.6.18-1um-2etch3.diff.gz
user-mode-linux_2.6.18-1um-2etch3.dsc
  to pool/main/u/user-mode-linux/user-mode-linux_2.6.18-1um-2etch3.dsc
user-mode-linux_2.6.18-1um-2etch3_i386.deb
  to pool/main/u/user-mode-linux/user-mode-linux_2.6.18-1um-2etch3_i386.deb
News for package user-mode-linux
