[kernel-sec-discuss] r1059 - dsa-texts

[dannf at alioth.debian.org]

Author: dannf
Date: 2007-12-11 06:18:09 +0000 (Tue, 11 Dec 2007)
New Revision: 1059

Modified:
   dsa-texts/2.6.18.dfsg.1-13etch5
Log:
let's try this again; missed a cve and typo'd the subject of the mail

Modified: dsa-texts/2.6.18.dfsg.1-13etch5
===================================================================
--- dsa-texts/2.6.18.dfsg.1-13etch5	2007-12-11 05:44:08 UTC (rev 1058)
+++ dsa-texts/2.6.18.dfsg.1-13etch5	2007-12-11 06:18:09 UTC (rev 1059)
@@ -1,14 +1,14 @@
 --------------------------------------------------------------------------
-Debian Security Advisory DSA 1428-1                    security at debian.org
+Debian Security Advisory DSA 1428-2                    security at debian.org
 http://www.debian.org/security/                               dann frazier
-December 10th, 2007                     http://www.debian.org/security/faq
+December 11th, 2007                     http://www.debian.org/security/faq
 --------------------------------------------------------------------------
 
 Package        : linux-2.6
 Vulnerability  : several
 Problem-Type   : local/remote
 Debian-specific: no
-CVE ID         : CVE-2007-3104 CVE-2007-4997 CVE-2007-5500
+CVE ID         : CVE-2007-3104 CVE-2007-4997 CVE-2007-5500 CVE-2007-5904
 
 Several local and remote vulnerabilities have been discovered in the Linux
 kernel that may lead to a denial of service or the execution of arbitrary
@@ -35,7 +35,13 @@
     Scott James Remnant diagnosed a coding error in the implementation of
     ptrace which could be used by a local user to cause the kernel to enter
     an infinite loop.
-    
+
+CVE-2007-5904
+
+    Przemyslaw Wegrzyn discovered an issue in the CIFS filesystem that could
+    allow a malicious server to cause a denial of service (crash) by overflowing
+    a buffer.
+
 These problems have been fixed in the stable distribution in version 
 2.6.18.dfsg.1-13etch5.