-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Format: 1.7 Date: Sun, 14 Dec 2008 16:23:32 -0700 Source: user-mode-linux Binary: user-mode-linux Architecture: source i386 Version: 2.6.18-1um-2etch.23etch1 Distribution: stable-security Urgency: high Maintainer: User Mode Linux Maintainers <pkg-uml-pkgs@lists.alioth.debian.org> Changed-By: dann frazier <dannf@debian.org> Description: user-mode-linux - User-mode Linux (kernel) Changes: user-mode-linux (2.6.18-1um-2etch.23etch1) stable-security; urgency=high . * Rebuild against linux-source-2.6.18_2.6.18.dfsg.1-23etch1: * Fix missing boundary checks in syscall/syscall32_nopage(): - bugfix/add-install_special_mapping.patch - bugfix/i386-vdso-use_install_special_mapping.patch - bugfix/x86_64-ia32-vDSO-use-install_special_mapping.patch - features/all/xen/vdso-use_install_special_mapping.patch See CVE-2008-3527 * Modify feature patches to apply on top of the fixes for CVE-2008-3527: - features/all/vserver/vs2.0.2.2-rc9.patch - features/all/xen/fedora-2.6.18-36186.patch - features/all/xen/vserver-update.patch * Don't allow splicing to files opened with O_APPEND: - bugfix/dont-allow-splice-to-files-opened-with-O_APPEND.patch See CVE-2008-4554 * Avoid printk floods when reading corrupted ext[2,3] directories - bugfix/ext2-avoid-corrupted-directory-printk-floods.patch - bugfix/ext3-avoid-corrupted-directory-printk-floods.patch See CVE-2008-3528 * Fix oops in SCTP - bugfix/sctp-fix-oops-when-INIT-ACK-indicates-that-peer-doesnt-support-AUTH.patch See CVE-2008-4576 * Fix buffer overflow in hfsplus - bugfix/hfsplus-fix-Buffer-overflow-with-a-corrupted-image.patch See CVE-2008-4933 * Fix BUG() in hfsplus - bugfix/hfsplus-check_read_mapping_page-return-value.patch See CVE-2008-4934 * Fix stack corruption in hfs - bugfix/hfs-fix-namelength-memory-corruption.patch See CVE-2008-5025 * Fix recursive descent in __scm_destroy - bugfix/af_unix-fix-garbage-collector-races.patch - bugfix/af_unix-convert-socks-to-unix_socks.patch - bugfix/net-unix-fix-inflight-counting-bug-in-garbage-collector.patch - bugfix/net-fix-recursive-descent-in-__scm_destroy.patch See CVE-2008-5029 * Make sendmsg() block during UNIX garbage collection: - bugfix/net-unix-gc-fix-soft-lockups-oom-issues.patch See CVE-2008-5300 * Fix DoS when calling svc_listen twice on the same socket while reading /proc/net/atm/*vc: - bugfix/atm-duplicate-listen-on-socket-corrupts-the-vcc-table.patch See CVE-2008-5079 * Fix race conditions between inotify removal and umount - bugfix/inotify-watch-removal-umount-races.patch See CVE-2008-5182 Files: c7b86a1845bc273e6a7f0471e0555e58 892 misc extra user-mode-linux_2.6.18-1um-2etch.23etch1.dsc f0384a843ffc8952cbff2e25fe627a6b 19360 misc extra user-mode-linux_2.6.18-1um-2etch.23etch1.diff.gz 8edf459235cf919e70db35db6e18a81c 25602042 misc extra user-mode-linux_2.6.18-1um-2etch.23etch1_i386.deb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) iD8DBQFJRsEOhuANDBmkLRkRAqQJAJ0VZWCDjBY55gGb0PNo1PrkMFhYEQCdE9/d Bb7+eKvR07lCQyziFgilAHs= =hp1N -----END PGP SIGNATURE----- Accepted: user-mode-linux_2.6.18-1um-2etch.23etch1.diff.gz to pool/main/u/user-mode-linux/user-mode-linux_2.6.18-1um-2etch.23etch1.diff.gz user-mode-linux_2.6.18-1um-2etch.23etch1.dsc to pool/main/u/user-mode-linux/user-mode-linux_2.6.18-1um-2etch.23etch1.dsc user-mode-linux_2.6.18-1um-2etch.23etch1_i386.deb to pool/main/u/user-mode-linux/user-mode-linux_2.6.18-1um-2etch.23etch1_i386.deb