-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Format: 1.7 Date: Mon, 22 Feb 2010 18:16:29 -0700 Source: user-mode-linux Binary: user-mode-linux Architecture: source i386 Version: 2.6.18-1um-2etch.26etch2 Distribution: oldstable-security Urgency: high Maintainer: User Mode Linux Maintainers <pkg-uml-pkgs@lists.alioth.debian.org> Changed-By: dann frazier <dannf@debian.org> Description: user-mode-linux - User-mode Linux (kernel) Closes: 520034 529165 562525 Changes: user-mode-linux (2.6.18-1um-2etch.26etch2) oldstable-security; urgency=high . * Rebuild against linux-source-2.6.18_2.6.18.dfsg.1-26etch2: * [s390] Revert syscall wrapping of execve() - 2.6.18 still has some in-kernel callers which bollocks up pt_regs. (Closes: #562525) * [SCSI] gdth: Prevent negative offsets in ioctl (CVE-2009-3080) * NFSv4: Fix a problem whereby a buggy server can oops the kernel (CVE-2009-3726) * isdn: hfc_usb: Fix read buffer overflow (CVE-2009-4005) * hfs: fix a potential buffer overflow (CVE-2009-4020) * fuse: prevent fuse_put_request on invalid pointer (CVE-2009-4021) * e1000: enhance frame fragment detection (CVE-2009-4536) * netfilter: ebtables: enforce CAP_NET_ADMIN (CVE-2010-0007) * connector: Delete buggy notification code. (CVE-2010-0410) * Fix potential crash with sys_move_pages (CVE-2010-0415) * futex: Handle user space corruption gracefully (CVE-2010-0622) * [s390] Fix missing capability check in z90crypt driver (CVE-2009-1883) * net ax25: Fix signed comparison in the sockopt handler (CVE-2009-2909) * fix information leak in llc_ui_getname (CVE-2009-3001) * net: fix information leak due to uninitialized structures in getname functions (CVE-2009-3002) * tc: Fix uninitialized kernel memory leak (CVE-2009-3228) * random: make get_random_int() more random (CVE-2009-3238) * NFSv4: fix open-create permissions, move iattr & verf attributes of struct nfsd4_open out of the union (CVE-2009-3286) * fs: pipe.c null pointer dereference (CVE-2009-3547) * netlink: fix typo in initialization (CVE-2009-3612) * AF_UNIX: Fix deadlock on connecting to shutdown socket (CVE-2009-3621) * [mips/mipsel] Fix errno on inexistent syscalls. (Closes: #520034). * bridge: Fix oops in port_carrier_check (closes: #529165) Files: c32b65bd3829d1d7349827e664cd9422 893 misc extra user-mode-linux_2.6.18-1um-2etch.26etch2.dsc c63ce16a717b7b40c92e8f3db5e9562b 20338 misc extra user-mode-linux_2.6.18-1um-2etch.26etch2.diff.gz c8263e70b1f6c46004502d2a561c5b3f 25603308 misc extra user-mode-linux_2.6.18-1um-2etch.26etch2_i386.deb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (GNU/Linux) iD8DBQFLg1EBhuANDBmkLRkRAj0TAJ0TwdGPWcVplcLjoCRHpuHOejLiQACeN/GS j3MelIowjlOlADoYJE1UmVI= =TqsM -----END PGP SIGNATURE----- Accepted: user-mode-linux_2.6.18-1um-2etch.26etch2.diff.gz to main/u/user-mode-linux/user-mode-linux_2.6.18-1um-2etch.26etch2.diff.gz user-mode-linux_2.6.18-1um-2etch.26etch2.dsc to main/u/user-mode-linux/user-mode-linux_2.6.18-1um-2etch.26etch2.dsc user-mode-linux_2.6.18-1um-2etch.26etch2_i386.deb to main/u/user-mode-linux/user-mode-linux_2.6.18-1um-2etch.26etch2_i386.deb
