-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.8
Date: Wed, 15 May 2013 15:34:24 -0600
Source: user-mode-linux
Binary: user-mode-linux
Architecture: source amd64
Version: 3.2-2um-1+deb7u1
Distribution: wheezy-security
Urgency: high
Maintainer: User Mode Linux Maintainers <pkg-uml-pkgs@lists.alioth.debian.org>
Changed-By: dann frazier <dannf@debian.org>
Description:
user-mode-linux - User-mode Linux (kernel)
Changes:
user-mode-linux (3.2-2um-1+deb7u1) wheezy-security; urgency=high
.
* Rebuild against linux-source-3.2 (3.2.41-2+deb7u2):
* perf: Treat attr.config as u64 in perf_swevent_init() (CVE-2013-2094)
* TTY: fix timing leak with /dev/ptmx (CVE-2013-0160)
* ext4: avoid hang when mounting non-journal filesystems with orphan list
(CVE-2013-2015)
* crypto: algif - suppress sending source address information in recvmsg
(CVE-2013-3076)
* atm: update msg_namelen in vcc_recvmsg() (CVE-2013-3222)
* ax25: fix info leak via msg_name in ax25_recvmsg() (CVE-2013-3223)
* Bluetooth: fix possible info leak in bt_sock_recvmsg() (CVE-2013-3224)
* Bluetooth: RFCOMM - Fix missing msg_namelen update in
rfcomm_sock_recvmsg() (CVE-2013-3225)
* caif: Fix missing msg_namelen update in caif_seqpkt_recvmsg()
(CVE-2013-3227)
* irda: Fix missing msg_namelen update in irda_recvmsg_dgram()
(CVE-2013-3228)
* iucv: Fix missing msg_namelen update in iucv_sock_recvmsg()
(CVE-2013-3229)
* llc: Fix missing msg_namelen update in llc_ui_recvmsg() (CVE-2013-3231)
* rose: fix info leak via msg_name in rose_recvmsg() (CVE-2013-3234)
* tipc: fix info leaks via msg_name in recv_msg/recv_stream (CVE-2013-3235)
* tracing: Fix possible NULL pointer dereferences (CVE-2013-3301)
* [x86] KVM: Allow cross page reads and writes from cached translations.
(fixes regression in fix for CVE-2013-1796)
* net: fix incorrect credentials passing (CVE-2013-1979)
* tg3: fix length overflow in VPD firmware parsing (CVE-2013-1929)
* kernel/signal.c: stop info leak via the tkill and the tgkill syscalls
Checksums-Sha1:
85362539dc30ab743bd0124bdbbc1f8b29eda21e 2142 user-mode-linux_3.2-2um-1+deb7u1.dsc
92fc70e7591b20ed3bbaa2f7d89ebdae8e1b6a90 23707 user-mode-linux_3.2-2um.orig.tar.gz
a17504b4d756d3b7431be919494fab284f0c95bf 15606 user-mode-linux_3.2-2um-1+deb7u1.diff.gz
3224d1566f814ddb89892a9d14e18fe7334cb508 8364422 user-mode-linux_3.2-2um-1+deb7u1_amd64.deb
Checksums-Sha256:
5b7bc026aaa50986f1095c30761e307c6eaf5dd427420fc512cacce9902dfd1a 2142 user-mode-linux_3.2-2um-1+deb7u1.dsc
954148acead25d7c164121ac4d099b3d103bee5cc967bf1e6262ea7b6e9ee9d1 23707 user-mode-linux_3.2-2um.orig.tar.gz
2ac6d2fdae71dca1ed81835edda757cfb44a62e9074528eb7d5c685d413229ba 15606 user-mode-linux_3.2-2um-1+deb7u1.diff.gz
abd0f9a6f1f23dd2122d4ba15dceea9b425e14814fffceb1b14ad9e9a52df0f9 8364422 user-mode-linux_3.2-2um-1+deb7u1_amd64.deb
Files:
640742d3b3200c2e53ac7ea360f14d26 2142 kernel extra user-mode-linux_3.2-2um-1+deb7u1.dsc
9d91d95c98f2ffef1ad4af6b0715347a 23707 kernel extra user-mode-linux_3.2-2um.orig.tar.gz
79aa6e82afe1b2b2a745ca5a609054af 15606 kernel extra user-mode-linux_3.2-2um-1+deb7u1.diff.gz
da07b226f3b0b2444c86bdc0bbc08046 8364422 kernel extra user-mode-linux_3.2-2um-1+deb7u1_amd64.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)
iQIcBAEBAgAGBQJRlFjFAAoJEBv4PF5U/IZAunQP/2araw30IVyQJU7/G8bIb+FU
lfTYLpXvxEkkNi/o2zNADYtPUzXp+SYoX/eRHCLSL7F2wfxWRusdFzqLj7o0cPYm
2dfwDvosC//u3FZmZ7IqnHmSUULCWU9UN/XNVOgTMNzl8cPyLovPztquJ+cX5otT
WIlpkGT9NrrXVxOq/uwalxEx1zP5ddMNbZA5H5OLrrg7I68ppPgJC5T0aZ6NHXCO
Hgg3QGBn2rVAsEIoLqsfVb8DL78Eg+PUiOJExIm/mN39/XCPkDs7ePNfs4qF2fRv
0jFo3HhXi9CbH3CL4x/ZFKEWlB5LN0df+9TEWDINCUvzNDoBVyuiMDsNeDFDfzqD
cn7uGhGuf4iGSnS/FtY+NTYFc7HagsHgtrMjDyhDnzHCJY3h1+nQ9UOBrxCAr7aY
8DgcFhNfIFFfDuXy1Q2UmQL8572eXbAjY3FBMMBzocBqKbwJYxdwU1h/4ri66Lki
CLAY6l8zN4sRI8LAHG2DE/K63yPfVuNP6pj+I/DFzi+9sw89P5soY9lg+Mhf+9kc
8O3H/WtJ5XpQrgQGYuCvsj6JFU7WQPFnXiO1HBwoNY4qUE5HSuOHrg3PuheAy6vT
JM3AJRzjT5HSBMB+oU9QAHWwJ4f7kRxgzrImIZi1n/t7HdVK0aJnrlsg0xEmS6/h
MtM2AzwSrwOmeihk81L5
=1rrT
-----END PGP SIGNATURE-----
