[kernel-sec-discuss] r1147 - dsa-texts
dannf at alioth.debian.org
dannf at alioth.debian.org
Fri Feb 22 22:13:56 UTC 2008
Author: dannf
Date: 2008-02-22 22:13:55 +0000 (Fri, 22 Feb 2008)
New Revision: 1147
Added:
dsa-texts/2.4.27-10sarge2
dsa-texts/2.4.27-10sarge3
dsa-texts/2.4.27-10sarge4
dsa-texts/2.4.27-10sarge5
dsa-texts/2.6.8-16sarge2
dsa-texts/2.6.8-16sarge3
dsa-texts/2.6.8-16sarge5
dsa-texts/2.6.8-16sarge6
dsa-texts/2.6.8-16sarge7
Removed:
dsa-texts/2.4.27-sarge2
dsa-texts/2.4.27-sarge3
dsa-texts/2.4.27-sarge4
dsa-texts/2.4.27-sarge5
dsa-texts/2.6.8-sarge2
dsa-texts/2.6.8-sarge3
dsa-texts/2.6.8-sarge5
dsa-texts/2.6.8-sarge6
dsa-texts/2.6.8-sarge7
Log:
rename old dsa text files to include the full version string, otherwise
we may get a version clash soon
Copied: dsa-texts/2.4.27-10sarge2 (from rev 1142, dsa-texts/2.4.27-sarge2)
===================================================================
--- dsa-texts/2.4.27-10sarge2 (rev 0)
+++ dsa-texts/2.4.27-10sarge2 2008-02-22 22:13:55 UTC (rev 1147)
@@ -0,0 +1,177 @@
+Subject: New Linux kernel 2.4.27 packages fix several issues
+
+--------------------------------------------------------------------------
+Debian Security Advisory DSA XXX-1 security at debian.org
+http://www.debian.org/security/ Dann Frazier, Simon Horman
+XXXXX 8th, 2005 http://www.debian.org/security/faq
+--------------------------------------------------------------------------
+
+Package : kernel-source-2.4.27
+Vulnerability : several
+Problem-Type : local/remote
+Debian-specific: no
+CVE IDs : CVE-2004-0887 CVE-2004-1058 CVE-2004-2607 CVE-2005-0449 CVE-2005-1761 CVE-2005-2457 CVE-2005-2555 CVE-2005-2709 CVE-2005-2973 CVE-2005-3257 CVE-2005-3783 CVE-2005-3806 CVE-2005-3848 CVE-2005-3857 CVE-2005-3858 CVE-2005-4618
+Debian Bug :
+
+Several local and remote vulnerabilities have been discovered in the Linux
+kernel that may lead to a denial of service or the execution of arbitrary
+code. The Common Vulnerabilities and Exposures project identifies the
+following problems:
+
+CVE-2004-0887
+
+ Martin Schwidefsky discovered that the privileged instruction SACF (Set
+ Address Space Control Fast) on the S/390 platform is not handled properly,
+ allowing for a local user to gain root privileges.
+
+CVE-2004-1058
+
+ A race condition allows for a local user to read the environment variables
+ of another process that is still spawning through /proc/.../cmdline.
+
+CVE-2004-2607
+
+ A numeric casting discrepancy in sdla_xfer allows local users to read
+ portions of kernel memory via a large len argument which is received as an
+ int but cast to a short, preventing read loop from filling a buffer.
+
+CVE-2005-0449
+
+ An error in the skb_checksum_help() function from the netfilter framework
+ has been discovered that allows the bypass of packet filter rules or
+ a denial of service attack.
+
+CVE-2005-1761
+
+ A vulnerability in the ptrace subsystem of the IA-64 architecture can
+ allow local attackers to overwrite kernel memory and crash the kernel.
+
+CVE-2005-2457
+
+ Tim Yamin discovered that insufficient input validation in the compressed
+ ISO file system (zisofs) allows a denial of service attack through
+ maliciously crafted ISO images.
+
+CVE-2005-2555
+
+ Herbert Xu discovered that the setsockopt() function was not restricted to
+ users/processes with the CAP_NET_ADMIN capability. This allows attackers to
+ manipulate IPSEC policies or initiate a denial of service attack.
+
+CVE-2005-2709
+
+ Al Viro discovered a race condition in the /proc handling of network devices.
+ A (local) attacker could exploit the stale reference after interface shutdown
+ to cause a denial of service or possibly execute code in kernel mode.
+
+CVE-2005-2973
+
+ Tetsuo Handa discovered that the udp_v6_get_port() function from the IPv6 code
+ can be forced into an endless loop, which allows a denial of service attack.
+
+CVE-2005-3257
+
+ Rudolf Polzer discovered that the kernel improperly restricts access to the
+ KDSKBSENT ioctl, which can possibly lead to privilege escalation.
+
+CVE-2005-3783
+
+ The ptrace code using CLONE_THREAD didn't use the thread group ID to
+ determine whether the caller is attaching to itself, which allows a denial
+ of service attack.
+
+CVE-2005-3806
+
+ Yen Zheng discovered that the IPv6 flow label code modified an incorrect variable,
+ which could lead to memory corruption and denial of service.
+
+CVE-2005-3848
+
+ Ollie Wild discovered a memory leak in the icmp_push_reply() function, which
+ allows denial of service through memory consumption.
+
+CVE-2005-3857
+
+ Chris Wright discovered that excessive allocation of broken file lock leases
+ in the VFS layer can exhaust memory and fill up the system logging, which allows
+ denial of service.
+
+CVE-2005-3858
+
+ Patrick McHardy discovered a memory leak in the ip6_input_finish() function from
+ the IPv6 code, which allows denial of service.
+
+CVE-2005-4618
+
+ Yi Ying discovered that sysctl does not properly enforce the size of a
+ buffer, which allows a denial of service attack.
+
+The following matrix explains which kernel version for which architecture
+fix the problems mentioned above:
+
+ Debian 3.1 (sarge)
+ Source 2.4.27-10sarge2
+ Alpha architecture 2.4.27-10sarge2
+ ARM architecture 2.4.27-2sarge2
+ Intel IA-32 architecture 2.4.27-10sarge2
+ Intel IA-64 architecture 2.4.27-10sarge2
+ Motorola 680x0 architecture 2.4.27-3sarge2
+ Big endian MIPS architecture 2.4.27-10.sarge1.040815-2
+ Little endian MIPS architecture 2.4.27-10.sarge1.040815-2
+ PowerPC architecture 2.4.27-10sarge2
+ IBM S/390 architecture 2.4.27-2sarge2
+ Sun Sparc architecture 2.4.27-9sarge2
+
+The following matrix lists additional packages that were rebuilt for
+compatability with or to take advantage of this update:
+
+ Debian 3.1 (sarge)
+ kernel-latest-2.4-alpha 101sarge1
+ kernel-latest-2.4-i386 101sarge1
+ kernel-latest-2.4-s390 2.4.27-1sarge1
+ kernel-latest-2.4-sparc 42sarge1
+ kernel-latest-powerpc 102sarge1
+ fai-kernels 1.9.1sarge1
+ i2c 1:2.9.1-1sarge1
+ kernel-image-speakup-i386 2.4.27-1.1sasrge1
+ lm-sensors 1:2.9.1-1sarge3
+ mindi-kernel 2.4.27-2sarge1
+ pcmcia-modules-2.4.27-i386 3.2.5+2sarge1
+ systemimager 3.2.3-6sarge1
+
+We recommend that you upgrade your kernel package immediately and reboot
+the machine. If you have built a custom kernel from the kernel source
+package, you will need to rebuild to take advantage of these fixes.
+
+Upgrade Instructions
+--------------------
+
+wget url
+ will fetch the file for you
+dpkg -i file.deb
+ will install the referenced file.
+
+If you are using the apt-get package manager, use the line for
+sources.list as given below:
+
+apt-get update
+ will update the internal database
+apt-get upgrade
+ will install corrected packages
+
+You may use an automated update by adding the resources from the
+footer to the proper configuration.
+
+
+Debian GNU/Linux 3.1 alias sarge
+--------------------------------
+
+
+ These files will probably be moved into the stable distribution on
+ its next update.
+
+---------------------------------------------------------------------------------
+For apt-get: deb http://security.debian.org/ stable/updates main
+For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main
+Mailing list: debian-security-announce at lists.debian.org
+Package info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>
Copied: dsa-texts/2.4.27-10sarge3 (from rev 1142, dsa-texts/2.4.27-sarge3)
===================================================================
--- dsa-texts/2.4.27-10sarge3 (rev 0)
+++ dsa-texts/2.4.27-10sarge3 2008-02-22 22:13:55 UTC (rev 1147)
@@ -0,0 +1,200 @@
+Subject: New Linux kernel 2.4.27 packages fix several issues
+
+--------------------------------------------------------------------------
+Debian Security Advisory DSA XXX-1 security at debian.org
+http://www.debian.org/security/ Dann Frazier, Troy Heber
+XXXXX 8th, 2005 http://www.debian.org/security/faq
+--------------------------------------------------------------------------
+
+Package : kernel-source-2.4.27
+Vulnerability : several
+Problem-Type : local/remote
+Debian-specific: no
+CVE ID : CVE-2006-0038 CVE-2006-0039 CVE-2006-0741 CVE-2006-0742
+ CVE-2006-1056 CVE-2006-1242 CVE-2006-1343 CVE-2006-1368
+ CVE-2006-1524 CVE-2006-1525 CVE-2006-1857 CVE-2006-1858
+ CVE-2006-1864 CVE-2006-2271 CVE-2006-2272 CVE-2006-2274
+Debian Bug :
+
+Several local and remote vulnerabilities have been discovered in the Linux
+kernel that may lead to a denial of service or the execution of arbitrary
+code. The Common Vulnerabilities and Exposures project identifies the
+following problems:
+
+CVE-2006-0038
+
+ "Solar Designer" discovered that arithmetic computations in netfilter's
+ do_replace() function can lead to a buffer overflow and the execution of
+ arbitrary code. However, the operation requires CAP_NET_ADMIN privileges,
+ which is only an issue in virtualization systems or fine grained access
+ control systems.
+
+CVE-2006-0039
+
+ "Solar Designer" discovered a race condition in netfilter's
+ do_add_counters() function, which allows information disclosure of
+ kernel memory by exploiting a race condition. Like CVE-2006-0038,
+ it requires CAP_NET_ADMIN privileges.
+
+CVE-2006-0741
+
+ Intel EM64T systems were discovered to be susceptible to a local
+ DoS due to an endless recursive fault related to a bad ELF entry
+ address.
+
+CVE-2006-0742
+
+ Alan and Gareth discovered that the ia64 platform had an
+ incorrectly declared die_if_kernel() function as "does never
+ return" which could be exploited by a local attacker resulting in
+ a kernel crash.
+
+CVE-2006-1056
+
+ AMD64 machines (and other 7th and 8th generation AuthenticAMD
+ processors) were found to be vulnerable to sensitive information
+ leakage, due to how they handle saving and restoring the FOP, FIP,
+ and FDP x87 registers in FXSAVE/FXRSTOR when an exception is
+ pending. This allows a process to determine portions of the state
+ of floating point instructions of other processes.
+
+CVE-2006-1242
+
+ Marco Ivaldi discovered that there was an unintended information
+ disclosure allowing remote attackers to bypass protections against
+ Idle Scans (nmap -sI) by abusing the ID field of IP packets and
+ bypassing the zero IP ID in DF packet countermeasure. This was a
+ result of the ip_push_pending_frames function improperly
+ incremented the IP ID field when sending a RST after receiving
+ unsolicited TCP SYN-ACK packets.
+
+CVE-2006-1343
+
+ Pavel Kankovsky reported the existance of a potential information leak
+ resulting from the failure to initialize sin.sin_zero in the IPv4 socket
+ code.
+
+CVE-2006-1368
+
+ Shaun Tancheff discovered a buffer overflow (boundry condition
+ error) in the USB Gadget RNDIS implementation allowing remote
+ attackers to cause a DoS. While creating a reply message, the
+ driver allocated memory for the reply data, but not for the reply
+ structure. The kernel fails to properly bounds-check user-supplied
+ data before copying it to an insufficiently sized memory
+ buffer. Attackers could crash the system, or possibly execute
+ arbitrary machine code.
+
+CVE-2006-1524
+
+ Hugh Dickins discovered an issue in the madvise_remove function wherein
+ file and mmap restrictions are not followed, allowing local users to
+ bypass IPC permissions and replace portions of readonly tmpfs files with
+ zeroes.
+
+CVE-2006-1525
+
+ Alexandra Kossovsky reported a NULL pointer dereference condition in
+ ip_route_input() that can be triggered by a local user by requesting
+ a route for a multicast IP address, resulting in a denial of service
+ (panic).
+
+CVE-2006-1857
+
+ Vlad Yasevich reported a data validation issue in the SCTP subsystem
+ that may allow a remote user to overflow a buffer using a badly formatted
+ HB-ACK chunk, resulting in a denial of service.
+
+CVE-2006-1858
+
+ Vlad Yasevich reported a bug in the bounds checking code in the SCTP
+ subsystem that may allow a remote attacker to trigger a denial of service
+ attack when rounded parameter lengths are used to calculate parameter
+ lengths instead of the actual values.
+
+CVE-2006-1864
+
+ Mark Mosely discovered that chroots residing on an SMB share can be
+ escaped with specially crafted "cd" sequences.
+
+CVE-2006-2271
+
+ The "Mu security team" discovered that carefully crafted ECNE chunks can
+ cause a kernel crash by accessing incorrect state stable entries in the
+ SCTP networking subsystem, which allows denial of service.
+
+CVE-2006-2272
+
+ The "Mu security team" discovered that fragmented SCTP control
+ chunks can trigger kernel panics, which allows for denial of
+ service attacks.
+
+CVE-2006-2274
+
+ It was discovered that SCTP packets with two initial bundled data
+ packets can lead to infinite recursion, which allows for denial of
+ service attacks.
+
+
+
+The following matrix explains which kernel version for which architecture
+fix the problems mentioned above:
+
+ Debian 3.1 (sarge)
+ Source 2.4.27-10sarge3
+ Alpha architecture 2.4.27-10sarge3
+ ARM architecture 2.4.27-2sarge3
+ Intel IA-32 architecture 2.4.27-10sarge3
+ Intel IA-64 architecture 2.4.27-10sarge3
+ Motorola 680x0 architecture 2.4.27-3sarge3
+ Big endian MIPS 2.4.27-10.sarge3.040815-1
+ Little endian MIPS 2.4.27-10.sarge3.040815-1
+ PowerPC architecture 2.4.27-10sarge3
+ IBM S/390 architecture 2.4.27-2sarge3
+ Sun Sparc architecture 2.4.27-9sarge3
+
+The following matrix lists additional packages that were rebuilt for
+compatibility with or to take advantage of this update:
+
+ Debian 3.1 (sarge)
+ fai-kernels 1.9.1sarge2
+ kernel-image-2.4.27-speakup 2.4.27-1.1sarge2
+ mindi-kernel 2.4.27-2sarge2
+ systemimager 3.2.3-6sarge2
+
+We recommend that you upgrade your kernel package immediately and reboot
+the machine. If you have built a custom kernel from the kernel source
+package, you will need to rebuild to take advantage of these fixes.
+
+Upgrade Instructions
+--------------------
+
+wget url
+ will fetch the file for you
+dpkg -i file.deb
+ will install the referenced file.
+
+If you are using the apt-get package manager, use the line for
+sources.list as given below:
+
+apt-get update
+ will update the internal database
+apt-get upgrade
+ will install corrected packages
+
+You may use an automated update by adding the resources from the
+footer to the proper configuration.
+
+
+Debian GNU/Linux 3.1 alias sarge
+--------------------------------
+
+
+ These files will probably be moved into the stable distribution on
+ its next update.
+
+---------------------------------------------------------------------------------
+For apt-get: deb http://security.debian.org/ stable/updates main
+For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main
+Mailing list: debian-security-announce at lists.debian.org
+Package info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>
Copied: dsa-texts/2.4.27-10sarge4 (from rev 1142, dsa-texts/2.4.27-sarge4)
===================================================================
--- dsa-texts/2.4.27-10sarge4 (rev 0)
+++ dsa-texts/2.4.27-10sarge4 2008-02-22 22:13:55 UTC (rev 1147)
@@ -0,0 +1,125 @@
+Subject: New Linux kernel 2.4.27 packages fix several issues
+
+--------------------------------------------------------------------------
+Debian Security Advisory DSA XXX-1 security at debian.org
+http://www.debian.org/security/ Dann Frazier
+XXXXX 8th, 2005 http://www.debian.org/security/faq
+--------------------------------------------------------------------------
+
+Package : kernel-source-2.4.27
+Vulnerability : several
+Problem-Type : local/remote
+Debian-specific: no
+CVE ID : CVE-2005-4798 CVE-2006-2935 CVE-2006-1528 CVE-2006-2444
+ CVE-2006-2446 CVE-2006-3745 CVE-2006-4535 CVE-2006-4145
+
+Several local and remote vulnerabilities have been discovered in the Linux
+kernel that may lead to a denial of service or the execution of arbitrary
+code. The Common Vulnerabilities and Exposures project identifies the
+following problems:
+
+CVE-2005-4798
+
+ Assar discovered a buffer overlow in the NFS readlink handling code
+ that would allows a malicious remote server to cause a denail of
+ service (crash) using a long symlink.
+
+CVE-2006-2935
+
+ Diego Calleja Garcia discovered a potential buffer overflow in the
+ dvd_read_bca() function that could allow aribrary code execution via
+ a malicious CDROM device
+
+CVE-2006-1528
+
+ Douglas Gilbert reported a bug in the sg driver that allows local
+ users to oops the kernel by performing dio transfers from the sg
+ driver to memory mapped IO space.
+
+CVE-2006-2444
+
+ Patrick McHardy reported a memory corruption bug in snmp_trap_decode that
+ could be used by remote attackers to crash a system.
+
+CVE-2006-2446
+
+ A race between the kfree_skb and __skb_unlink functions allows remote
+ users to crash a system.
+
+CVE-2006-3745
+
+ Wei Wang discovered a vulnerability in the SCTP subsystem that can be
+ exploited for local privilege escalation.
+
+CVE-2006-4145
+
+ Colin discovered a bug in the UDF filesystem that allows local users to
+ hang a system when truncating files.
+
+CVE-2006-4535
+
+ David Miller reported a problem with the fix for CVE-2006-3745 that allows
+ local users to crash the system using via an SCTP socket with a certain
+ SO_LINGER value.
+
+The following matrix explains which kernel version for which architecture
+fix the problems mentioned above:
+
+ Debian 3.1 (sarge)
+ Source 2.4.27-10sarge4
+ Alpha architecture 2.4.27-10sarge4
+ ARM architecture 2.4.27-2sarge4
+ Intel IA-32 architecture 2.4.27-10sarge4
+ Intel IA-64 architecture 2.4.27-10sarge4
+ Motorola 680x0 architecture 2.4.27-3sarge4
+ Big endian MIPS 2.4.27-10.sarge4.040815-1
+ Little endian MIPS 2.4.27-10.sarge4.040815-1
+ PowerPC architecture 2.4.27-10sarge4
+ IBM S/390 architecture 2.4.27-2sarge4
+ Sun Sparc architecture 2.4.27-9sarge4
+
+The following matrix lists additional packages that were rebuilt for
+compatibility with or to take advantage of this update:
+
+ Debian 3.1 (sarge)
+ fai-kernels 1.9.1sarge4
+ kernel-image-2.4.27-speakup 2.4.27-1.1sarge3
+ mindi-kernel 2.4.27-2sarge3
+ systemimager 3.2.3-6sarge3
+
+We recommend that you upgrade your kernel package immediately and reboot
+the machine. If you have built a custom kernel from the kernel source
+package, you will need to rebuild to take advantage of these fixes.
+
+Upgrade Instructions
+--------------------
+
+wget url
+ will fetch the file for you
+dpkg -i file.deb
+ will install the referenced file.
+
+If you are using the apt-get package manager, use the line for
+sources.list as given below:
+
+apt-get update
+ will update the internal database
+apt-get upgrade
+ will install corrected packages
+
+You may use an automated update by adding the resources from the
+footer to the proper configuration.
+
+
+Debian GNU/Linux 3.1 alias sarge
+--------------------------------
+
+
+ These files will probably be moved into the stable distribution on
+ its next update.
+
+---------------------------------------------------------------------------------
+For apt-get: deb http://security.debian.org/ stable/updates main
+For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main
+Mailing list: debian-security-announce at lists.debian.org
+Package info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>
Copied: dsa-texts/2.4.27-10sarge5 (from rev 1142, dsa-texts/2.4.27-sarge5)
===================================================================
--- dsa-texts/2.4.27-10sarge5 (rev 0)
+++ dsa-texts/2.4.27-10sarge5 2008-02-22 22:13:55 UTC (rev 1147)
@@ -0,0 +1,131 @@
+Subject: New Linux kernel 2.4.27 packages fix several issues
+
+--------------------------------------------------------------------------
+Debian Security Advisory DSA XXX-1 security at debian.org
+http://www.debian.org/security/ Dann Frazier
+XXXXX 8th, 2005 http://www.debian.org/security/faq
+--------------------------------------------------------------------------
+
+Package : kernel-source-2.4.27
+Vulnerability : several
+Problem-Type : local/remote
+Debian-specific: no
+CVE ID : CVE-2006-4093 CVE-2006-4538 CVE-2006-4997 CVE-2006-5174
+ CVE-2006-5649 CVE-2006-5871
+
+
+Several local and remote vulnerabilities have been discovered in the Linux
+kernel that may lead to a denial of service or the execution of arbitrary
+code. The Common Vulnerabilities and Exposures project identifies the
+following problems:
+
+CVE-2005-4093
+
+ Olof Johansson reported a local DoS (Denial of Service) vulnerability
+ on the PPC970 platform. Unpriveleged users can hang the system by
+ executing the "attn" instruction, which was not being disabled at boot.
+
+CVE-2006-4538
+
+ Kirill Korotaev reported a local DoS (Denial of Service) vulnerability
+ on the ia64 and sparc architectures. A user could cause the system to
+ crash by executing a malformed ELF binary due to insufficient verification
+ of the memory layout.
+
+CVE-2006-4997
+
+ ADLab Venustech Info Ltd reported a potential remote DoS (Denial of
+ Service) vulnerability in the IP over ATM subsystem. A remote system
+ could cause the system to crash by sending specially crafted packets
+ that would trigger an attempt to free an already-freed pointer
+ resulting in a system crash.
+
+CVE-2006-5174
+
+ Martin Schwidefsky reported a potential leak of sensitive information
+ on s390 systems. The copy_from_user function did not clear the remaining
+ bytes of the kernel buffer after receiving a fault on the userspace
+ address, resulting in a leak of uninitialized kernel memory. A local user
+ could exploit this by appending to a file from a bad address.
+
+CVE-2006-5649
+
+ Fabio Massimo Di Nitto reported a potential remote DoS (Denial of Service)
+ vulnerability on powerpc systems. The alignment exception only
+ checked the exception table for -EFAULT, not for other errors. This can
+ be exploited by a local user to cause a system crash (panic).
+
+CVE-2006-5871
+
+ Bill Allombert reported that various mount options are ignored by smbfs
+ when UNIX extensions are enabled. This includes the uid, gid and mode
+ options. Client systems would silently use the server-provided settings
+ instead of honoring these options, changing the security model. This
+ update includes a fix from Haroldo Gamal that forces the kernel to honor
+ these mount options. Note that, since the current versions of smbmount
+ always pass values for these options to the kernel, it is not currently
+ possible to activate unix extensions by omitting mount options. However,
+ this behavior is currently consistent with the current behavior of the
+ next Debian release, 'etch'.
+
+The following matrix explains which kernel version for which architecture
+fix the problems mentioned above:
+
+ Debian 3.1 (sarge)
+ Source 2.4.27-10sarge5
+ Alpha architecture 2.4.27-10sarge5
+ ARM architecture 2.4.27-2sarge5
+ Intel IA-32 architecture 2.4.27-10sarge5
+ Intel IA-64 architecture 2.4.27-10sarge5
+ Motorola 680x0 architecture 2.4.27-3sarge5
+ Big endian MIPS 2.4.27-10.sarge4.040815-2
+ Little endian MIPS 2.4.27-10.sarge4.040815-2
+ PowerPC architecture 2.4.27-10sarge5
+ IBM S/390 architecture 2.4.27-2sarge5
+ Sun Sparc architecture 2.4.27-9sarge5
+
+The following matrix lists additional packages that were rebuilt for
+compatibility with or to take advantage of this update:
+
+ Debian 3.1 (sarge)
+ fai-kernels 1.9.1sarge5
+ kernel-image-2.4.27-speakup 2.4.27-1.1sarge4
+ mindi-kernel 2.4.27-2sarge4
+ systemimager 3.2.3-6sarge4
+
+We recommend that you upgrade your kernel package immediately and reboot
+the machine. If you have built a custom kernel from the kernel source
+package, you will need to rebuild to take advantage of these fixes.
+
+Upgrade Instructions
+--------------------
+
+wget url
+ will fetch the file for you
+dpkg -i file.deb
+ will install the referenced file.
+
+If you are using the apt-get package manager, use the line for
+sources.list as given below:
+
+apt-get update
+ will update the internal database
+apt-get upgrade
+ will install corrected packages
+
+You may use an automated update by adding the resources from the
+footer to the proper configuration.
+
+
+Debian GNU/Linux 3.1 alias sarge
+--------------------------------
+
+
+ These files will probably be moved into the stable distribution on
+ its next update.
+
+---------------------------------------------------------------------------------
+For apt-get: deb http://security.debian.org/ stable/updates main
+For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main
+Mailing list: debian-security-announce at lists.debian.org
+Package info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>
Deleted: dsa-texts/2.4.27-sarge2
===================================================================
--- dsa-texts/2.4.27-sarge2 2008-02-22 22:11:44 UTC (rev 1146)
+++ dsa-texts/2.4.27-sarge2 2008-02-22 22:13:55 UTC (rev 1147)
@@ -1,177 +0,0 @@
-Subject: New Linux kernel 2.4.27 packages fix several issues
-
---------------------------------------------------------------------------
-Debian Security Advisory DSA XXX-1 security at debian.org
-http://www.debian.org/security/ Dann Frazier, Simon Horman
-XXXXX 8th, 2005 http://www.debian.org/security/faq
---------------------------------------------------------------------------
-
-Package : kernel-source-2.4.27
-Vulnerability : several
-Problem-Type : local/remote
-Debian-specific: no
-CVE IDs : CVE-2004-0887 CVE-2004-1058 CVE-2004-2607 CVE-2005-0449 CVE-2005-1761 CVE-2005-2457 CVE-2005-2555 CVE-2005-2709 CVE-2005-2973 CVE-2005-3257 CVE-2005-3783 CVE-2005-3806 CVE-2005-3848 CVE-2005-3857 CVE-2005-3858 CVE-2005-4618
-Debian Bug :
-
-Several local and remote vulnerabilities have been discovered in the Linux
-kernel that may lead to a denial of service or the execution of arbitrary
-code. The Common Vulnerabilities and Exposures project identifies the
-following problems:
-
-CVE-2004-0887
-
- Martin Schwidefsky discovered that the privileged instruction SACF (Set
- Address Space Control Fast) on the S/390 platform is not handled properly,
- allowing for a local user to gain root privileges.
-
-CVE-2004-1058
-
- A race condition allows for a local user to read the environment variables
- of another process that is still spawning through /proc/.../cmdline.
-
-CVE-2004-2607
-
- A numeric casting discrepancy in sdla_xfer allows local users to read
- portions of kernel memory via a large len argument which is received as an
- int but cast to a short, preventing read loop from filling a buffer.
-
-CVE-2005-0449
-
- An error in the skb_checksum_help() function from the netfilter framework
- has been discovered that allows the bypass of packet filter rules or
- a denial of service attack.
-
-CVE-2005-1761
-
- A vulnerability in the ptrace subsystem of the IA-64 architecture can
- allow local attackers to overwrite kernel memory and crash the kernel.
-
-CVE-2005-2457
-
- Tim Yamin discovered that insufficient input validation in the compressed
- ISO file system (zisofs) allows a denial of service attack through
- maliciously crafted ISO images.
-
-CVE-2005-2555
-
- Herbert Xu discovered that the setsockopt() function was not restricted to
- users/processes with the CAP_NET_ADMIN capability. This allows attackers to
- manipulate IPSEC policies or initiate a denial of service attack.
-
-CVE-2005-2709
-
- Al Viro discovered a race condition in the /proc handling of network devices.
- A (local) attacker could exploit the stale reference after interface shutdown
- to cause a denial of service or possibly execute code in kernel mode.
-
-CVE-2005-2973
-
- Tetsuo Handa discovered that the udp_v6_get_port() function from the IPv6 code
- can be forced into an endless loop, which allows a denial of service attack.
-
-CVE-2005-3257
-
- Rudolf Polzer discovered that the kernel improperly restricts access to the
- KDSKBSENT ioctl, which can possibly lead to privilege escalation.
-
-CVE-2005-3783
-
- The ptrace code using CLONE_THREAD didn't use the thread group ID to
- determine whether the caller is attaching to itself, which allows a denial
- of service attack.
-
-CVE-2005-3806
-
- Yen Zheng discovered that the IPv6 flow label code modified an incorrect variable,
- which could lead to memory corruption and denial of service.
-
-CVE-2005-3848
-
- Ollie Wild discovered a memory leak in the icmp_push_reply() function, which
- allows denial of service through memory consumption.
-
-CVE-2005-3857
-
- Chris Wright discovered that excessive allocation of broken file lock leases
- in the VFS layer can exhaust memory and fill up the system logging, which allows
- denial of service.
-
-CVE-2005-3858
-
- Patrick McHardy discovered a memory leak in the ip6_input_finish() function from
- the IPv6 code, which allows denial of service.
-
-CVE-2005-4618
-
- Yi Ying discovered that sysctl does not properly enforce the size of a
- buffer, which allows a denial of service attack.
-
-The following matrix explains which kernel version for which architecture
-fix the problems mentioned above:
-
- Debian 3.1 (sarge)
- Source 2.4.27-10sarge2
- Alpha architecture 2.4.27-10sarge2
- ARM architecture 2.4.27-2sarge2
- Intel IA-32 architecture 2.4.27-10sarge2
- Intel IA-64 architecture 2.4.27-10sarge2
- Motorola 680x0 architecture 2.4.27-3sarge2
- Big endian MIPS architecture 2.4.27-10.sarge1.040815-2
- Little endian MIPS architecture 2.4.27-10.sarge1.040815-2
- PowerPC architecture 2.4.27-10sarge2
- IBM S/390 architecture 2.4.27-2sarge2
- Sun Sparc architecture 2.4.27-9sarge2
-
-The following matrix lists additional packages that were rebuilt for
-compatability with or to take advantage of this update:
-
- Debian 3.1 (sarge)
- kernel-latest-2.4-alpha 101sarge1
- kernel-latest-2.4-i386 101sarge1
- kernel-latest-2.4-s390 2.4.27-1sarge1
- kernel-latest-2.4-sparc 42sarge1
- kernel-latest-powerpc 102sarge1
- fai-kernels 1.9.1sarge1
- i2c 1:2.9.1-1sarge1
- kernel-image-speakup-i386 2.4.27-1.1sasrge1
- lm-sensors 1:2.9.1-1sarge3
- mindi-kernel 2.4.27-2sarge1
- pcmcia-modules-2.4.27-i386 3.2.5+2sarge1
- systemimager 3.2.3-6sarge1
-
-We recommend that you upgrade your kernel package immediately and reboot
-the machine. If you have built a custom kernel from the kernel source
-package, you will need to rebuild to take advantage of these fixes.
-
-Upgrade Instructions
---------------------
-
-wget url
- will fetch the file for you
-dpkg -i file.deb
- will install the referenced file.
-
-If you are using the apt-get package manager, use the line for
-sources.list as given below:
-
-apt-get update
- will update the internal database
-apt-get upgrade
- will install corrected packages
-
-You may use an automated update by adding the resources from the
-footer to the proper configuration.
-
-
-Debian GNU/Linux 3.1 alias sarge
---------------------------------
-
-
- These files will probably be moved into the stable distribution on
- its next update.
-
----------------------------------------------------------------------------------
-For apt-get: deb http://security.debian.org/ stable/updates main
-For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main
-Mailing list: debian-security-announce at lists.debian.org
-Package info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>
Deleted: dsa-texts/2.4.27-sarge3
===================================================================
--- dsa-texts/2.4.27-sarge3 2008-02-22 22:11:44 UTC (rev 1146)
+++ dsa-texts/2.4.27-sarge3 2008-02-22 22:13:55 UTC (rev 1147)
@@ -1,200 +0,0 @@
-Subject: New Linux kernel 2.4.27 packages fix several issues
-
---------------------------------------------------------------------------
-Debian Security Advisory DSA XXX-1 security at debian.org
-http://www.debian.org/security/ Dann Frazier, Troy Heber
-XXXXX 8th, 2005 http://www.debian.org/security/faq
---------------------------------------------------------------------------
-
-Package : kernel-source-2.4.27
-Vulnerability : several
-Problem-Type : local/remote
-Debian-specific: no
-CVE ID : CVE-2006-0038 CVE-2006-0039 CVE-2006-0741 CVE-2006-0742
- CVE-2006-1056 CVE-2006-1242 CVE-2006-1343 CVE-2006-1368
- CVE-2006-1524 CVE-2006-1525 CVE-2006-1857 CVE-2006-1858
- CVE-2006-1864 CVE-2006-2271 CVE-2006-2272 CVE-2006-2274
-Debian Bug :
-
-Several local and remote vulnerabilities have been discovered in the Linux
-kernel that may lead to a denial of service or the execution of arbitrary
-code. The Common Vulnerabilities and Exposures project identifies the
-following problems:
-
-CVE-2006-0038
-
- "Solar Designer" discovered that arithmetic computations in netfilter's
- do_replace() function can lead to a buffer overflow and the execution of
- arbitrary code. However, the operation requires CAP_NET_ADMIN privileges,
- which is only an issue in virtualization systems or fine grained access
- control systems.
-
-CVE-2006-0039
-
- "Solar Designer" discovered a race condition in netfilter's
- do_add_counters() function, which allows information disclosure of
- kernel memory by exploiting a race condition. Like CVE-2006-0038,
- it requires CAP_NET_ADMIN privileges.
-
-CVE-2006-0741
-
- Intel EM64T systems were discovered to be susceptible to a local
- DoS due to an endless recursive fault related to a bad ELF entry
- address.
-
-CVE-2006-0742
-
- Alan and Gareth discovered that the ia64 platform had an
- incorrectly declared die_if_kernel() function as "does never
- return" which could be exploited by a local attacker resulting in
- a kernel crash.
-
-CVE-2006-1056
-
- AMD64 machines (and other 7th and 8th generation AuthenticAMD
- processors) were found to be vulnerable to sensitive information
- leakage, due to how they handle saving and restoring the FOP, FIP,
- and FDP x87 registers in FXSAVE/FXRSTOR when an exception is
- pending. This allows a process to determine portions of the state
- of floating point instructions of other processes.
-
-CVE-2006-1242
-
- Marco Ivaldi discovered that there was an unintended information
- disclosure allowing remote attackers to bypass protections against
- Idle Scans (nmap -sI) by abusing the ID field of IP packets and
- bypassing the zero IP ID in DF packet countermeasure. This was a
- result of the ip_push_pending_frames function improperly
- incremented the IP ID field when sending a RST after receiving
- unsolicited TCP SYN-ACK packets.
-
-CVE-2006-1343
-
- Pavel Kankovsky reported the existance of a potential information leak
- resulting from the failure to initialize sin.sin_zero in the IPv4 socket
- code.
-
-CVE-2006-1368
-
- Shaun Tancheff discovered a buffer overflow (boundry condition
- error) in the USB Gadget RNDIS implementation allowing remote
- attackers to cause a DoS. While creating a reply message, the
- driver allocated memory for the reply data, but not for the reply
- structure. The kernel fails to properly bounds-check user-supplied
- data before copying it to an insufficiently sized memory
- buffer. Attackers could crash the system, or possibly execute
- arbitrary machine code.
-
-CVE-2006-1524
-
- Hugh Dickins discovered an issue in the madvise_remove function wherein
- file and mmap restrictions are not followed, allowing local users to
- bypass IPC permissions and replace portions of readonly tmpfs files with
- zeroes.
-
-CVE-2006-1525
-
- Alexandra Kossovsky reported a NULL pointer dereference condition in
- ip_route_input() that can be triggered by a local user by requesting
- a route for a multicast IP address, resulting in a denial of service
- (panic).
-
-CVE-2006-1857
-
- Vlad Yasevich reported a data validation issue in the SCTP subsystem
- that may allow a remote user to overflow a buffer using a badly formatted
- HB-ACK chunk, resulting in a denial of service.
-
-CVE-2006-1858
-
- Vlad Yasevich reported a bug in the bounds checking code in the SCTP
- subsystem that may allow a remote attacker to trigger a denial of service
- attack when rounded parameter lengths are used to calculate parameter
- lengths instead of the actual values.
-
-CVE-2006-1864
-
- Mark Mosely discovered that chroots residing on an SMB share can be
- escaped with specially crafted "cd" sequences.
-
-CVE-2006-2271
-
- The "Mu security team" discovered that carefully crafted ECNE chunks can
- cause a kernel crash by accessing incorrect state stable entries in the
- SCTP networking subsystem, which allows denial of service.
-
-CVE-2006-2272
-
- The "Mu security team" discovered that fragmented SCTP control
- chunks can trigger kernel panics, which allows for denial of
- service attacks.
-
-CVE-2006-2274
-
- It was discovered that SCTP packets with two initial bundled data
- packets can lead to infinite recursion, which allows for denial of
- service attacks.
-
-
-
-The following matrix explains which kernel version for which architecture
-fix the problems mentioned above:
-
- Debian 3.1 (sarge)
- Source 2.4.27-10sarge3
- Alpha architecture 2.4.27-10sarge3
- ARM architecture 2.4.27-2sarge3
- Intel IA-32 architecture 2.4.27-10sarge3
- Intel IA-64 architecture 2.4.27-10sarge3
- Motorola 680x0 architecture 2.4.27-3sarge3
- Big endian MIPS 2.4.27-10.sarge3.040815-1
- Little endian MIPS 2.4.27-10.sarge3.040815-1
- PowerPC architecture 2.4.27-10sarge3
- IBM S/390 architecture 2.4.27-2sarge3
- Sun Sparc architecture 2.4.27-9sarge3
-
-The following matrix lists additional packages that were rebuilt for
-compatibility with or to take advantage of this update:
-
- Debian 3.1 (sarge)
- fai-kernels 1.9.1sarge2
- kernel-image-2.4.27-speakup 2.4.27-1.1sarge2
- mindi-kernel 2.4.27-2sarge2
- systemimager 3.2.3-6sarge2
-
-We recommend that you upgrade your kernel package immediately and reboot
-the machine. If you have built a custom kernel from the kernel source
-package, you will need to rebuild to take advantage of these fixes.
-
-Upgrade Instructions
---------------------
-
-wget url
- will fetch the file for you
-dpkg -i file.deb
- will install the referenced file.
-
-If you are using the apt-get package manager, use the line for
-sources.list as given below:
-
-apt-get update
- will update the internal database
-apt-get upgrade
- will install corrected packages
-
-You may use an automated update by adding the resources from the
-footer to the proper configuration.
-
-
-Debian GNU/Linux 3.1 alias sarge
---------------------------------
-
-
- These files will probably be moved into the stable distribution on
- its next update.
-
----------------------------------------------------------------------------------
-For apt-get: deb http://security.debian.org/ stable/updates main
-For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main
-Mailing list: debian-security-announce at lists.debian.org
-Package info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>
Deleted: dsa-texts/2.4.27-sarge4
===================================================================
--- dsa-texts/2.4.27-sarge4 2008-02-22 22:11:44 UTC (rev 1146)
+++ dsa-texts/2.4.27-sarge4 2008-02-22 22:13:55 UTC (rev 1147)
@@ -1,125 +0,0 @@
-Subject: New Linux kernel 2.4.27 packages fix several issues
-
---------------------------------------------------------------------------
-Debian Security Advisory DSA XXX-1 security at debian.org
-http://www.debian.org/security/ Dann Frazier
-XXXXX 8th, 2005 http://www.debian.org/security/faq
---------------------------------------------------------------------------
-
-Package : kernel-source-2.4.27
-Vulnerability : several
-Problem-Type : local/remote
-Debian-specific: no
-CVE ID : CVE-2005-4798 CVE-2006-2935 CVE-2006-1528 CVE-2006-2444
- CVE-2006-2446 CVE-2006-3745 CVE-2006-4535 CVE-2006-4145
-
-Several local and remote vulnerabilities have been discovered in the Linux
-kernel that may lead to a denial of service or the execution of arbitrary
-code. The Common Vulnerabilities and Exposures project identifies the
-following problems:
-
-CVE-2005-4798
-
- Assar discovered a buffer overlow in the NFS readlink handling code
- that would allows a malicious remote server to cause a denail of
- service (crash) using a long symlink.
-
-CVE-2006-2935
-
- Diego Calleja Garcia discovered a potential buffer overflow in the
- dvd_read_bca() function that could allow aribrary code execution via
- a malicious CDROM device
-
-CVE-2006-1528
-
- Douglas Gilbert reported a bug in the sg driver that allows local
- users to oops the kernel by performing dio transfers from the sg
- driver to memory mapped IO space.
-
-CVE-2006-2444
-
- Patrick McHardy reported a memory corruption bug in snmp_trap_decode that
- could be used by remote attackers to crash a system.
-
-CVE-2006-2446
-
- A race between the kfree_skb and __skb_unlink functions allows remote
- users to crash a system.
-
-CVE-2006-3745
-
- Wei Wang discovered a vulnerability in the SCTP subsystem that can be
- exploited for local privilege escalation.
-
-CVE-2006-4145
-
- Colin discovered a bug in the UDF filesystem that allows local users to
- hang a system when truncating files.
-
-CVE-2006-4535
-
- David Miller reported a problem with the fix for CVE-2006-3745 that allows
- local users to crash the system using via an SCTP socket with a certain
- SO_LINGER value.
-
-The following matrix explains which kernel version for which architecture
-fix the problems mentioned above:
-
- Debian 3.1 (sarge)
- Source 2.4.27-10sarge4
- Alpha architecture 2.4.27-10sarge4
- ARM architecture 2.4.27-2sarge4
- Intel IA-32 architecture 2.4.27-10sarge4
- Intel IA-64 architecture 2.4.27-10sarge4
- Motorola 680x0 architecture 2.4.27-3sarge4
- Big endian MIPS 2.4.27-10.sarge4.040815-1
- Little endian MIPS 2.4.27-10.sarge4.040815-1
- PowerPC architecture 2.4.27-10sarge4
- IBM S/390 architecture 2.4.27-2sarge4
- Sun Sparc architecture 2.4.27-9sarge4
-
-The following matrix lists additional packages that were rebuilt for
-compatibility with or to take advantage of this update:
-
- Debian 3.1 (sarge)
- fai-kernels 1.9.1sarge4
- kernel-image-2.4.27-speakup 2.4.27-1.1sarge3
- mindi-kernel 2.4.27-2sarge3
- systemimager 3.2.3-6sarge3
-
-We recommend that you upgrade your kernel package immediately and reboot
-the machine. If you have built a custom kernel from the kernel source
-package, you will need to rebuild to take advantage of these fixes.
-
-Upgrade Instructions
---------------------
-
-wget url
- will fetch the file for you
-dpkg -i file.deb
- will install the referenced file.
-
-If you are using the apt-get package manager, use the line for
-sources.list as given below:
-
-apt-get update
- will update the internal database
-apt-get upgrade
- will install corrected packages
-
-You may use an automated update by adding the resources from the
-footer to the proper configuration.
-
-
-Debian GNU/Linux 3.1 alias sarge
---------------------------------
-
-
- These files will probably be moved into the stable distribution on
- its next update.
-
----------------------------------------------------------------------------------
-For apt-get: deb http://security.debian.org/ stable/updates main
-For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main
-Mailing list: debian-security-announce at lists.debian.org
-Package info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>
Deleted: dsa-texts/2.4.27-sarge5
===================================================================
--- dsa-texts/2.4.27-sarge5 2008-02-22 22:11:44 UTC (rev 1146)
+++ dsa-texts/2.4.27-sarge5 2008-02-22 22:13:55 UTC (rev 1147)
@@ -1,131 +0,0 @@
-Subject: New Linux kernel 2.4.27 packages fix several issues
-
---------------------------------------------------------------------------
-Debian Security Advisory DSA XXX-1 security at debian.org
-http://www.debian.org/security/ Dann Frazier
-XXXXX 8th, 2005 http://www.debian.org/security/faq
---------------------------------------------------------------------------
-
-Package : kernel-source-2.4.27
-Vulnerability : several
-Problem-Type : local/remote
-Debian-specific: no
-CVE ID : CVE-2006-4093 CVE-2006-4538 CVE-2006-4997 CVE-2006-5174
- CVE-2006-5649 CVE-2006-5871
-
-
-Several local and remote vulnerabilities have been discovered in the Linux
-kernel that may lead to a denial of service or the execution of arbitrary
-code. The Common Vulnerabilities and Exposures project identifies the
-following problems:
-
-CVE-2005-4093
-
- Olof Johansson reported a local DoS (Denial of Service) vulnerability
- on the PPC970 platform. Unpriveleged users can hang the system by
- executing the "attn" instruction, which was not being disabled at boot.
-
-CVE-2006-4538
-
- Kirill Korotaev reported a local DoS (Denial of Service) vulnerability
- on the ia64 and sparc architectures. A user could cause the system to
- crash by executing a malformed ELF binary due to insufficient verification
- of the memory layout.
-
-CVE-2006-4997
-
- ADLab Venustech Info Ltd reported a potential remote DoS (Denial of
- Service) vulnerability in the IP over ATM subsystem. A remote system
- could cause the system to crash by sending specially crafted packets
- that would trigger an attempt to free an already-freed pointer
- resulting in a system crash.
-
-CVE-2006-5174
-
- Martin Schwidefsky reported a potential leak of sensitive information
- on s390 systems. The copy_from_user function did not clear the remaining
- bytes of the kernel buffer after receiving a fault on the userspace
- address, resulting in a leak of uninitialized kernel memory. A local user
- could exploit this by appending to a file from a bad address.
-
-CVE-2006-5649
-
- Fabio Massimo Di Nitto reported a potential remote DoS (Denial of Service)
- vulnerability on powerpc systems. The alignment exception only
- checked the exception table for -EFAULT, not for other errors. This can
- be exploited by a local user to cause a system crash (panic).
-
-CVE-2006-5871
-
- Bill Allombert reported that various mount options are ignored by smbfs
- when UNIX extensions are enabled. This includes the uid, gid and mode
- options. Client systems would silently use the server-provided settings
- instead of honoring these options, changing the security model. This
- update includes a fix from Haroldo Gamal that forces the kernel to honor
- these mount options. Note that, since the current versions of smbmount
- always pass values for these options to the kernel, it is not currently
- possible to activate unix extensions by omitting mount options. However,
- this behavior is currently consistent with the current behavior of the
- next Debian release, 'etch'.
-
-The following matrix explains which kernel version for which architecture
-fix the problems mentioned above:
-
- Debian 3.1 (sarge)
- Source 2.4.27-10sarge5
- Alpha architecture 2.4.27-10sarge5
- ARM architecture 2.4.27-2sarge5
- Intel IA-32 architecture 2.4.27-10sarge5
- Intel IA-64 architecture 2.4.27-10sarge5
- Motorola 680x0 architecture 2.4.27-3sarge5
- Big endian MIPS 2.4.27-10.sarge4.040815-2
- Little endian MIPS 2.4.27-10.sarge4.040815-2
- PowerPC architecture 2.4.27-10sarge5
- IBM S/390 architecture 2.4.27-2sarge5
- Sun Sparc architecture 2.4.27-9sarge5
-
-The following matrix lists additional packages that were rebuilt for
-compatibility with or to take advantage of this update:
-
- Debian 3.1 (sarge)
- fai-kernels 1.9.1sarge5
- kernel-image-2.4.27-speakup 2.4.27-1.1sarge4
- mindi-kernel 2.4.27-2sarge4
- systemimager 3.2.3-6sarge4
-
-We recommend that you upgrade your kernel package immediately and reboot
-the machine. If you have built a custom kernel from the kernel source
-package, you will need to rebuild to take advantage of these fixes.
-
-Upgrade Instructions
---------------------
-
-wget url
- will fetch the file for you
-dpkg -i file.deb
- will install the referenced file.
-
-If you are using the apt-get package manager, use the line for
-sources.list as given below:
-
-apt-get update
- will update the internal database
-apt-get upgrade
- will install corrected packages
-
-You may use an automated update by adding the resources from the
-footer to the proper configuration.
-
-
-Debian GNU/Linux 3.1 alias sarge
---------------------------------
-
-
- These files will probably be moved into the stable distribution on
- its next update.
-
----------------------------------------------------------------------------------
-For apt-get: deb http://security.debian.org/ stable/updates main
-For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main
-Mailing list: debian-security-announce at lists.debian.org
-Package info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>
Copied: dsa-texts/2.6.8-16sarge2 (from rev 1142, dsa-texts/2.6.8-sarge2)
===================================================================
--- dsa-texts/2.6.8-16sarge2 (rev 0)
+++ dsa-texts/2.6.8-16sarge2 2008-02-22 22:13:55 UTC (rev 1147)
@@ -0,0 +1,251 @@
+Subject: New Linux kernel 2.6.8 packages fix several issues
+
+--------------------------------------------------------------------------
+Debian Security Advisory DSA XXX-1 security at debian.org
+http://www.debian.org/security/ Dann Frazier, Simon Horman
+XXXXX 8th, 2005 http://www.debian.org/security/faq
+--------------------------------------------------------------------------
+
+Package : kernel-source-2.6.8
+Vulnerability : several
+Problem-Type : local/remote
+Debian-specific: no
+CVE ID : CVE-2004-1017 CVE-2005-0124 CVE-2005-0449 CVE-2005-2457 CVE-2005-2490 CVE-2005-2555 CVE-2005-2709 CVE-2005-2800 CVE-2005-2973 CVE-2005-3044 CVE-2005-3053 CVE-2005-3055 CVE-2005-3180 CVE-2005-3181 CVE-2005-3257 CVE-2005-3356 CVE-2005-3358 CVE-2005-3783 CVE-2005-3784 CVE-2005-3806 CVE-2005-3847 CVE-2005-3848 CVE-2005-3857 CVE-2005-3858 CVE-2005-4605 CVE-2005-4618 CVE-2006-0095 CVE-2006-0096 CVE-2006-0482 CVE-2006-1066
+Debian Bug : 295949 334113 330287 332587 332596 330343 330353 327416
+
+Several local and remote vulnerabilities have been discovered in the Linux
+kernel that may lead to a denial of service or the execution of arbitrary
+code. The Common Vulnerabilities and Exposures project identifies the
+following problems:
+
+CVE-2004-1017
+
+ Multiple overflows exist in the io_edgeport driver which might be usable
+ as a denial of service attack vector.
+
+CVE-2005-0124
+
+ Bryan Fulton reported a bounds checking bug in the coda_pioctl function
+ which may allow local users to execute arbitrary code or trigger a denial
+ of service attack.
+
+CVE-2005-0449
+
+ An error in the skb_checksum_help() function from the netfilter framework
+ has been discovered that allows the bypass of packet filter rules or
+ a denial of service attack.
+
+CVE-2005-2457
+
+ Tim Yamin discovered that insufficient input validation in the zisofs driver
+ for compressed ISO file systems allows a denial of service attack through
+ maliciously crafted ISO images.
+
+CVE-2005-2490
+
+ A buffer overflow in the sendmsg() function allows local users to execute
+ arbitrary code.
+
+CVE-2005-2555
+
+ Herbert Xu discovered that the setsockopt() function was not restricted to
+ users/processes with the CAP_NET_ADMIN capability. This allows attackers to
+ manipulate IPSEC policies or initiate a denial of service attack.
+
+CVE-2005-2709
+
+ Al Viro discovered a race condition in the /proc handling of network devices.
+ A (local) attacker could exploit the stale reference after interface shutdown
+ to cause a denial of service or possibly execute code in kernel mode.
+
+CVE-2005-2800
+
+ Jan Blunck discovered that repeated failed reads of /proc/scsi/sg/devices
+ leak memory, which allows a denial of service attack.
+
+CVE-2005-2973
+
+ Tetsuo Handa discovered that the udp_v6_get_port() function from the IPv6 code
+ can be forced into an endless loop, which allows a denial of service attack.
+
+CVE-2005-3044
+
+ Vasiliy Averin discovered that the reference counters from sockfd_put() and
+ fput() can be forced into overlapping, which allows a denial of service attack
+ through a null pointer dereference.
+
+CVE-2005-3053
+
+ Eric Dumazet discovered that the set_mempolicy() system call accepts a negative
+ value for it's first argument, which triggers a BUG() assert. This allows a
+ denial of service attack.
+
+CVE-2005-3055
+
+ Harald Welte discovered that if a process issues a USB Request Block (URB)
+ to a device and terminates before the URB completes, a stale pointer
+ would be dereferenced. This could be used to trigger a denial of service
+ attack.
+
+CVE-2005-3180
+
+ Pavel Roskin discovered that the driver for Orinoco wireless cards clears
+ it's buffers insufficiently. This could leak sensitive information into
+ user space.
+
+CVE-2005-3181
+
+ Robert Derr discovered that the audit subsystem uses an incorrect function to
+ free memory, which allows a denial of service attack.
+
+CVE-2005-3257
+
+ Rudolf Polzer discovered that the kernel improperly restricts access to the
+ KDSKBSENT ioctl, which can possibly lead to privilege escalation.
+
+CVE-2005-3356
+
+ Doug Chapman discovered that the mq_open syscall can be tricked into
+ decrementing an internal counter twice, which allows a denial of service attack
+ through a kernel panic.
+
+CVE-2005-3358
+
+ Doug Chapman discovered that passing a 0 zero bitmask to the set_mempolicy()
+ system call leads to a kernel panic, which allows a denial of service attack.
+
+CVE-2005-3783
+
+ The ptrace code using CLONE_THREAD didn't use the thread group ID to
+ determine whether the caller is attaching to itself, which allows a denial
+ of service attack.
+
+CVE-2005-3784
+
+ The auto-reaping of childe processes functionality included ptraced-attached
+ processes, which allows denial of service through dangling references.
+
+CVE-2005-3806
+
+ Yen Zheng discovered that the IPv6 flow label code modified an incorrect variable,
+ which could lead to memory corruption and denial of service.
+
+CVE-2005-3847
+
+ It was discovered that a threaded real-time process, which is currently dumping
+ core can be forced into a dead-lock situation by sending it a SIGKILL signal,
+ which allows a denial of service attack.
+
+CVE-2005-3848
+
+ Ollie Wild discovered a memory leak in the icmp_push_reply() function, which
+ allows denial of service through memory consumption.
+
+CVE-2005-3857
+
+ Chris Wright discovered that excessive allocation of broken file lock leases
+ in the VFS layer can exhaust memory and fill up the system logging, which allows
+ denial of service.
+
+CVE-2005-3858
+
+ Patrick McHardy discovered a memory leak in the ip6_input_finish() function from
+ the IPv6 code, which allows denial of service.
+
+CVE-2005-4605
+
+ Karl Janmar discovered that a signedness error in the procfs code can be exploited
+ to read kernel memory, which may disclose sensitive information.
+
+CVE-2005-4618
+
+ Yi Ying discovered that sysctl does not properly enforce the size of a buffer, which
+ allows a denial of service attack.
+
+CVE-2006-0095
+
+ Stefan Rompf discovered that dm_crypt does not clear an internal struct before freeing
+ it, which might disclose sensitive information.
+
+CVE-2006-0096
+
+ It was discovered that the SDLA driver's capability checks were too lax
+ for firmware upgrades.
+
+CVE-2006-0482
+
+ Ludovic Courtes discovered that get_compat_timespec() performs insufficient input
+ sanitizing, which allows a local denial of service attack.
+
+CVE-2006-1066
+
+ It was discovered that ptrace() on the ia64 architecture allows a local denial of
+ service attack, when preemption is enabled.
+
+
+The following matrix explains which kernel version for which architecture
+fix the problems mentioned above:
+
+ Debian 3.1 (sarge)
+ Source 2.6.8-16sarge2
+ Alpha architecture 2.6.8-16sarge2
+ AMD64 architecture 2.6.8-16sarge2
+ HP Precision architecture 2.6.8-6sarge2
+ Intel IA-32 architecture 2.6.8-16sarge2
+ Intel IA-64 architecture 2.6.8-14sarge2
+ Motorola 680x0 architecture 2.6.8-4sarge2
+ PowerPC architecture 2.6.8-12sarge2
+ IBM S/390 architecture 2.6.8-5sarge2
+ Sun Sparc architecture 2.6.8-15sarge2
+
+The following matrix lists additional packages that were rebuilt for
+compatability with or to take advantage of this update:
+
+ Debian 3.1 (sarge)
+ kernel-latest-2.6-alpha 101sarge1
+ kernel-latest-2.6-amd64 103sarge1
+ kernel-latest-2.6-hppa 2.6.8-1sarge1
+ kernel-latest-2.6-sparc 101sarge1
+ kernel-latest-2.6-i386 101sarge1
+ kernel-latest-powerpc 102sarge1
+ fai-kernels 1.9.1sarge1
+ hostap-modules-i386 0.3.7-1sarge1
+ mol-modules-2.6.8 0.9.70+2.6.8+12sarge1
+ ndiswrapper-modules-i386 1.1-2sarge1
+
+We recommend that you upgrade your kernel package immediately and reboot
+the machine. If you have built a custom kernel from the kernel source
+package, you will need to rebuild to take advantage of these fixes.
+
+Upgrade Instructions
+--------------------
+
+wget url
+ will fetch the file for you
+dpkg -i file.deb
+ will install the referenced file.
+
+If you are using the apt-get package manager, use the line for
+sources.list as given below:
+
+apt-get update
+ will update the internal database
+apt-get upgrade
+ will install corrected packages
+
+You may use an automated update by adding the resources from the
+footer to the proper configuration.
+
+
+Debian GNU/Linux 3.1 alias sarge
+--------------------------------
+
+
+ These files will probably be moved into the stable distribution on
+ its next update.
+
+---------------------------------------------------------------------------------
+For apt-get: deb http://security.debian.org/ stable/updates main
+For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main
+Mailing list: debian-security-announce at lists.debian.org
+Package info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>
Copied: dsa-texts/2.6.8-16sarge3 (from rev 1142, dsa-texts/2.6.8-sarge3)
===================================================================
--- dsa-texts/2.6.8-16sarge3 (rev 0)
+++ dsa-texts/2.6.8-16sarge3 2008-02-22 22:13:55 UTC (rev 1147)
@@ -0,0 +1,246 @@
+Subject: New Linux kernel 2.6.8 packages fix several issues
+
+--------------------------------------------------------------------------
+Debian Security Advisory DSA XXX-1 security at debian.org
+http://www.debian.org/security/ Dann Frazier, Troy Heber
+XXXXX 8th, 2005 http://www.debian.org/security/faq
+--------------------------------------------------------------------------
+
+Package : kernel-source-2.6.8
+Vulnerability : several
+Problem-Type : local/remote
+Debian-specific: no
+CVE ID : CVE-2005-3359 CVE-2006-0038 CVE-2006-0039 CVE-2006-0456
+ CVE-2006-0554 CVE-2006-0555 CVE-2006-0557 CVE-2006-0558
+ CVE-2006-0741 CVE-2006-0742 CVE-2006-0744 CVE-2006-1056
+ CVE-2006-1242 CVE-2006-1368 CVE-2006-1523 CVE-2006-1524
+ CVE-2006-1525 CVE-2006-1857 CVE-2006-1858 CVE-2006-1863
+ CVE-2006-1864 CVE-2006-2271 CVE-2006-2272 CVE-2006-2274
+Debian Bug :
+
+Several local and remote vulnerabilities have been discovered in the Linux
+kernel that may lead to a denial of service or the execution of arbitrary
+code. The Common Vulnerabilities and Exposures project identifies the
+following problems:
+
+CVE-2005-3359
+
+ Franz Filz discovered that some socket calls permit causing inconsistent
+ reference counts on loadable modules, which allows local users to cause
+ a denial of service.
+
+CVE-2006-0038
+
+ "Solar Designer" discovered that arithmetic computations in netfilter's
+ do_replace() function can lead to a buffer overflow and the execution of
+ arbitrary code. However, the operation requires CAP_NET_ADMIN privileges,
+ which is only an issue in virtualization systems or fine grained access
+ control systems.
+
+CVE-2006-0039
+
+ "Solar Designer" discovered a race condition in netfilter's
+ do_add_counters() function, which allows information disclosure of kernel
+ memory by exploiting a race condition. Likewise, it requires CAP_NET_ADMIN
+ privileges.
+
+CVE-2006-0456
+
+ David Howells discovered that the s390 assembly version of the
+ strnlen_user() function incorrectly returns some string size values.
+
+CVE-2006-0554
+
+ It was discovered that the ftruncate() function of XFS can expose
+ unallocated, which allows information disclosure of previously deleted
+ files.
+
+CVE-2006-0555
+
+ It was discovered that some NFS file operations on handles mounted with
+ O_DIRECT can force the kernel into a crash.
+
+CVE-2006-0557
+
+ It was discovered that the code to configure memory policies allows
+ tricking the kernel into a crash, thus allowing denial of service.
+
+CVE-2006-0558
+
+ It was discovered by Cliff Wickman that perfmon for the IA64
+ architecture allows users to trigger a BUG() assert, which allows
+ denial of service.
+
+CVE-2006-0741
+
+ Intel EM64T systems were discovered to be susceptible to a local
+ DoS due to an endless recursive fault related to a bad elf entry
+ address.
+
+CVE-2006-0742
+
+ Alan and Gareth discovered that the ia64 platform had an
+ incorrectly declared die_if_kernel() function as "does never
+ return" which could be exploited by a local attacker resulting in
+ a kernel crash.
+
+CVE-2006-0744
+
+ The Linux kernel did not properly handle uncanonical return
+ addresses on Intel EM64T CPUs, reporting exceptions in the SYSRET
+ instead of the next instruction, causing the kernel exception
+ handler to run on the user stack with the wrong GS. This may result
+ in a DoS due to a local user changing the frames.
+
+CVE-2006-1056
+
+ AMD64 machines (and other 7th and 8th generation AuthenticAMD
+ processors) were found to be vulnerable to sensitive information
+ leakage, due to how they handle saving and restoring the FOP, FIP,
+ and FDP x87 registers in FXSAVE/FXRSTOR when an exception is
+ pending. This allows a process to determine portions of the state
+ of floating point instructions of other processes.
+
+CVE-2006-1242
+
+ Marco Ivaldi discovered that there was an unintended information
+ disclosure allowing remote attackers to bypass protections against
+ Idle Scans (nmap -sI) by abusing the ID field of IP packets and
+ bypassing the zero IP ID in DF packet countermeasure. This was a
+ result of the ip_push_pending_frames function improperly
+ incremented the IP ID field when sending a RST after receiving
+ unsolicited TCP SYN-ACK packets.
+
+CVE-2006-1368
+
+ Shaun Tancheff discovered a buffer overflow (boundry condition
+ error) in the USB Gadget RNDIS implementation allowing remote
+ attackers to cause a DoS. While creating a reply message, the
+ driver allocated memory for the reply data, but not for the reply
+ structure. The kernel fails to properly bounds-check user-supplied
+ data before copying it to an insufficiently sized memory
+ buffer. Attackers could crash the system, or possibly execute
+ arbitrary machine code.
+
+CVE-2006-1523
+
+ Oleg Nesterov reported an unsafe BUG_ON call in signal.c which was
+ introduced by RCU signal handling. The BUG_ON code is protected by
+ siglock while the code in switch_exit_pids() uses tasklist_lock. It
+ may be possible for local users to exploit this to initiate a denial
+ of service attack (DoS).
+
+CVE-2006-1524
+
+ Hugh Dickins discovered an issue in the madvise_remove function wherein
+ file and mmap restrictions are not followed, allowing local users to
+ bypass IPC permissions and replace portions of readonly tmpfs files with
+ zeroes.
+
+CVE-2006-1525
+
+ Alexandra Kossovsky reported a NULL pointer dereference condition in
+ ip_route_input() that can be triggered by a local user by requesting
+ a route for a multicast IP address, resulting in a denial of service
+ (panic).
+
+CVE-2006-1857
+
+ Vlad Yasevich reported a data validation issue in the SCTP subsystem
+ that may allow a remote user to overflow a buffer using a badly formatted
+ HB-ACK chunk, resulting in a denial of service.
+
+CVE-2006-1858
+
+ Vlad Yasevich reported a bug in the bounds checking code in the SCTP
+ subsystem that may allow a remote attacker to trigger a denial of service
+ attack when rounded parameter lengths are used to calculate parameter
+ lengths instead of the actual values.
+
+CVE-2006-1863
+
+ Mark Mosely discovered that chroots residing on an CIFS share can be
+ escaped with specially crafted "cd" sequences.
+
+CVE-2006-1864
+
+ Mark Mosely discovered that chroots residing on an SMB share can be
+ escaped with specially crafted "cd" sequences.
+
+CVE-2006-2271
+
+ The "Mu security team" discovered that carefully crafted ECNE chunks can
+ cause a kernel crash by accessing incorrect state stable entries in the
+ SCTP networking subsystem, which allows denial of service.
+
+CVE-2006-2272
+
+ The "Mu security team" discovered that fragmented SCTP control
+ chunks can trigger kernel panics, which allows for denial of
+ service attacks.
+
+CVE-2006-2274
+
+ It was discovered that SCTP packets with two initial bundled data
+ packets can lead to infinite recursion, which allows for denial of
+ service attacks.
+
+
+
+The following matrix explains which kernel version for which architecture
+fix the problems mentioned above:
+
+ Debian 3.1 (sarge)
+ Source 2.6.8-16sarge3
+ Alpha architecture 2.6.8-16sarge3
+ AMD64 architecture 2.6.8-16sarge3
+ HP Precision architecture 2.6.8-6sarge3
+ Intel IA-32 architecture 2.6.8-16sarge3
+ Intel IA-64 architecture 2.6.8-14sarge3
+ Motorola 680x0 architecture 2.6.8-4sarge3
+ PowerPC architecture 2.6.8-12sarge3
+ IBM S/390 architecture 2.6.8-5sarge3
+ Sun Sparc architecture 2.6.8-15sarge3
+
+The following matrix lists additional packages that were rebuilt for
+compatibility with or to take advantage of this update:
+
+ Debian 3.1 (sarge)
+ fai-kernels 1.9.1sarge2
+
+We recommend that you upgrade your kernel package immediately and reboot
+the machine. If you have built a custom kernel from the kernel source
+package, you will need to rebuild to take advantage of these fixes.
+
+Upgrade Instructions
+--------------------
+
+wget url
+ will fetch the file for you
+dpkg -i file.deb
+ will install the referenced file.
+
+If you are using the apt-get package manager, use the line for
+sources.list as given below:
+
+apt-get update
+ will update the internal database
+apt-get upgrade
+ will install corrected packages
+
+You may use an automated update by adding the resources from the
+footer to the proper configuration.
+
+
+Debian GNU/Linux 3.1 alias sarge
+--------------------------------
+
+
+ These files will probably be moved into the stable distribution on
+ its next update.
+
+---------------------------------------------------------------------------------
+For apt-get: deb http://security.debian.org/ stable/updates main
+For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main
+Mailing list: debian-security-announce at lists.debian.org
+Package info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>
Copied: dsa-texts/2.6.8-16sarge5 (from rev 1142, dsa-texts/2.6.8-sarge5)
===================================================================
--- dsa-texts/2.6.8-16sarge5 (rev 0)
+++ dsa-texts/2.6.8-16sarge5 2008-02-22 22:13:55 UTC (rev 1147)
@@ -0,0 +1,169 @@
+--------------------------------------------------------------------------
+Debian Security Advisory DSA XXX-1 security at debian.org
+http://www.debian.org/security/ Dann Frazier
+XXXXX 8th, 2006 http://www.debian.org/security/faq
+--------------------------------------------------------------------------
+
+Package : kernel-source-2.6.8
+Vulnerability : several
+Problem-Type : local/remote
+Debian-specific: no
+CVE ID : CVE-2006-3468 CVE-2004-2660 CVE-2005-4798 CVE-2006-2935
+ CVE-2006-2936 CVE-2006-1052 CVE-2006-1343 CVE-2006-1528
+ CVE-2006-1855 CVE-2006-1856 CVE-2006-2444 CVE-2006-2446
+ CVE-2006-3745 CVE-2006-4535 CVE-2006-4093 CVE-2006-4145
+
+Several local and remote vulnerabilities have been discovered in the Linux
+kernel that may lead to a denial of service or the execution of arbitrary
+code. The Common Vulnerabilities and Exposures project identifies the
+following problems:
+
+CVE-2006-3468
+
+ James McKenzie discovered a vulnerability in the NFS subsystem, allowing
+ remote denial of service if an ext3 filesystem is exported.
+
+CVE-2004-2660
+
+ IWAMOTO Toshihiro discovered a direct IO memory leak that a malicious
+ local user could use to create a local denial of service.
+
+CVE-2005-4798
+
+ Assar discovered a buffer overlow in the NFS readlink handling code
+ that would allows a malicious remote server to cause a denail of
+ service (crash) using a long symlink.
+
+CVE-2006-2935
+
+ Diego Calleja Garcia discovered a potential buffer overflow in the
+ dvd_read_bca() function that could allow aribrary code execution via
+ a malicious CDROM device
+
+CVE-2006-2936
+
+ Ian Abbott and Guillaume Autran provided a fix for a vulnerability in
+ the ftdio_sio driver that could allow a local user to initiate a denial
+ of service attack by writing lots of data to the serial port and
+ consuming all of system memory.
+
+CVE-2006-1052
+
+ Stephen Smalley contributed a fix for a bug in SELinux that allows local
+ users with ptrace permission to change the tracer SID to the SID of
+ another process.
+
+CVE-2006-1343
+
+ Pavel Kankovsky discovered that sockaddr_in.sin_zero is not zeroed
+ during certain operations returning IPv4 socket names which allows
+ potentially sensitive memory to be leaked to userspace.
+
+CVE-2006-1528
+
+ Douglas Gilbert reported a bug in the sg driver that allows local
+ users to oops the kernel by performing dio transfers from the sg
+ driver to memory mapped IO space.
+
+CVE-2006-1855
+
+ Mattia Belletti noticed that certain debugging code left in the
+ choose_new_parent routine allows local users to cause a denial of
+ service (panic).
+
+CVE-2006-1856
+
+ Kostik Belousov discovered a missing LSM file_permission check in the
+ readv and writev functions which might allow attackers to bypass intended
+ access restrictions.
+
+CVE-2006-2444
+
+ Patrick McHardy reported a memory corruption bug in snmp_trap_decode that
+ could be used by remote attackers to crash a system.
+
+CVE-2006-2446
+
+ A race between the kfree_skb and __skb_unlink functions allows remote
+ users to crash a system.
+
+CVE-2006-3745
+
+ Wei Wang discovered a vulnerability in the SCTP subsystem that can be
+ exploited for local privilege escalation.
+
+
+CVE-2006-4535
+
+ David Miller reported a problem with the fix for CVE-2006-3745 that allows
+ local users to crash the system using via an SCTP socket with a certain
+ SO_LINGER value.
+
+CVE-2006-4093
+
+ Olof Johansson reported a vulnerability on PPC970 systems that allows
+ local users to hang a machine related to the HID0 attention enable at
+ boot time.
+
+CVE-2006-4145
+
+ Colin discovered a bug in the UDF filesystem that allows local users to
+ hang a system when truncating files.
+
+The following matrix explains which kernel version for which architecture
+fix the problems mentioned above:
+
+ Debian 3.1 (sarge)
+ Source 2.6.8-16sarge5
+ Alpha architecture 2.6.8-16sarge5
+ AMD64 architecture 2.6.8-16sarge5
+ HP Precision architecture 2.6.8-6sarge5
+ Intel IA-32 architecture 2.6.8-16sarge5
+ Intel IA-64 architecture 2.6.8-14sarge5
+ Motorola 680x0 architecture 2.6.8-4sarge5
+ PowerPC architecture 2.6.8-12sarge5
+ IBM S/390 architecture 2.6.8-5sarge5
+ Sun Sparc architecture 2.6.8-15sarge5
+
+The following matrix lists additional packages that were rebuilt for
+compatibility with or to take advantage of this update:
+
+ Debian 3.1 (sarge)
+ fai-kernels 1.9.1sarge4
+
+We recommend that you upgrade your kernel package immediately and reboot
+the machine. If you have built a custom kernel from the kernel source
+package, you will need to rebuild to take advantage of these fixes.
+
+Upgrade Instructions
+--------------------
+
+wget url
+ will fetch the file for you
+dpkg -i file.deb
+ will install the referenced file.
+
+If you are using the apt-get package manager, use the line for
+sources.list as given below:
+
+apt-get update
+ will update the internal database
+apt-get upgrade
+ will install corrected packages
+
+You may use an automated update by adding the resources from the
+footer to the proper configuration.
+
+
+Debian GNU/Linux 3.1 alias sarge
+--------------------------------
+
+
+ These files will probably be moved into the stable distribution on
+ its next update.
+
+---------------------------------------------------------------------------------
+For apt-get: deb http://security.debian.org/ stable/updates main
+For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main
+Mailing list: debian-security-announce at lists.debian.org
+Package info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>
Copied: dsa-texts/2.6.8-16sarge6 (from rev 1142, dsa-texts/2.6.8-sarge6)
===================================================================
--- dsa-texts/2.6.8-16sarge6 (rev 0)
+++ dsa-texts/2.6.8-16sarge6 2008-02-22 22:13:55 UTC (rev 1147)
@@ -0,0 +1,145 @@
+--------------------------------------------------------------------------
+Debian Security Advisory DSA XXX-1 security at debian.org
+http://www.debian.org/security/ Dann Frazier
+XXXXX 8th, 2006 http://www.debian.org/security/faq
+--------------------------------------------------------------------------
+
+Package : kernel-source-2.6.8
+Vulnerability : several
+Problem-Type : local/remote
+Debian-specific: no
+CVE ID : CVE-2006-3741 CVE-2006-4538 CVE-2006-4813 CVE-2006-4997
+ CVE-2006-5174 CVE-2006-5619 CVE-2006-5649 CVE-2006-5751
+ CVE-2006-5871
+
+Several local and remote vulnerabilities have been discovered in the Linux
+kernel that may lead to a denial of service or the execution of arbitrary
+code. The Common Vulnerabilities and Exposures project identifies the
+following problems:
+
+CVE-2006-3741
+
+ Stephane Eranian discovered a local DoS (Denial of Service) vulnerability
+ on the ia64 architecture. A local user could exhaust the available file
+ descriptors by exploiting a counting error in the permonctl() system call.
+
+CVE-2006-4538
+
+ Kirill Korotaev reported a local DoS (Denial of Service) vulnerability
+ on the ia64 and sparc architectures. A user could cause the system to
+ crash by executing a malformed ELF binary due to insufficient verification
+ of the memory layout.
+
+CVE-2006-4813
+
+ Dmitriy Monakhov reported a potential memory leak in the
+ __block_prepare_write function. __block_prepare_write does not properly
+ sanitize kernel buffers during error recovery, which could be exploited
+ by local users to gain access to sensitive kernel memory.
+
+CVE-2006-4997
+
+ ADLab Venustech Info Ltd reported a potential remote DoS (Denial of
+ Service) vulnerability in the IP over ATM subsystem. A remote system
+ could cause the system to crash by sending specially crafted packets
+ that would trigger an attempt to free an already-freed pointer
+ resulting in a system crash.
+
+CVE-2006-5174
+
+ Martin Schwidefsky reported a potential leak of sensitive information
+ on s390 systems. The copy_from_user function did not clear the remaining
+ bytes of the kernel buffer after receiving a fault on the userspace
+ address, resulting in a leak of uninitialized kernel memory. A local user
+ could exploit this by appending to a file from a bad address.
+
+CVE-2006-5619
+
+ James Morris reported a potential local DoS (Denial of Service)
+ vulnerability that could be used to hang or oops a system. The seqfile
+ handling for /proc/net/ip6_flowlabel has a flaw that can be exploited to
+ cause an infinite loop by reading this file after creating a flowlabel.
+
+CVE-2006-5649
+
+ Fabio Massimo Di Nitto reported a potential remote DoS (Denial of Service)
+ vulnerability on powerpc systems. The alignment exception only
+ checked the exception table for -EFAULT, not for other errors. This can
+ be exploited by a local user to cause a system crash (panic).
+
+CVE-2006-5751
+
+ Eugene Teo reported a vulnerability in the get_fdb_entries function that
+ could potentially be exploited to allow arbitrary code execution with
+ escalated priveleges.
+
+CVE-2006-5871
+
+ Bill Allombert reported that various mount options are ignored by smbfs
+ when UNIX extensions are enabled. This includes the uid, gid and mode
+ options. Client systems would silently use the server-provided settings
+ instead of honoring these options, changing the security model. This
+ update includes a fix from Haroldo Gamal that forces the kernel to honor
+ these mount options. Note that, since the current versions of smbmount
+ always pass values for these options to the kernel, it is not currently
+ possible to activate unix extensions by omitting mount options. However,
+ this behavior is currently consistent with the current behavior of the
+ next Debian release, 'etch'.
+
+The following matrix explains which kernel version for which architecture
+fix the problems mentioned above:
+
+ Debian 3.1 (sarge)
+ Source 2.6.8-16sarge6
+ Alpha architecture 2.6.8-16sarge6
+ AMD64 architecture 2.6.8-16sarge6
+ HP Precision architecture 2.6.8-6sarge6
+ Intel IA-32 architecture 2.6.8-16sarge6
+ Intel IA-64 architecture 2.6.8-14sarge6
+ Motorola 680x0 architecture 2.6.8-4sarge6
+ PowerPC architecture 2.6.8-12sarge6
+ IBM S/390 architecture 2.6.8-5sarge6
+ Sun Sparc architecture 2.6.8-15sarge6
+
+The following matrix lists additional packages that were rebuilt for
+compatibility with or to take advantage of this update:
+
+ Debian 3.1 (sarge)
+ fai-kernels 1.9.1sarge5
+
+We recommend that you upgrade your kernel package immediately and reboot
+the machine. If you have built a custom kernel from the kernel source
+package, you will need to rebuild to take advantage of these fixes.
+
+Upgrade Instructions
+--------------------
+
+wget url
+ will fetch the file for you
+dpkg -i file.deb
+ will install the referenced file.
+
+If you are using the apt-get package manager, use the line for
+sources.list as given below:
+
+apt-get update
+ will update the internal database
+apt-get upgrade
+ will install corrected packages
+
+You may use an automated update by adding the resources from the
+footer to the proper configuration.
+
+
+Debian GNU/Linux 3.1 alias sarge
+--------------------------------
+
+
+ These files will probably be moved into the stable distribution on
+ its next update.
+
+---------------------------------------------------------------------------------
+For apt-get: deb http://security.debian.org/ stable/updates main
+For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main
+Mailing list: debian-security-announce at lists.debian.org
+Package info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>
Copied: dsa-texts/2.6.8-16sarge7 (from rev 1142, dsa-texts/2.6.8-sarge7)
===================================================================
--- dsa-texts/2.6.8-16sarge7 (rev 0)
+++ dsa-texts/2.6.8-16sarge7 2008-02-22 22:13:55 UTC (rev 1147)
@@ -0,0 +1,477 @@
+--------------------------------------------------------------------------
+Debian Security Advisory DSA 1304-1 security at debian.org
+http://www.debian.org/security/ Dann Frazier
+June 16th, 2007 http://www.debian.org/security/faq
+--------------------------------------------------------------------------
+
+Package : kernel-source-2.6.8
+Vulnerability : several
+Problem-Type : local/remote
+Debian-specific: no
+CVE ID : CVE-2005-4811 CVE-2006-4814 CVE-2006-4623 CVE-2006-5753
+ CVE-2006-5754 CVE-2006-5757 CVE-2006-6053 CVE-2006-6056
+ CVE-2006-6060 CVE-2006-6106 CVE-2006-6535 CVE-2007-0958
+ CVE-2007-1357 CVE-2007-1592
+
+Several local and remote vulnerabilities have been discovered in the Linux
+kernel that may lead to a denial of service or the execution of arbitrary
+code.
+
+This update also fixes a regression in the smbfs subsystem which was introduced
+in DSA-1233 which caused symlinks to be interpreted as regular files.
+
+The Common Vulnerabilities and Exposures project identifies the
+following problems:
+
+CVE-2005-4811
+
+ David Gibson reported an issue in the hugepage code which could permit
+ a local DoS (system crash) on appropriately configured systems.
+
+CVE-2006-4814
+
+ Doug Chapman discovered a potential local DoS (deadlock) in the mincore
+ function caused by improper lock handling.
+
+CVE-2006-4623
+
+ Ang Way Chuang reported a remote DoS (crash) in the dvb driver which
+ can be triggered by a ULE package with an SNDU length of 0.
+
+CVE-2006-5753
+
+ Eric Sandeen provided a fix for a local memory corruption vulnerability
+ resulting from a misinterpretation of return values when operating on
+ inodes which have been marked bad.
+
+CVE-2006-5754
+
+ Darrick Wong discovered a local DoS (crash) vulnerability resulting from
+ the incorrect initialization of "nr_pages" in aio_setup_ring().
+
+CVE-2006-5757
+
+ LMH reported a potential local DoS which could be exploited by a malicious
+ user with the privileges to mount and read a corrupted iso9660 filesystem.
+
+CVE-2006-6053
+
+ LMH reported a potential local DoS which could be exploited by a malicious
+ user with the privileges to mount and read a corrupted ext3 filesystem.
+
+CVE-2006-6056
+
+ LMH reported a potential local DoS which could be exploited by a malicious
+ user with the privileges to mount and read a corrupted hfs filesystem on
+ systems with SELinux hooks enabled (Debian does not enable SELinux by
+ default).
+
+CVE-2006-6060
+
+ LMH reported a potential local DoS (infinie loop) which could be exploited
+ by a malicious user with the privileges to mount and read a corrupted NTFS
+ filesystem.
+
+CVE-2006-6106
+
+ Marcel Holtman discovered multiple buffer overflows in the Bluetooth
+ subsystem which can be used to trigger a remote DoS (crash) and potentially
+ execute arbitray code.
+
+CVE-2006-6535
+
+ Kostantin Khorenko discovered an invalid error path in dev_queue_xmit()
+ which could be exploited by a local user to cause data corruption.
+
+CVE-2007-0958
+
+ Santosh Eraniose reported a vulnerability that allows local users to read
+ otherwise unreadable files by triggering a core dump while using PT_INTERP.
+ This is related to CVE-2004-1073.
+
+CVE-2007-1357
+
+ Jean Delvare reported a vulnerability in the appletalk subsystem.
+ Systems with the appletalk module loaded can be triggered to crash
+ by other systems on the local network via a malformed frame.
+
+CVE-2007-1592
+
+ Masayuki Nakagawa discovered that flow labels were inadvertently
+ being shared between listening sockets and child sockets. This defect
+ can be exploited by local users to cause a DoS (Oops).
+
+The following matrix explains which kernel version for which architecture
+fix the problems mentioned above:
+
+ Debian 3.1 (sarge)
+ Source 2.6.8-16sarge7
+ Alpha architecture 2.6.8-16sarge7
+ AMD64 architecture 2.6.8-16sarge7
+ HP Precision architecture 2.6.8-6sarge7
+ Intel IA-32 architecture 2.6.8-16sarge7
+ Intel IA-64 architecture 2.6.8-14sarge7
+ Motorola 680x0 architecture 2.6.8-4sarge7
+ PowerPC architecture 2.6.8-12sarge7
+ IBM S/390 architecture 2.6.8-5sarge7
+ Sun Sparc architecture 2.6.8-15sarge7
+
+We recommend that you upgrade your kernel package immediately and reboot
+the machine. If you have built a custom kernel from the kernel source
+package, you will need to rebuild to take advantage of these fixes.
+
+Upgrade Instructions
+--------------------
+
+wget url
+ will fetch the file for you
+dpkg -i file.deb
+ will install the referenced file.
+
+If you are using the apt-get package manager, use the line for
+sources.list as given below:
+
+apt-get update
+ will update the internal database
+apt-get upgrade
+ will install corrected packages
+
+You may use an automated update by adding the resources from the
+footer to the proper configuration.
+
+
+Debian GNU/Linux 3.1 alias sarge
+--------------------------------
+
+ Source archives:
+
+ http://security.debian.org/pool/updates/main/f/fai-kernels/fai-kernels_1.9.1sarge6.dsc
+ Size/MD5 checksum: 621 5549801d7afb55815fdbdab176ca876e
+ http://security.debian.org/pool/updates/main/f/fai-kernels/fai-kernels_1.9.1sarge6.tar.gz
+ Size/MD5 checksum: 30783 ca74ee036a13e209a496d86cfa216a3a
+ http://security.debian.org/pool/updates/main/h/hostap-modules-i386/hostap-modules-i386_0.3.7-1sarge2.dsc
+ Size/MD5 checksum: 1092 5873dba0c647976525db473f74acb9e0
+ http://security.debian.org/pool/updates/main/h/hostap-modules-i386/hostap-modules-i386_0.3.7-1sarge2.tar.gz
+ Size/MD5 checksum: 2310 77fa2acc4981a8139a83ab5ba38b2496
+ http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-alpha/kernel-image-2.6.8-alpha_2.6.8-16sarge7.dsc
+ Size/MD5 checksum: 812 31724186421d5e75b4d30bc4c5ac4cfe
+ http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-alpha/kernel-image-2.6.8-alpha_2.6.8-16sarge7.tar.gz
+ Size/MD5 checksum: 41795 5cf6d42b220f46f3dac97d1c04a8f259
+ http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-amd64/kernel-image-2.6.8-amd64_2.6.8-16sarge7.dsc
+ Size/MD5 checksum: 1103 375e1122fd79645e41edab034be9de0f
+ http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-amd64/kernel-image-2.6.8-amd64_2.6.8-16sarge7.tar.gz
+ Size/MD5 checksum: 79256 ca9f65f94ea59b6d7edaf6b78de20adb
+ http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-hppa/kernel-image-2.6.8-hppa_2.6.8-6sarge7.dsc
+ Size/MD5 checksum: 1013 f815fd7077a24a9bc1639e8965ac8436
+ http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-hppa/kernel-image-2.6.8-hppa_2.6.8-6sarge7.tar.gz
+ Size/MD5 checksum: 70389 9ebd6b53dfe6592d0783727b994c093e
+ http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-i386/kernel-image-2.6.8-i386_2.6.8-16sarge7.dsc
+ Size/MD5 checksum: 1047 77659b43aa4f6e16200a2fc7c965f38d
+ http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-i386/kernel-image-2.6.8-i386_2.6.8-16sarge7.tar.gz
+ Size/MD5 checksum: 93525 8def6bcf41cc21b34233d64a91fd3711
+ http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-ia64/kernel-image-2.6.8-ia64_2.6.8-14sarge7.dsc
+ Size/MD5 checksum: 1191 672189ecf8912c0c58dc83dee1db8c43
+ http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-ia64/kernel-image-2.6.8-ia64_2.6.8-14sarge7.tar.gz
+ Size/MD5 checksum: 67022 d9201644c379a6014c0cc604bfb8e0ab
+ http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-m68k/kernel-image-2.6.8-m68k_2.6.8-4sarge7.dsc
+ Size/MD5 checksum: 874 faf43ca53f82737f123afab17a74f052
+ http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-m68k/kernel-image-2.6.8-m68k_2.6.8-4sarge7.tar.gz
+ Size/MD5 checksum: 20214 82cb545e2b7abbb013cae38deebf4e08
+ http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-s390/kernel-image-2.6.8-s390_2.6.8-5sarge7.dsc
+ Size/MD5 checksum: 846 64007a13f7e337cbf008bc2c74b52ea1
+ http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-s390/kernel-image-2.6.8-s390_2.6.8-5sarge7.tar.gz
+ Size/MD5 checksum: 15750 201c22a6234947a99c468f2779160b33
+ http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-sparc/kernel-image-2.6.8-sparc_2.6.8-15sarge7.dsc
+ Size/MD5 checksum: 1036 354dca83df1ed4b6fd9eb056aa868a0e
+ http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-sparc/kernel-image-2.6.8-sparc_2.6.8-15sarge7.tar.gz
+ Size/MD5 checksum: 29718 2238b6f81d4b7c64e75d21749a2c9c71
+ http://security.debian.org/pool/updates/main/k/kernel-patch-powerpc-2.6.8/kernel-patch-powerpc-2.6.8_2.6.8-12sarge7.dsc
+ Size/MD5 checksum: 1071 1bc90c9c9a884ca21de67e47f7f71831
+ http://security.debian.org/pool/updates/main/k/kernel-patch-powerpc-2.6.8/kernel-patch-powerpc-2.6.8_2.6.8-12sarge7.tar.gz
+ Size/MD5 checksum: 29824 c5af34b00421bbf54f73210fae7da80a
+ http://security.debian.org/pool/updates/main/k/kernel-source-2.6.8/kernel-source-2.6.8_2.6.8-16sarge7.dsc
+ Size/MD5 checksum: 1002 045ef1474c1a353d5aa48dea8c67183b
+ http://security.debian.org/pool/updates/main/k/kernel-source-2.6.8/kernel-source-2.6.8_2.6.8-16sarge7.diff.gz
+ Size/MD5 checksum: 1086810 4d9a1726c26fb571d1b10bc94f4ee102
+ http://security.debian.org/pool/updates/main/k/kernel-source-2.6.8/kernel-source-2.6.8_2.6.8.orig.tar.gz
+ Size/MD5 checksum: 43929719 0393c05ffa4770c3c5178b74dc7a4282
+ http://security.debian.org/pool/updates/main/m/mol-modules-2.6.8/mol-modules-2.6.8_0.9.70+2.6.8+12sarge2.dsc
+ Size/MD5 checksum: 703 adb50819acd30f02a8c22f0397675bb5
+ http://security.debian.org/pool/updates/main/m/mol-modules-2.6.8/mol-modules-2.6.8_0.9.70+2.6.8+12sarge2.tar.gz
+ Size/MD5 checksum: 4358 469b36e05242fb4ce2adfc0d102fa2aa
+
+ Architecture independent components:
+
+ http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-s390/kernel-patch-2.6.8-s390_2.6.8-5sarge7_all.deb
+ Size/MD5 checksum: 13864 651d60ecebfed7a105e0263f6fe5478e
+ http://security.debian.org/pool/updates/main/k/kernel-source-2.6.8/kernel-doc-2.6.8_2.6.8-16sarge7_all.deb
+ Size/MD5 checksum: 6185220 661002c3ad09bbd5dcab929d531041b2
+ http://security.debian.org/pool/updates/main/k/kernel-source-2.6.8/kernel-patch-debian-2.6.8_2.6.8-16sarge7_all.deb
+ Size/MD5 checksum: 1142308 4cbfb30ffaf7e431cf8b162a37c543a3
+ http://security.debian.org/pool/updates/main/k/kernel-source-2.6.8/kernel-source-2.6.8_2.6.8-16sarge7_all.deb
+ Size/MD5 checksum: 34947952 2487a3846e7143fdfca3ad5664028c88
+ http://security.debian.org/pool/updates/main/k/kernel-source-2.6.8/kernel-tree-2.6.8_2.6.8-16sarge7_all.deb
+ Size/MD5 checksum: 37742 9d7013f35ef4f2720147f393efa265a4
+
+ Alpha architecture:
+
+ http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-alpha/kernel-headers-2.6.8-4_2.6.8-16sarge7_alpha.deb
+ Size/MD5 checksum: 2762560 84e7e74114738170f4d9f7df9e270b78
+ http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-alpha/kernel-headers-2.6.8-4-generic_2.6.8-16sarge7_alpha.deb
+ Size/MD5 checksum: 234956 23c852ab91eb4a3ac982c9cbe04eff84
+ http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-alpha/kernel-headers-2.6.8-4-smp_2.6.8-16sarge7_alpha.deb
+ Size/MD5 checksum: 229566 aa37cc2ff3b38f45f0e83bed8d177b47
+ http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-alpha/kernel-image-2.6.8-4-generic_2.6.8-16sarge7_alpha.deb
+ Size/MD5 checksum: 20243562 d927ee8555993b8d6fc77790d3b55711
+ http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-alpha/kernel-image-2.6.8-4-smp_2.6.8-16sarge7_alpha.deb
+ Size/MD5 checksum: 20097284 206b31b2bd3751fcea2607ee351c9889
+
+ AMD64 architecture:
+
+ http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-amd64/kernel-headers-2.6.8-13_2.6.8-16sarge7_amd64.deb
+ Size/MD5 checksum: 2725500 3f3ab58e8870ab61b9e23c23761a4604
+ http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-amd64/kernel-headers-2.6.8-13-amd64-generic_2.6.8-16sarge7_amd64.deb
+ Size/MD5 checksum: 228840 d16b8661666cdde1b13b566da719f49e
+ http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-amd64/kernel-headers-2.6.8-13-amd64-k8_2.6.8-16sarge7_amd64.deb
+ Size/MD5 checksum: 228024 afcb92db3b32fcef246cfdbaebc7c488
+ http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-amd64/kernel-headers-2.6.8-13-amd64-k8-smp_2.6.8-16sarge7_amd64.deb
+ Size/MD5 checksum: 224084 d726ad34628dce5f56a292726ef77418
+ http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-amd64/kernel-headers-2.6.8-13-em64t-p4_2.6.8-16sarge7_amd64.deb
+ Size/MD5 checksum: 225808 d284e53c3827339b685be9c0b2c2bfb0
+ http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-amd64/kernel-headers-2.6.8-13-em64t-p4-smp_2.6.8-16sarge7_amd64.deb
+ Size/MD5 checksum: 222522 97e162f7245121533a0a20fd6e439b1f
+ http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-amd64/kernel-image-2.6.8-13-amd64-generic_2.6.8-16sarge7_amd64.deb
+ Size/MD5 checksum: 12574610 c65adc755a40692b1351fa778a7ce25b
+ http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-amd64/kernel-image-2.6.8-13-amd64-k8_2.6.8-16sarge7_amd64.deb
+ Size/MD5 checksum: 13273222 e94fdc0178812250ce7beb3cbcb5156d
+ http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-amd64/kernel-image-2.6.8-13-amd64-k8-smp_2.6.8-16sarge7_amd64.deb
+ Size/MD5 checksum: 13229476 87dfdba1729330c694e488fc9bef1bd2
+ http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-amd64/kernel-image-2.6.8-13-em64t-p4_2.6.8-16sarge7_amd64.deb
+ Size/MD5 checksum: 13077014 02066ed9e51dbd403e4774492a1f1a4c
+ http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-amd64/kernel-image-2.6.8-13-em64t-p4-smp_2.6.8-16sarge7_amd64.deb
+ Size/MD5 checksum: 13058474 9599a93b640a5d5e8da7f23ed7f4ab27
+
+ HP Precision architecture:
+
+ http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-hppa/kernel-headers-2.6.8-4_2.6.8-6sarge7_hppa.deb
+ Size/MD5 checksum: 2803824 0eb5a4184865094e9e835cd6f199b00c
+ http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-hppa/kernel-headers-2.6.8-4-32_2.6.8-6sarge7_hppa.deb
+ Size/MD5 checksum: 214636 3292ec383938984d8131a40f277319a5
+ http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-hppa/kernel-headers-2.6.8-4-32-smp_2.6.8-6sarge7_hppa.deb
+ Size/MD5 checksum: 213972 61f3fc8bb2046797b43a00c2221e1171
+ http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-hppa/kernel-headers-2.6.8-4-64_2.6.8-6sarge7_hppa.deb
+ Size/MD5 checksum: 213562 ee18d9c16cc6331dbb298d9262abbc9e
+ http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-hppa/kernel-headers-2.6.8-4-64-smp_2.6.8-6sarge7_hppa.deb
+ Size/MD5 checksum: 212888 698a340ca8a5e1d1609dc6352b0199ae
+ http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-hppa/kernel-image-2.6.8-4-32_2.6.8-6sarge7_hppa.deb
+ Size/MD5 checksum: 16039300 662e50ec503587eeb8745cc5744bfcc1
+ http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-hppa/kernel-image-2.6.8-4-32-smp_2.6.8-6sarge7_hppa.deb
+ Size/MD5 checksum: 16947726 551b44ab6365f48c3728046f9c625406
+ http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-hppa/kernel-image-2.6.8-4-64_2.6.8-6sarge7_hppa.deb
+ Size/MD5 checksum: 17493200 d463b06fd140bedf5ff92c922b3cff50
+ http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-hppa/kernel-image-2.6.8-4-64-smp_2.6.8-6sarge7_hppa.deb
+ Size/MD5 checksum: 18325380 6b79ea34d4e01ee2aea71140b379b380
+
+ Intel IA-32 architecture:
+
+ http://security.debian.org/pool/updates/main/f/fai-kernels/fai-kernels_1.9.1sarge6_i386.deb
+ Size/MD5 checksum: 12007024 966cfd1adb7d4eb8b14eff257ad90576
+ http://security.debian.org/pool/updates/main/h/hostap-modules-i386/hostap-modules-2.4.27-3-386_0.3.7-1sarge2_i386.deb
+ Size/MD5 checksum: 140588 4d3d9c96e4566ea0ae5b8ce33892b9f5
+ http://security.debian.org/pool/updates/main/h/hostap-modules-i386/hostap-modules-2.4.27-3-586tsc_0.3.7-1sarge2_i386.deb
+ Size/MD5 checksum: 153216 ec1de04dfe524ed566c9168317c7f96d
+ http://security.debian.org/pool/updates/main/h/hostap-modules-i386/hostap-modules-2.4.27-3-686_0.3.7-1sarge2_i386.deb
+ Size/MD5 checksum: 156142 d3d7ccde57a411d1e57fd606dac627fb
+ http://security.debian.org/pool/updates/main/h/hostap-modules-i386/hostap-modules-2.4.27-3-686-smp_0.3.7-1sarge2_i386.deb
+ Size/MD5 checksum: 160348 3f0273700f3be9fa5430046ba227dd91
+ http://security.debian.org/pool/updates/main/h/hostap-modules-i386/hostap-modules-2.4.27-3-k6_0.3.7-1sarge2_i386.deb
+ Size/MD5 checksum: 149216 69c40d1ebb04a5ceca0374d28ff6faa2
+ http://security.debian.org/pool/updates/main/h/hostap-modules-i386/hostap-modules-2.4.27-3-k7_0.3.7-1sarge2_i386.deb
+ Size/MD5 checksum: 154834 49bca7c096574c6c0dbfe44db03c2cd0
+ http://security.debian.org/pool/updates/main/h/hostap-modules-i386/hostap-modules-2.4.27-3-k7-smp_0.3.7-1sarge2_i386.deb
+ Size/MD5 checksum: 158768 d31bb7bcec9ea2d123df2d9d2fc3ccff
+ http://security.debian.org/pool/updates/main/h/hostap-modules-i386/hostap-modules-2.6.8-4-386_0.3.7-1sarge2_i386.deb
+ Size/MD5 checksum: 147778 16e794df6938137a2bd066f4765c5cb2
+ http://security.debian.org/pool/updates/main/h/hostap-modules-i386/hostap-modules-2.6.8-4-686_0.3.7-1sarge2_i386.deb
+ Size/MD5 checksum: 165352 c92a69dee0c20259819ff4a6e1ce127f
+ http://security.debian.org/pool/updates/main/h/hostap-modules-i386/hostap-modules-2.6.8-4-686-smp_0.3.7-1sarge2_i386.deb
+ Size/MD5 checksum: 169670 fa480aa39abd471188776c526fd168fc
+ http://security.debian.org/pool/updates/main/h/hostap-modules-i386/hostap-modules-2.6.8-4-k7_0.3.7-1sarge2_i386.deb
+ Size/MD5 checksum: 163782 ae0f354c82688de2119cd9ade09e74c7
+ http://security.debian.org/pool/updates/main/h/hostap-modules-i386/hostap-modules-2.6.8-4-k7-smp_0.3.7-1sarge2_i386.deb
+ Size/MD5 checksum: 168098 bf6e5340a8f9c1484ee5ec72def36707
+ http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-i386/kernel-headers-2.6.8-4_2.6.8-16sarge7_i386.deb
+ Size/MD5 checksum: 2782142 060404a3576c79845753ca1d7fd32a20
+ http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-i386/kernel-headers-2.6.8-4-386_2.6.8-16sarge7_i386.deb
+ Size/MD5 checksum: 260950 875fa8dd31aa4ec2cd60789028b8998a
+ http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-i386/kernel-headers-2.6.8-4-686_2.6.8-16sarge7_i386.deb
+ Size/MD5 checksum: 259062 0aec026194b11813344b17bfcce1f891
+ http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-i386/kernel-headers-2.6.8-4-686-smp_2.6.8-16sarge7_i386.deb
+ Size/MD5 checksum: 256060 8bb21af70c57b6dce4f6e21e1681e1f9
+ http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-i386/kernel-headers-2.6.8-4-k7_2.6.8-16sarge7_i386.deb
+ Size/MD5 checksum: 259116 d894737b2d3bd873362fe8df8ec413b2
+ http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-i386/kernel-headers-2.6.8-4-k7-smp_2.6.8-16sarge7_i386.deb
+ Size/MD5 checksum: 256212 7bbbee51dae99f8a71d85284311bef37
+ http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-i386/kernel-image-2.6.8-4-386_2.6.8-16sarge7_i386.deb
+ Size/MD5 checksum: 14068328 6086f827005699f3ce18e8e38a4e6fff
+ http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-i386/kernel-image-2.6.8-4-686_2.6.8-16sarge7_i386.deb
+ Size/MD5 checksum: 15553736 91c0c8cf6f38ff8b13c33ff8eb76914f
+ http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-i386/kernel-image-2.6.8-4-686-smp_2.6.8-16sarge7_i386.deb
+ Size/MD5 checksum: 15391134 41f0635a9278030173cb9a949111e14e
+ http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-i386/kernel-image-2.6.8-4-k7_2.6.8-16sarge7_i386.deb
+ Size/MD5 checksum: 15275512 9e089adef128031a8f2115243ee03bd2
+ http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-i386/kernel-image-2.6.8-4-k7-smp_2.6.8-16sarge7_i386.deb
+ Size/MD5 checksum: 15168590 2d54f3727c4d608a21400408b2c9d493
+ http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-amd64/kernel-headers-2.6.8-13_2.6.8-16sarge7_i386.deb
+ Size/MD5 checksum: 2725464 90eeb0a9f5709f84c3c938616b1fccb5
+ http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-amd64/kernel-headers-2.6.8-13-amd64-generic_2.6.8-16sarge7_i386.deb
+ Size/MD5 checksum: 228766 ffbb8044767a4e03782e14941b72f96d
+ http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-amd64/kernel-headers-2.6.8-13-amd64-k8_2.6.8-16sarge7_i386.deb
+ Size/MD5 checksum: 227862 5a0d244abec1d92b8405c2d55f8d8ccc
+ http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-amd64/kernel-headers-2.6.8-13-amd64-k8-smp_2.6.8-16sarge7_i386.deb
+ Size/MD5 checksum: 224060 bbd653fcc567ce1c4c39af98e4e14f5c
+ http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-amd64/kernel-headers-2.6.8-13-em64t-p4_2.6.8-16sarge7_i386.deb
+ Size/MD5 checksum: 225776 52376bf8dc98cbd4729ca25461efb079
+ http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-amd64/kernel-headers-2.6.8-13-em64t-p4-smp_2.6.8-16sarge7_i386.deb
+ Size/MD5 checksum: 222518 39139014fc8b44bbc87db457a49ac084
+ http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-amd64/kernel-image-2.6.8-13-amd64-generic_2.6.8-16sarge7_i386.deb
+ Size/MD5 checksum: 12574442 d17f627e1d88d8bb3c57d10b108ce4d0
+ http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-amd64/kernel-image-2.6.8-13-amd64-k8_2.6.8-16sarge7_i386.deb
+ Size/MD5 checksum: 13273306 fd8193f685bc9ea4f76b39f00bba8f50
+ http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-amd64/kernel-image-2.6.8-13-amd64-k8-smp_2.6.8-16sarge7_i386.deb
+ Size/MD5 checksum: 13229824 5989357674d3f4e12bc2fc89a86ba549
+ http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-amd64/kernel-image-2.6.8-13-em64t-p4_2.6.8-16sarge7_i386.deb
+ Size/MD5 checksum: 13226862 dc2ebac9133fcd8c1b85fb539d779683
+ http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-amd64/kernel-image-2.6.8-13-em64t-p4-smp_2.6.8-16sarge7_i386.deb
+ Size/MD5 checksum: 13205066 6daa6858e61b1843e038f9e2a04df41c
+
+
+ Intel IA-64 architecture:
+
+ http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-ia64/kernel-headers-2.6-itanium_2.6.8-14sarge7_ia64.deb
+ Size/MD5 checksum: 9496 bd1b20781c0a0261864cb25bfd65d9a4
+ http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-ia64/kernel-headers-2.6-itanium-smp_2.6.8-14sarge7_ia64.deb
+ Size/MD5 checksum: 9560 7e3ff1e6eee69c81f42dd9912dce7baf
+ http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-ia64/kernel-headers-2.6-mckinley_2.6.8-14sarge7_ia64.deb
+ Size/MD5 checksum: 9526 4d29c68fcde4f1164f310a8071783953
+ http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-ia64/kernel-headers-2.6-mckinley-smp_2.6.8-14sarge7_ia64.deb
+ Size/MD5 checksum: 9586 4b0c7ca8651f9c785eccce8b356f766b
+ http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-ia64/kernel-headers-2.6.8-4_2.6.8-14sarge7_ia64.deb
+ Size/MD5 checksum: 3101574 b38d525273063519f869b8025e586bf5
+ http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-ia64/kernel-headers-2.6.8-4-itanium_2.6.8-14sarge7_ia64.deb
+ Size/MD5 checksum: 203348 25239d213c84ee50c68884e6285a95c4
+ http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-ia64/kernel-headers-2.6.8-4-itanium-smp_2.6.8-14sarge7_ia64.deb
+ Size/MD5 checksum: 202850 8dc59012398a37e508bb33ed5088addd
+ http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-ia64/kernel-headers-2.6.8-4-mckinley_2.6.8-14sarge7_ia64.deb
+ Size/MD5 checksum: 202972 4370ad87aa8f711509fec39878608621
+ http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-ia64/kernel-headers-2.6.8-4-mckinley-smp_2.6.8-14sarge7_ia64.deb
+ Size/MD5 checksum: 202650 804b0b5408cf7d67187f620bf7c0c6c1
+ http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-ia64/kernel-image-2.6-itanium_2.6.8-14sarge7_ia64.deb
+ Size/MD5 checksum: 9486 f2391dc971232c3c8a8ab0de5b551fe6
+ http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-ia64/kernel-image-2.6-itanium-smp_2.6.8-14sarge7_ia64.deb
+ Size/MD5 checksum: 9556 3cae8e8cdf69ec485d731937ff6f0c30
+ http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-ia64/kernel-image-2.6-mckinley_2.6.8-14sarge7_ia64.deb
+ Size/MD5 checksum: 9516 1febb236a0987f6a4be151e3923a7ed5
+ http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-ia64/kernel-image-2.6-mckinley-smp_2.6.8-14sarge7_ia64.deb
+ Size/MD5 checksum: 9582 275b6170b6857bd1af929448dc54436c
+ http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-ia64/kernel-image-2.6.8-4-itanium_2.6.8-14sarge7_ia64.deb
+ Size/MD5 checksum: 21496480 8ba69f1e15994cfe843718d7b46e069f
+ http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-ia64/kernel-image-2.6.8-4-itanium-smp_2.6.8-14sarge7_ia64.deb
+ Size/MD5 checksum: 22145752 8ac7fa1bf92bf1c4c0205c182e70c0e9
+ http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-ia64/kernel-image-2.6.8-4-mckinley_2.6.8-14sarge7_ia64.deb
+ Size/MD5 checksum: 21409290 211383f4405c60f9dcd6f4abd63a863a
+ http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-ia64/kernel-image-2.6.8-4-mckinley-smp_2.6.8-14sarge7_ia64.deb
+ Size/MD5 checksum: 22161834 89aa6c21852a1dd897de9ee9c6686d31
+
+ Motorola 680x0 architecture:
+
+ http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-m68k/kernel-image-2.6.8-amiga_2.6.8-4sarge7_m68k.deb
+ Size/MD5 checksum: 3308982 e5231d0f463e8cfad8a2b0affc640639
+ http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-m68k/kernel-image-2.6.8-atari_2.6.8-4sarge7_m68k.deb
+ Size/MD5 checksum: 3106740 4cb685cf5ba010c1af6c345b72bf9a09
+ http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-m68k/kernel-image-2.6.8-bvme6000_2.6.8-4sarge7_m68k.deb
+ Size/MD5 checksum: 3019810 daedbf476546953537e8b2fd0947bac4
+ http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-m68k/kernel-image-2.6.8-hp_2.6.8-4sarge7_m68k.deb
+ Size/MD5 checksum: 2991960 7f83fcf87edd48606c27e6e539c5e8ab
+ http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-m68k/kernel-image-2.6.8-mac_2.6.8-4sarge7_m68k.deb
+ Size/MD5 checksum: 3180758 479afd4614662b56a7f877a16c5733a8
+ http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-m68k/kernel-image-2.6.8-mvme147_2.6.8-4sarge7_m68k.deb
+ Size/MD5 checksum: 2984108 246b0da97b814115941b6b367a5a6d69
+ http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-m68k/kernel-image-2.6.8-mvme16x_2.6.8-4sarge7_m68k.deb
+ Size/MD5 checksum: 3052328 2a85ffeca76f8a87c09aab9da0365b35
+ http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-m68k/kernel-image-2.6.8-q40_2.6.8-4sarge7_m68k.deb
+ Size/MD5 checksum: 3113210 f6f561b65d33a58a0b4a2ba3b5d4eb37
+ http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-m68k/kernel-image-2.6.8-sun3_2.6.8-4sarge7_m68k.deb
+ Size/MD5 checksum: 2998472 665ea6e94f3e3215bdddde333a8e9109
+
+ PowerPC architecture:
+
+ http://security.debian.org/pool/updates/main/k/kernel-patch-powerpc-2.6.8/kernel-build-2.6.8-4-power3_2.6.8-12sarge7_powerpc.deb
+ Size/MD5 checksum: 409476 5e7a4e3b2ed13f34b1e2677a497ee1e9
+ http://security.debian.org/pool/updates/main/k/kernel-patch-powerpc-2.6.8/kernel-build-2.6.8-4-power3-smp_2.6.8-12sarge7_powerpc.deb
+ Size/MD5 checksum: 409404 20c20aa48f210bda7407c38b025aa55e
+ http://security.debian.org/pool/updates/main/k/kernel-patch-powerpc-2.6.8/kernel-build-2.6.8-4-power4_2.6.8-12sarge7_powerpc.deb
+ Size/MD5 checksum: 409410 f334dac64177c488d67f466ebcf3e169
+ http://security.debian.org/pool/updates/main/k/kernel-patch-powerpc-2.6.8/kernel-build-2.6.8-4-power4-smp_2.6.8-12sarge7_powerpc.deb
+ Size/MD5 checksum: 409324 de89552c4f4a5b12c56653cd50fc7f95
+ http://security.debian.org/pool/updates/main/k/kernel-patch-powerpc-2.6.8/kernel-build-2.6.8-4-powerpc_2.6.8-12sarge7_powerpc.deb
+ Size/MD5 checksum: 409688 fcafa2cd922a131165ab0595375426ab
+ http://security.debian.org/pool/updates/main/k/kernel-patch-powerpc-2.6.8/kernel-build-2.6.8-4-powerpc-smp_2.6.8-12sarge7_powerpc.deb
+ Size/MD5 checksum: 409482 034ca72a697bfaaaf3f2594a5403f59c
+ http://security.debian.org/pool/updates/main/k/kernel-patch-powerpc-2.6.8/kernel-headers-2.6.8-4_2.6.8-12sarge7_powerpc.deb
+ Size/MD5 checksum: 5150300 70cca6665a0fc4f994c5ce7fda3a59e6
+ http://security.debian.org/pool/updates/main/k/kernel-patch-powerpc-2.6.8/kernel-image-2.6.8-4-power3_2.6.8-12sarge7_powerpc.deb
+ Size/MD5 checksum: 13587026 458c7359fbbc76bc02eb8ef2b55cc0b9
+ http://security.debian.org/pool/updates/main/k/kernel-patch-powerpc-2.6.8/kernel-image-2.6.8-4-power3-smp_2.6.8-12sarge7_powerpc.deb
+ Size/MD5 checksum: 13948056 a720aaf5f4b6ce53847e96435676842d
+ http://security.debian.org/pool/updates/main/k/kernel-patch-powerpc-2.6.8/kernel-image-2.6.8-4-power4_2.6.8-12sarge7_powerpc.deb
+ Size/MD5 checksum: 13579066 36f3e22d4d878a5733272019c5b3f25e
+ http://security.debian.org/pool/updates/main/k/kernel-patch-powerpc-2.6.8/kernel-image-2.6.8-4-power4-smp_2.6.8-12sarge7_powerpc.deb
+ Size/MD5 checksum: 13934448 689456442e9921f8f5f724b82c1a4388
+ http://security.debian.org/pool/updates/main/k/kernel-patch-powerpc-2.6.8/kernel-image-2.6.8-4-powerpc_2.6.8-12sarge7_powerpc.deb
+ Size/MD5 checksum: 13605826 589790a4236615c0b2e7ad508edfbe7c
+ http://security.debian.org/pool/updates/main/k/kernel-patch-powerpc-2.6.8/kernel-image-2.6.8-4-powerpc-smp_2.6.8-12sarge7_powerpc.deb
+ Size/MD5 checksum: 13864916 50a87b0529f598e4d4684ee6221e3cef
+ http://security.debian.org/pool/updates/main/m/mol-modules-2.6.8/mol-modules-2.6.8-4-powerpc_0.9.70+2.6.8+12sarge2_powerpc.deb
+ Size/MD5 checksum: 38440 5dd90d5f03bfe8457c5c2ecadc9c2d1c
+ http://security.debian.org/pool/updates/main/m/mol-modules-2.6.8/mol-modules-2.6.8-4-powerpc-smp_0.9.70+2.6.8+12sarge2_powerpc.deb
+ Size/MD5 checksum: 39372 4edd33511d47ff9e6cf971b0e930374e
+
+ IBM S/390 architecture:
+
+ http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-s390/kernel-headers-2.6.8-4_2.6.8-5sarge7_s390.deb
+ Size/MD5 checksum: 5089222 1df72a6dadb3d4c860e7fb98b8059055
+ http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-s390/kernel-image-2.6.8-4-s390_2.6.8-5sarge7_s390.deb
+ Size/MD5 checksum: 2987292 c1defc5cabc10eaaf039513911ef0bb1
+ http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-s390/kernel-image-2.6.8-4-s390-tape_2.6.8-5sarge7_s390.deb
+ Size/MD5 checksum: 1147294 d2b7b3d5780fca7a4c02f26c2d13c0ba
+ http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-s390/kernel-image-2.6.8-4-s390x_2.6.8-5sarge7_s390.deb
+ Size/MD5 checksum: 3194032 d8e5e1f978e0342345190501e22bce49
+
+ Sun Sparc architecture:
+
+ http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-sparc/kernel-build-2.6.8-4_2.6.8-15sarge7_sparc.deb
+ Size/MD5 checksum: 8128 2c3760c5ad3d06d389c33f5fc4cb0bca
+ http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-sparc/kernel-headers-2.6.8-4_2.6.8-15sarge7_sparc.deb
+ Size/MD5 checksum: 2893516 02e8eca22069fc8d5ccaf3fb20ac3c52
+ http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-sparc/kernel-headers-2.6.8-4-sparc32_2.6.8-15sarge7_sparc.deb
+ Size/MD5 checksum: 113334 ed0eb1de3b97b909c45dffeed89d40fb
+ http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-sparc/kernel-headers-2.6.8-4-sparc64_2.6.8-15sarge7_sparc.deb
+ Size/MD5 checksum: 148128 bafc5bf78fae912f73a38d927a2cbd47
+ http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-sparc/kernel-headers-2.6.8-4-sparc64-smp_2.6.8-15sarge7_sparc.deb
+ Size/MD5 checksum: 148594 2d01718f8cd038942004778a23ce91b4
+ http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-sparc/kernel-image-2.6.8-4-sparc32_2.6.8-15sarge7_sparc.deb
+ Size/MD5 checksum: 4556924 0061d182061c7b821fb208f348ed870f
+ http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-sparc/kernel-image-2.6.8-4-sparc64_2.6.8-15sarge7_sparc.deb
+ Size/MD5 checksum: 7440258 ce79e30d9a4807a8bf565b9045b47f9c
+ http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-sparc/kernel-image-2.6.8-4-sparc64-smp_2.6.8-15sarge7_sparc.deb
+ Size/MD5 checksum: 7638478 306f0c1fc183597513943c030c06505a
+
+ These files will probably be moved into the stable distribution on
+ its next update.
+
+---------------------------------------------------------------------------------
+For apt-get: deb http://security.debian.org/ stable/updates main
+For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main
+Mailing list: debian-security-announce at lists.debian.org
+Package info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>
Deleted: dsa-texts/2.6.8-sarge2
===================================================================
--- dsa-texts/2.6.8-sarge2 2008-02-22 22:11:44 UTC (rev 1146)
+++ dsa-texts/2.6.8-sarge2 2008-02-22 22:13:55 UTC (rev 1147)
@@ -1,251 +0,0 @@
-Subject: New Linux kernel 2.6.8 packages fix several issues
-
---------------------------------------------------------------------------
-Debian Security Advisory DSA XXX-1 security at debian.org
-http://www.debian.org/security/ Dann Frazier, Simon Horman
-XXXXX 8th, 2005 http://www.debian.org/security/faq
---------------------------------------------------------------------------
-
-Package : kernel-source-2.6.8
-Vulnerability : several
-Problem-Type : local/remote
-Debian-specific: no
-CVE ID : CVE-2004-1017 CVE-2005-0124 CVE-2005-0449 CVE-2005-2457 CVE-2005-2490 CVE-2005-2555 CVE-2005-2709 CVE-2005-2800 CVE-2005-2973 CVE-2005-3044 CVE-2005-3053 CVE-2005-3055 CVE-2005-3180 CVE-2005-3181 CVE-2005-3257 CVE-2005-3356 CVE-2005-3358 CVE-2005-3783 CVE-2005-3784 CVE-2005-3806 CVE-2005-3847 CVE-2005-3848 CVE-2005-3857 CVE-2005-3858 CVE-2005-4605 CVE-2005-4618 CVE-2006-0095 CVE-2006-0096 CVE-2006-0482 CVE-2006-1066
-Debian Bug : 295949 334113 330287 332587 332596 330343 330353 327416
-
-Several local and remote vulnerabilities have been discovered in the Linux
-kernel that may lead to a denial of service or the execution of arbitrary
-code. The Common Vulnerabilities and Exposures project identifies the
-following problems:
-
-CVE-2004-1017
-
- Multiple overflows exist in the io_edgeport driver which might be usable
- as a denial of service attack vector.
-
-CVE-2005-0124
-
- Bryan Fulton reported a bounds checking bug in the coda_pioctl function
- which may allow local users to execute arbitrary code or trigger a denial
- of service attack.
-
-CVE-2005-0449
-
- An error in the skb_checksum_help() function from the netfilter framework
- has been discovered that allows the bypass of packet filter rules or
- a denial of service attack.
-
-CVE-2005-2457
-
- Tim Yamin discovered that insufficient input validation in the zisofs driver
- for compressed ISO file systems allows a denial of service attack through
- maliciously crafted ISO images.
-
-CVE-2005-2490
-
- A buffer overflow in the sendmsg() function allows local users to execute
- arbitrary code.
-
-CVE-2005-2555
-
- Herbert Xu discovered that the setsockopt() function was not restricted to
- users/processes with the CAP_NET_ADMIN capability. This allows attackers to
- manipulate IPSEC policies or initiate a denial of service attack.
-
-CVE-2005-2709
-
- Al Viro discovered a race condition in the /proc handling of network devices.
- A (local) attacker could exploit the stale reference after interface shutdown
- to cause a denial of service or possibly execute code in kernel mode.
-
-CVE-2005-2800
-
- Jan Blunck discovered that repeated failed reads of /proc/scsi/sg/devices
- leak memory, which allows a denial of service attack.
-
-CVE-2005-2973
-
- Tetsuo Handa discovered that the udp_v6_get_port() function from the IPv6 code
- can be forced into an endless loop, which allows a denial of service attack.
-
-CVE-2005-3044
-
- Vasiliy Averin discovered that the reference counters from sockfd_put() and
- fput() can be forced into overlapping, which allows a denial of service attack
- through a null pointer dereference.
-
-CVE-2005-3053
-
- Eric Dumazet discovered that the set_mempolicy() system call accepts a negative
- value for it's first argument, which triggers a BUG() assert. This allows a
- denial of service attack.
-
-CVE-2005-3055
-
- Harald Welte discovered that if a process issues a USB Request Block (URB)
- to a device and terminates before the URB completes, a stale pointer
- would be dereferenced. This could be used to trigger a denial of service
- attack.
-
-CVE-2005-3180
-
- Pavel Roskin discovered that the driver for Orinoco wireless cards clears
- it's buffers insufficiently. This could leak sensitive information into
- user space.
-
-CVE-2005-3181
-
- Robert Derr discovered that the audit subsystem uses an incorrect function to
- free memory, which allows a denial of service attack.
-
-CVE-2005-3257
-
- Rudolf Polzer discovered that the kernel improperly restricts access to the
- KDSKBSENT ioctl, which can possibly lead to privilege escalation.
-
-CVE-2005-3356
-
- Doug Chapman discovered that the mq_open syscall can be tricked into
- decrementing an internal counter twice, which allows a denial of service attack
- through a kernel panic.
-
-CVE-2005-3358
-
- Doug Chapman discovered that passing a 0 zero bitmask to the set_mempolicy()
- system call leads to a kernel panic, which allows a denial of service attack.
-
-CVE-2005-3783
-
- The ptrace code using CLONE_THREAD didn't use the thread group ID to
- determine whether the caller is attaching to itself, which allows a denial
- of service attack.
-
-CVE-2005-3784
-
- The auto-reaping of childe processes functionality included ptraced-attached
- processes, which allows denial of service through dangling references.
-
-CVE-2005-3806
-
- Yen Zheng discovered that the IPv6 flow label code modified an incorrect variable,
- which could lead to memory corruption and denial of service.
-
-CVE-2005-3847
-
- It was discovered that a threaded real-time process, which is currently dumping
- core can be forced into a dead-lock situation by sending it a SIGKILL signal,
- which allows a denial of service attack.
-
-CVE-2005-3848
-
- Ollie Wild discovered a memory leak in the icmp_push_reply() function, which
- allows denial of service through memory consumption.
-
-CVE-2005-3857
-
- Chris Wright discovered that excessive allocation of broken file lock leases
- in the VFS layer can exhaust memory and fill up the system logging, which allows
- denial of service.
-
-CVE-2005-3858
-
- Patrick McHardy discovered a memory leak in the ip6_input_finish() function from
- the IPv6 code, which allows denial of service.
-
-CVE-2005-4605
-
- Karl Janmar discovered that a signedness error in the procfs code can be exploited
- to read kernel memory, which may disclose sensitive information.
-
-CVE-2005-4618
-
- Yi Ying discovered that sysctl does not properly enforce the size of a buffer, which
- allows a denial of service attack.
-
-CVE-2006-0095
-
- Stefan Rompf discovered that dm_crypt does not clear an internal struct before freeing
- it, which might disclose sensitive information.
-
-CVE-2006-0096
-
- It was discovered that the SDLA driver's capability checks were too lax
- for firmware upgrades.
-
-CVE-2006-0482
-
- Ludovic Courtes discovered that get_compat_timespec() performs insufficient input
- sanitizing, which allows a local denial of service attack.
-
-CVE-2006-1066
-
- It was discovered that ptrace() on the ia64 architecture allows a local denial of
- service attack, when preemption is enabled.
-
-
-The following matrix explains which kernel version for which architecture
-fix the problems mentioned above:
-
- Debian 3.1 (sarge)
- Source 2.6.8-16sarge2
- Alpha architecture 2.6.8-16sarge2
- AMD64 architecture 2.6.8-16sarge2
- HP Precision architecture 2.6.8-6sarge2
- Intel IA-32 architecture 2.6.8-16sarge2
- Intel IA-64 architecture 2.6.8-14sarge2
- Motorola 680x0 architecture 2.6.8-4sarge2
- PowerPC architecture 2.6.8-12sarge2
- IBM S/390 architecture 2.6.8-5sarge2
- Sun Sparc architecture 2.6.8-15sarge2
-
-The following matrix lists additional packages that were rebuilt for
-compatability with or to take advantage of this update:
-
- Debian 3.1 (sarge)
- kernel-latest-2.6-alpha 101sarge1
- kernel-latest-2.6-amd64 103sarge1
- kernel-latest-2.6-hppa 2.6.8-1sarge1
- kernel-latest-2.6-sparc 101sarge1
- kernel-latest-2.6-i386 101sarge1
- kernel-latest-powerpc 102sarge1
- fai-kernels 1.9.1sarge1
- hostap-modules-i386 0.3.7-1sarge1
- mol-modules-2.6.8 0.9.70+2.6.8+12sarge1
- ndiswrapper-modules-i386 1.1-2sarge1
-
-We recommend that you upgrade your kernel package immediately and reboot
-the machine. If you have built a custom kernel from the kernel source
-package, you will need to rebuild to take advantage of these fixes.
-
-Upgrade Instructions
---------------------
-
-wget url
- will fetch the file for you
-dpkg -i file.deb
- will install the referenced file.
-
-If you are using the apt-get package manager, use the line for
-sources.list as given below:
-
-apt-get update
- will update the internal database
-apt-get upgrade
- will install corrected packages
-
-You may use an automated update by adding the resources from the
-footer to the proper configuration.
-
-
-Debian GNU/Linux 3.1 alias sarge
---------------------------------
-
-
- These files will probably be moved into the stable distribution on
- its next update.
-
----------------------------------------------------------------------------------
-For apt-get: deb http://security.debian.org/ stable/updates main
-For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main
-Mailing list: debian-security-announce at lists.debian.org
-Package info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>
Deleted: dsa-texts/2.6.8-sarge3
===================================================================
--- dsa-texts/2.6.8-sarge3 2008-02-22 22:11:44 UTC (rev 1146)
+++ dsa-texts/2.6.8-sarge3 2008-02-22 22:13:55 UTC (rev 1147)
@@ -1,246 +0,0 @@
-Subject: New Linux kernel 2.6.8 packages fix several issues
-
---------------------------------------------------------------------------
-Debian Security Advisory DSA XXX-1 security at debian.org
-http://www.debian.org/security/ Dann Frazier, Troy Heber
-XXXXX 8th, 2005 http://www.debian.org/security/faq
---------------------------------------------------------------------------
-
-Package : kernel-source-2.6.8
-Vulnerability : several
-Problem-Type : local/remote
-Debian-specific: no
-CVE ID : CVE-2005-3359 CVE-2006-0038 CVE-2006-0039 CVE-2006-0456
- CVE-2006-0554 CVE-2006-0555 CVE-2006-0557 CVE-2006-0558
- CVE-2006-0741 CVE-2006-0742 CVE-2006-0744 CVE-2006-1056
- CVE-2006-1242 CVE-2006-1368 CVE-2006-1523 CVE-2006-1524
- CVE-2006-1525 CVE-2006-1857 CVE-2006-1858 CVE-2006-1863
- CVE-2006-1864 CVE-2006-2271 CVE-2006-2272 CVE-2006-2274
-Debian Bug :
-
-Several local and remote vulnerabilities have been discovered in the Linux
-kernel that may lead to a denial of service or the execution of arbitrary
-code. The Common Vulnerabilities and Exposures project identifies the
-following problems:
-
-CVE-2005-3359
-
- Franz Filz discovered that some socket calls permit causing inconsistent
- reference counts on loadable modules, which allows local users to cause
- a denial of service.
-
-CVE-2006-0038
-
- "Solar Designer" discovered that arithmetic computations in netfilter's
- do_replace() function can lead to a buffer overflow and the execution of
- arbitrary code. However, the operation requires CAP_NET_ADMIN privileges,
- which is only an issue in virtualization systems or fine grained access
- control systems.
-
-CVE-2006-0039
-
- "Solar Designer" discovered a race condition in netfilter's
- do_add_counters() function, which allows information disclosure of kernel
- memory by exploiting a race condition. Likewise, it requires CAP_NET_ADMIN
- privileges.
-
-CVE-2006-0456
-
- David Howells discovered that the s390 assembly version of the
- strnlen_user() function incorrectly returns some string size values.
-
-CVE-2006-0554
-
- It was discovered that the ftruncate() function of XFS can expose
- unallocated, which allows information disclosure of previously deleted
- files.
-
-CVE-2006-0555
-
- It was discovered that some NFS file operations on handles mounted with
- O_DIRECT can force the kernel into a crash.
-
-CVE-2006-0557
-
- It was discovered that the code to configure memory policies allows
- tricking the kernel into a crash, thus allowing denial of service.
-
-CVE-2006-0558
-
- It was discovered by Cliff Wickman that perfmon for the IA64
- architecture allows users to trigger a BUG() assert, which allows
- denial of service.
-
-CVE-2006-0741
-
- Intel EM64T systems were discovered to be susceptible to a local
- DoS due to an endless recursive fault related to a bad elf entry
- address.
-
-CVE-2006-0742
-
- Alan and Gareth discovered that the ia64 platform had an
- incorrectly declared die_if_kernel() function as "does never
- return" which could be exploited by a local attacker resulting in
- a kernel crash.
-
-CVE-2006-0744
-
- The Linux kernel did not properly handle uncanonical return
- addresses on Intel EM64T CPUs, reporting exceptions in the SYSRET
- instead of the next instruction, causing the kernel exception
- handler to run on the user stack with the wrong GS. This may result
- in a DoS due to a local user changing the frames.
-
-CVE-2006-1056
-
- AMD64 machines (and other 7th and 8th generation AuthenticAMD
- processors) were found to be vulnerable to sensitive information
- leakage, due to how they handle saving and restoring the FOP, FIP,
- and FDP x87 registers in FXSAVE/FXRSTOR when an exception is
- pending. This allows a process to determine portions of the state
- of floating point instructions of other processes.
-
-CVE-2006-1242
-
- Marco Ivaldi discovered that there was an unintended information
- disclosure allowing remote attackers to bypass protections against
- Idle Scans (nmap -sI) by abusing the ID field of IP packets and
- bypassing the zero IP ID in DF packet countermeasure. This was a
- result of the ip_push_pending_frames function improperly
- incremented the IP ID field when sending a RST after receiving
- unsolicited TCP SYN-ACK packets.
-
-CVE-2006-1368
-
- Shaun Tancheff discovered a buffer overflow (boundry condition
- error) in the USB Gadget RNDIS implementation allowing remote
- attackers to cause a DoS. While creating a reply message, the
- driver allocated memory for the reply data, but not for the reply
- structure. The kernel fails to properly bounds-check user-supplied
- data before copying it to an insufficiently sized memory
- buffer. Attackers could crash the system, or possibly execute
- arbitrary machine code.
-
-CVE-2006-1523
-
- Oleg Nesterov reported an unsafe BUG_ON call in signal.c which was
- introduced by RCU signal handling. The BUG_ON code is protected by
- siglock while the code in switch_exit_pids() uses tasklist_lock. It
- may be possible for local users to exploit this to initiate a denial
- of service attack (DoS).
-
-CVE-2006-1524
-
- Hugh Dickins discovered an issue in the madvise_remove function wherein
- file and mmap restrictions are not followed, allowing local users to
- bypass IPC permissions and replace portions of readonly tmpfs files with
- zeroes.
-
-CVE-2006-1525
-
- Alexandra Kossovsky reported a NULL pointer dereference condition in
- ip_route_input() that can be triggered by a local user by requesting
- a route for a multicast IP address, resulting in a denial of service
- (panic).
-
-CVE-2006-1857
-
- Vlad Yasevich reported a data validation issue in the SCTP subsystem
- that may allow a remote user to overflow a buffer using a badly formatted
- HB-ACK chunk, resulting in a denial of service.
-
-CVE-2006-1858
-
- Vlad Yasevich reported a bug in the bounds checking code in the SCTP
- subsystem that may allow a remote attacker to trigger a denial of service
- attack when rounded parameter lengths are used to calculate parameter
- lengths instead of the actual values.
-
-CVE-2006-1863
-
- Mark Mosely discovered that chroots residing on an CIFS share can be
- escaped with specially crafted "cd" sequences.
-
-CVE-2006-1864
-
- Mark Mosely discovered that chroots residing on an SMB share can be
- escaped with specially crafted "cd" sequences.
-
-CVE-2006-2271
-
- The "Mu security team" discovered that carefully crafted ECNE chunks can
- cause a kernel crash by accessing incorrect state stable entries in the
- SCTP networking subsystem, which allows denial of service.
-
-CVE-2006-2272
-
- The "Mu security team" discovered that fragmented SCTP control
- chunks can trigger kernel panics, which allows for denial of
- service attacks.
-
-CVE-2006-2274
-
- It was discovered that SCTP packets with two initial bundled data
- packets can lead to infinite recursion, which allows for denial of
- service attacks.
-
-
-
-The following matrix explains which kernel version for which architecture
-fix the problems mentioned above:
-
- Debian 3.1 (sarge)
- Source 2.6.8-16sarge3
- Alpha architecture 2.6.8-16sarge3
- AMD64 architecture 2.6.8-16sarge3
- HP Precision architecture 2.6.8-6sarge3
- Intel IA-32 architecture 2.6.8-16sarge3
- Intel IA-64 architecture 2.6.8-14sarge3
- Motorola 680x0 architecture 2.6.8-4sarge3
- PowerPC architecture 2.6.8-12sarge3
- IBM S/390 architecture 2.6.8-5sarge3
- Sun Sparc architecture 2.6.8-15sarge3
-
-The following matrix lists additional packages that were rebuilt for
-compatibility with or to take advantage of this update:
-
- Debian 3.1 (sarge)
- fai-kernels 1.9.1sarge2
-
-We recommend that you upgrade your kernel package immediately and reboot
-the machine. If you have built a custom kernel from the kernel source
-package, you will need to rebuild to take advantage of these fixes.
-
-Upgrade Instructions
---------------------
-
-wget url
- will fetch the file for you
-dpkg -i file.deb
- will install the referenced file.
-
-If you are using the apt-get package manager, use the line for
-sources.list as given below:
-
-apt-get update
- will update the internal database
-apt-get upgrade
- will install corrected packages
-
-You may use an automated update by adding the resources from the
-footer to the proper configuration.
-
-
-Debian GNU/Linux 3.1 alias sarge
---------------------------------
-
-
- These files will probably be moved into the stable distribution on
- its next update.
-
----------------------------------------------------------------------------------
-For apt-get: deb http://security.debian.org/ stable/updates main
-For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main
-Mailing list: debian-security-announce at lists.debian.org
-Package info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>
Deleted: dsa-texts/2.6.8-sarge5
===================================================================
--- dsa-texts/2.6.8-sarge5 2008-02-22 22:11:44 UTC (rev 1146)
+++ dsa-texts/2.6.8-sarge5 2008-02-22 22:13:55 UTC (rev 1147)
@@ -1,169 +0,0 @@
---------------------------------------------------------------------------
-Debian Security Advisory DSA XXX-1 security at debian.org
-http://www.debian.org/security/ Dann Frazier
-XXXXX 8th, 2006 http://www.debian.org/security/faq
---------------------------------------------------------------------------
-
-Package : kernel-source-2.6.8
-Vulnerability : several
-Problem-Type : local/remote
-Debian-specific: no
-CVE ID : CVE-2006-3468 CVE-2004-2660 CVE-2005-4798 CVE-2006-2935
- CVE-2006-2936 CVE-2006-1052 CVE-2006-1343 CVE-2006-1528
- CVE-2006-1855 CVE-2006-1856 CVE-2006-2444 CVE-2006-2446
- CVE-2006-3745 CVE-2006-4535 CVE-2006-4093 CVE-2006-4145
-
-Several local and remote vulnerabilities have been discovered in the Linux
-kernel that may lead to a denial of service or the execution of arbitrary
-code. The Common Vulnerabilities and Exposures project identifies the
-following problems:
-
-CVE-2006-3468
-
- James McKenzie discovered a vulnerability in the NFS subsystem, allowing
- remote denial of service if an ext3 filesystem is exported.
-
-CVE-2004-2660
-
- IWAMOTO Toshihiro discovered a direct IO memory leak that a malicious
- local user could use to create a local denial of service.
-
-CVE-2005-4798
-
- Assar discovered a buffer overlow in the NFS readlink handling code
- that would allows a malicious remote server to cause a denail of
- service (crash) using a long symlink.
-
-CVE-2006-2935
-
- Diego Calleja Garcia discovered a potential buffer overflow in the
- dvd_read_bca() function that could allow aribrary code execution via
- a malicious CDROM device
-
-CVE-2006-2936
-
- Ian Abbott and Guillaume Autran provided a fix for a vulnerability in
- the ftdio_sio driver that could allow a local user to initiate a denial
- of service attack by writing lots of data to the serial port and
- consuming all of system memory.
-
-CVE-2006-1052
-
- Stephen Smalley contributed a fix for a bug in SELinux that allows local
- users with ptrace permission to change the tracer SID to the SID of
- another process.
-
-CVE-2006-1343
-
- Pavel Kankovsky discovered that sockaddr_in.sin_zero is not zeroed
- during certain operations returning IPv4 socket names which allows
- potentially sensitive memory to be leaked to userspace.
-
-CVE-2006-1528
-
- Douglas Gilbert reported a bug in the sg driver that allows local
- users to oops the kernel by performing dio transfers from the sg
- driver to memory mapped IO space.
-
-CVE-2006-1855
-
- Mattia Belletti noticed that certain debugging code left in the
- choose_new_parent routine allows local users to cause a denial of
- service (panic).
-
-CVE-2006-1856
-
- Kostik Belousov discovered a missing LSM file_permission check in the
- readv and writev functions which might allow attackers to bypass intended
- access restrictions.
-
-CVE-2006-2444
-
- Patrick McHardy reported a memory corruption bug in snmp_trap_decode that
- could be used by remote attackers to crash a system.
-
-CVE-2006-2446
-
- A race between the kfree_skb and __skb_unlink functions allows remote
- users to crash a system.
-
-CVE-2006-3745
-
- Wei Wang discovered a vulnerability in the SCTP subsystem that can be
- exploited for local privilege escalation.
-
-
-CVE-2006-4535
-
- David Miller reported a problem with the fix for CVE-2006-3745 that allows
- local users to crash the system using via an SCTP socket with a certain
- SO_LINGER value.
-
-CVE-2006-4093
-
- Olof Johansson reported a vulnerability on PPC970 systems that allows
- local users to hang a machine related to the HID0 attention enable at
- boot time.
-
-CVE-2006-4145
-
- Colin discovered a bug in the UDF filesystem that allows local users to
- hang a system when truncating files.
-
-The following matrix explains which kernel version for which architecture
-fix the problems mentioned above:
-
- Debian 3.1 (sarge)
- Source 2.6.8-16sarge5
- Alpha architecture 2.6.8-16sarge5
- AMD64 architecture 2.6.8-16sarge5
- HP Precision architecture 2.6.8-6sarge5
- Intel IA-32 architecture 2.6.8-16sarge5
- Intel IA-64 architecture 2.6.8-14sarge5
- Motorola 680x0 architecture 2.6.8-4sarge5
- PowerPC architecture 2.6.8-12sarge5
- IBM S/390 architecture 2.6.8-5sarge5
- Sun Sparc architecture 2.6.8-15sarge5
-
-The following matrix lists additional packages that were rebuilt for
-compatibility with or to take advantage of this update:
-
- Debian 3.1 (sarge)
- fai-kernels 1.9.1sarge4
-
-We recommend that you upgrade your kernel package immediately and reboot
-the machine. If you have built a custom kernel from the kernel source
-package, you will need to rebuild to take advantage of these fixes.
-
-Upgrade Instructions
---------------------
-
-wget url
- will fetch the file for you
-dpkg -i file.deb
- will install the referenced file.
-
-If you are using the apt-get package manager, use the line for
-sources.list as given below:
-
-apt-get update
- will update the internal database
-apt-get upgrade
- will install corrected packages
-
-You may use an automated update by adding the resources from the
-footer to the proper configuration.
-
-
-Debian GNU/Linux 3.1 alias sarge
---------------------------------
-
-
- These files will probably be moved into the stable distribution on
- its next update.
-
----------------------------------------------------------------------------------
-For apt-get: deb http://security.debian.org/ stable/updates main
-For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main
-Mailing list: debian-security-announce at lists.debian.org
-Package info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>
Deleted: dsa-texts/2.6.8-sarge6
===================================================================
--- dsa-texts/2.6.8-sarge6 2008-02-22 22:11:44 UTC (rev 1146)
+++ dsa-texts/2.6.8-sarge6 2008-02-22 22:13:55 UTC (rev 1147)
@@ -1,145 +0,0 @@
---------------------------------------------------------------------------
-Debian Security Advisory DSA XXX-1 security at debian.org
-http://www.debian.org/security/ Dann Frazier
-XXXXX 8th, 2006 http://www.debian.org/security/faq
---------------------------------------------------------------------------
-
-Package : kernel-source-2.6.8
-Vulnerability : several
-Problem-Type : local/remote
-Debian-specific: no
-CVE ID : CVE-2006-3741 CVE-2006-4538 CVE-2006-4813 CVE-2006-4997
- CVE-2006-5174 CVE-2006-5619 CVE-2006-5649 CVE-2006-5751
- CVE-2006-5871
-
-Several local and remote vulnerabilities have been discovered in the Linux
-kernel that may lead to a denial of service or the execution of arbitrary
-code. The Common Vulnerabilities and Exposures project identifies the
-following problems:
-
-CVE-2006-3741
-
- Stephane Eranian discovered a local DoS (Denial of Service) vulnerability
- on the ia64 architecture. A local user could exhaust the available file
- descriptors by exploiting a counting error in the permonctl() system call.
-
-CVE-2006-4538
-
- Kirill Korotaev reported a local DoS (Denial of Service) vulnerability
- on the ia64 and sparc architectures. A user could cause the system to
- crash by executing a malformed ELF binary due to insufficient verification
- of the memory layout.
-
-CVE-2006-4813
-
- Dmitriy Monakhov reported a potential memory leak in the
- __block_prepare_write function. __block_prepare_write does not properly
- sanitize kernel buffers during error recovery, which could be exploited
- by local users to gain access to sensitive kernel memory.
-
-CVE-2006-4997
-
- ADLab Venustech Info Ltd reported a potential remote DoS (Denial of
- Service) vulnerability in the IP over ATM subsystem. A remote system
- could cause the system to crash by sending specially crafted packets
- that would trigger an attempt to free an already-freed pointer
- resulting in a system crash.
-
-CVE-2006-5174
-
- Martin Schwidefsky reported a potential leak of sensitive information
- on s390 systems. The copy_from_user function did not clear the remaining
- bytes of the kernel buffer after receiving a fault on the userspace
- address, resulting in a leak of uninitialized kernel memory. A local user
- could exploit this by appending to a file from a bad address.
-
-CVE-2006-5619
-
- James Morris reported a potential local DoS (Denial of Service)
- vulnerability that could be used to hang or oops a system. The seqfile
- handling for /proc/net/ip6_flowlabel has a flaw that can be exploited to
- cause an infinite loop by reading this file after creating a flowlabel.
-
-CVE-2006-5649
-
- Fabio Massimo Di Nitto reported a potential remote DoS (Denial of Service)
- vulnerability on powerpc systems. The alignment exception only
- checked the exception table for -EFAULT, not for other errors. This can
- be exploited by a local user to cause a system crash (panic).
-
-CVE-2006-5751
-
- Eugene Teo reported a vulnerability in the get_fdb_entries function that
- could potentially be exploited to allow arbitrary code execution with
- escalated priveleges.
-
-CVE-2006-5871
-
- Bill Allombert reported that various mount options are ignored by smbfs
- when UNIX extensions are enabled. This includes the uid, gid and mode
- options. Client systems would silently use the server-provided settings
- instead of honoring these options, changing the security model. This
- update includes a fix from Haroldo Gamal that forces the kernel to honor
- these mount options. Note that, since the current versions of smbmount
- always pass values for these options to the kernel, it is not currently
- possible to activate unix extensions by omitting mount options. However,
- this behavior is currently consistent with the current behavior of the
- next Debian release, 'etch'.
-
-The following matrix explains which kernel version for which architecture
-fix the problems mentioned above:
-
- Debian 3.1 (sarge)
- Source 2.6.8-16sarge6
- Alpha architecture 2.6.8-16sarge6
- AMD64 architecture 2.6.8-16sarge6
- HP Precision architecture 2.6.8-6sarge6
- Intel IA-32 architecture 2.6.8-16sarge6
- Intel IA-64 architecture 2.6.8-14sarge6
- Motorola 680x0 architecture 2.6.8-4sarge6
- PowerPC architecture 2.6.8-12sarge6
- IBM S/390 architecture 2.6.8-5sarge6
- Sun Sparc architecture 2.6.8-15sarge6
-
-The following matrix lists additional packages that were rebuilt for
-compatibility with or to take advantage of this update:
-
- Debian 3.1 (sarge)
- fai-kernels 1.9.1sarge5
-
-We recommend that you upgrade your kernel package immediately and reboot
-the machine. If you have built a custom kernel from the kernel source
-package, you will need to rebuild to take advantage of these fixes.
-
-Upgrade Instructions
---------------------
-
-wget url
- will fetch the file for you
-dpkg -i file.deb
- will install the referenced file.
-
-If you are using the apt-get package manager, use the line for
-sources.list as given below:
-
-apt-get update
- will update the internal database
-apt-get upgrade
- will install corrected packages
-
-You may use an automated update by adding the resources from the
-footer to the proper configuration.
-
-
-Debian GNU/Linux 3.1 alias sarge
---------------------------------
-
-
- These files will probably be moved into the stable distribution on
- its next update.
-
----------------------------------------------------------------------------------
-For apt-get: deb http://security.debian.org/ stable/updates main
-For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main
-Mailing list: debian-security-announce at lists.debian.org
-Package info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>
Deleted: dsa-texts/2.6.8-sarge7
===================================================================
--- dsa-texts/2.6.8-sarge7 2008-02-22 22:11:44 UTC (rev 1146)
+++ dsa-texts/2.6.8-sarge7 2008-02-22 22:13:55 UTC (rev 1147)
@@ -1,477 +0,0 @@
---------------------------------------------------------------------------
-Debian Security Advisory DSA 1304-1 security at debian.org
-http://www.debian.org/security/ Dann Frazier
-June 16th, 2007 http://www.debian.org/security/faq
---------------------------------------------------------------------------
-
-Package : kernel-source-2.6.8
-Vulnerability : several
-Problem-Type : local/remote
-Debian-specific: no
-CVE ID : CVE-2005-4811 CVE-2006-4814 CVE-2006-4623 CVE-2006-5753
- CVE-2006-5754 CVE-2006-5757 CVE-2006-6053 CVE-2006-6056
- CVE-2006-6060 CVE-2006-6106 CVE-2006-6535 CVE-2007-0958
- CVE-2007-1357 CVE-2007-1592
-
-Several local and remote vulnerabilities have been discovered in the Linux
-kernel that may lead to a denial of service or the execution of arbitrary
-code.
-
-This update also fixes a regression in the smbfs subsystem which was introduced
-in DSA-1233 which caused symlinks to be interpreted as regular files.
-
-The Common Vulnerabilities and Exposures project identifies the
-following problems:
-
-CVE-2005-4811
-
- David Gibson reported an issue in the hugepage code which could permit
- a local DoS (system crash) on appropriately configured systems.
-
-CVE-2006-4814
-
- Doug Chapman discovered a potential local DoS (deadlock) in the mincore
- function caused by improper lock handling.
-
-CVE-2006-4623
-
- Ang Way Chuang reported a remote DoS (crash) in the dvb driver which
- can be triggered by a ULE package with an SNDU length of 0.
-
-CVE-2006-5753
-
- Eric Sandeen provided a fix for a local memory corruption vulnerability
- resulting from a misinterpretation of return values when operating on
- inodes which have been marked bad.
-
-CVE-2006-5754
-
- Darrick Wong discovered a local DoS (crash) vulnerability resulting from
- the incorrect initialization of "nr_pages" in aio_setup_ring().
-
-CVE-2006-5757
-
- LMH reported a potential local DoS which could be exploited by a malicious
- user with the privileges to mount and read a corrupted iso9660 filesystem.
-
-CVE-2006-6053
-
- LMH reported a potential local DoS which could be exploited by a malicious
- user with the privileges to mount and read a corrupted ext3 filesystem.
-
-CVE-2006-6056
-
- LMH reported a potential local DoS which could be exploited by a malicious
- user with the privileges to mount and read a corrupted hfs filesystem on
- systems with SELinux hooks enabled (Debian does not enable SELinux by
- default).
-
-CVE-2006-6060
-
- LMH reported a potential local DoS (infinie loop) which could be exploited
- by a malicious user with the privileges to mount and read a corrupted NTFS
- filesystem.
-
-CVE-2006-6106
-
- Marcel Holtman discovered multiple buffer overflows in the Bluetooth
- subsystem which can be used to trigger a remote DoS (crash) and potentially
- execute arbitray code.
-
-CVE-2006-6535
-
- Kostantin Khorenko discovered an invalid error path in dev_queue_xmit()
- which could be exploited by a local user to cause data corruption.
-
-CVE-2007-0958
-
- Santosh Eraniose reported a vulnerability that allows local users to read
- otherwise unreadable files by triggering a core dump while using PT_INTERP.
- This is related to CVE-2004-1073.
-
-CVE-2007-1357
-
- Jean Delvare reported a vulnerability in the appletalk subsystem.
- Systems with the appletalk module loaded can be triggered to crash
- by other systems on the local network via a malformed frame.
-
-CVE-2007-1592
-
- Masayuki Nakagawa discovered that flow labels were inadvertently
- being shared between listening sockets and child sockets. This defect
- can be exploited by local users to cause a DoS (Oops).
-
-The following matrix explains which kernel version for which architecture
-fix the problems mentioned above:
-
- Debian 3.1 (sarge)
- Source 2.6.8-16sarge7
- Alpha architecture 2.6.8-16sarge7
- AMD64 architecture 2.6.8-16sarge7
- HP Precision architecture 2.6.8-6sarge7
- Intel IA-32 architecture 2.6.8-16sarge7
- Intel IA-64 architecture 2.6.8-14sarge7
- Motorola 680x0 architecture 2.6.8-4sarge7
- PowerPC architecture 2.6.8-12sarge7
- IBM S/390 architecture 2.6.8-5sarge7
- Sun Sparc architecture 2.6.8-15sarge7
-
-We recommend that you upgrade your kernel package immediately and reboot
-the machine. If you have built a custom kernel from the kernel source
-package, you will need to rebuild to take advantage of these fixes.
-
-Upgrade Instructions
---------------------
-
-wget url
- will fetch the file for you
-dpkg -i file.deb
- will install the referenced file.
-
-If you are using the apt-get package manager, use the line for
-sources.list as given below:
-
-apt-get update
- will update the internal database
-apt-get upgrade
- will install corrected packages
-
-You may use an automated update by adding the resources from the
-footer to the proper configuration.
-
-
-Debian GNU/Linux 3.1 alias sarge
---------------------------------
-
- Source archives:
-
- http://security.debian.org/pool/updates/main/f/fai-kernels/fai-kernels_1.9.1sarge6.dsc
- Size/MD5 checksum: 621 5549801d7afb55815fdbdab176ca876e
- http://security.debian.org/pool/updates/main/f/fai-kernels/fai-kernels_1.9.1sarge6.tar.gz
- Size/MD5 checksum: 30783 ca74ee036a13e209a496d86cfa216a3a
- http://security.debian.org/pool/updates/main/h/hostap-modules-i386/hostap-modules-i386_0.3.7-1sarge2.dsc
- Size/MD5 checksum: 1092 5873dba0c647976525db473f74acb9e0
- http://security.debian.org/pool/updates/main/h/hostap-modules-i386/hostap-modules-i386_0.3.7-1sarge2.tar.gz
- Size/MD5 checksum: 2310 77fa2acc4981a8139a83ab5ba38b2496
- http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-alpha/kernel-image-2.6.8-alpha_2.6.8-16sarge7.dsc
- Size/MD5 checksum: 812 31724186421d5e75b4d30bc4c5ac4cfe
- http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-alpha/kernel-image-2.6.8-alpha_2.6.8-16sarge7.tar.gz
- Size/MD5 checksum: 41795 5cf6d42b220f46f3dac97d1c04a8f259
- http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-amd64/kernel-image-2.6.8-amd64_2.6.8-16sarge7.dsc
- Size/MD5 checksum: 1103 375e1122fd79645e41edab034be9de0f
- http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-amd64/kernel-image-2.6.8-amd64_2.6.8-16sarge7.tar.gz
- Size/MD5 checksum: 79256 ca9f65f94ea59b6d7edaf6b78de20adb
- http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-hppa/kernel-image-2.6.8-hppa_2.6.8-6sarge7.dsc
- Size/MD5 checksum: 1013 f815fd7077a24a9bc1639e8965ac8436
- http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-hppa/kernel-image-2.6.8-hppa_2.6.8-6sarge7.tar.gz
- Size/MD5 checksum: 70389 9ebd6b53dfe6592d0783727b994c093e
- http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-i386/kernel-image-2.6.8-i386_2.6.8-16sarge7.dsc
- Size/MD5 checksum: 1047 77659b43aa4f6e16200a2fc7c965f38d
- http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-i386/kernel-image-2.6.8-i386_2.6.8-16sarge7.tar.gz
- Size/MD5 checksum: 93525 8def6bcf41cc21b34233d64a91fd3711
- http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-ia64/kernel-image-2.6.8-ia64_2.6.8-14sarge7.dsc
- Size/MD5 checksum: 1191 672189ecf8912c0c58dc83dee1db8c43
- http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-ia64/kernel-image-2.6.8-ia64_2.6.8-14sarge7.tar.gz
- Size/MD5 checksum: 67022 d9201644c379a6014c0cc604bfb8e0ab
- http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-m68k/kernel-image-2.6.8-m68k_2.6.8-4sarge7.dsc
- Size/MD5 checksum: 874 faf43ca53f82737f123afab17a74f052
- http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-m68k/kernel-image-2.6.8-m68k_2.6.8-4sarge7.tar.gz
- Size/MD5 checksum: 20214 82cb545e2b7abbb013cae38deebf4e08
- http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-s390/kernel-image-2.6.8-s390_2.6.8-5sarge7.dsc
- Size/MD5 checksum: 846 64007a13f7e337cbf008bc2c74b52ea1
- http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-s390/kernel-image-2.6.8-s390_2.6.8-5sarge7.tar.gz
- Size/MD5 checksum: 15750 201c22a6234947a99c468f2779160b33
- http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-sparc/kernel-image-2.6.8-sparc_2.6.8-15sarge7.dsc
- Size/MD5 checksum: 1036 354dca83df1ed4b6fd9eb056aa868a0e
- http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-sparc/kernel-image-2.6.8-sparc_2.6.8-15sarge7.tar.gz
- Size/MD5 checksum: 29718 2238b6f81d4b7c64e75d21749a2c9c71
- http://security.debian.org/pool/updates/main/k/kernel-patch-powerpc-2.6.8/kernel-patch-powerpc-2.6.8_2.6.8-12sarge7.dsc
- Size/MD5 checksum: 1071 1bc90c9c9a884ca21de67e47f7f71831
- http://security.debian.org/pool/updates/main/k/kernel-patch-powerpc-2.6.8/kernel-patch-powerpc-2.6.8_2.6.8-12sarge7.tar.gz
- Size/MD5 checksum: 29824 c5af34b00421bbf54f73210fae7da80a
- http://security.debian.org/pool/updates/main/k/kernel-source-2.6.8/kernel-source-2.6.8_2.6.8-16sarge7.dsc
- Size/MD5 checksum: 1002 045ef1474c1a353d5aa48dea8c67183b
- http://security.debian.org/pool/updates/main/k/kernel-source-2.6.8/kernel-source-2.6.8_2.6.8-16sarge7.diff.gz
- Size/MD5 checksum: 1086810 4d9a1726c26fb571d1b10bc94f4ee102
- http://security.debian.org/pool/updates/main/k/kernel-source-2.6.8/kernel-source-2.6.8_2.6.8.orig.tar.gz
- Size/MD5 checksum: 43929719 0393c05ffa4770c3c5178b74dc7a4282
- http://security.debian.org/pool/updates/main/m/mol-modules-2.6.8/mol-modules-2.6.8_0.9.70+2.6.8+12sarge2.dsc
- Size/MD5 checksum: 703 adb50819acd30f02a8c22f0397675bb5
- http://security.debian.org/pool/updates/main/m/mol-modules-2.6.8/mol-modules-2.6.8_0.9.70+2.6.8+12sarge2.tar.gz
- Size/MD5 checksum: 4358 469b36e05242fb4ce2adfc0d102fa2aa
-
- Architecture independent components:
-
- http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-s390/kernel-patch-2.6.8-s390_2.6.8-5sarge7_all.deb
- Size/MD5 checksum: 13864 651d60ecebfed7a105e0263f6fe5478e
- http://security.debian.org/pool/updates/main/k/kernel-source-2.6.8/kernel-doc-2.6.8_2.6.8-16sarge7_all.deb
- Size/MD5 checksum: 6185220 661002c3ad09bbd5dcab929d531041b2
- http://security.debian.org/pool/updates/main/k/kernel-source-2.6.8/kernel-patch-debian-2.6.8_2.6.8-16sarge7_all.deb
- Size/MD5 checksum: 1142308 4cbfb30ffaf7e431cf8b162a37c543a3
- http://security.debian.org/pool/updates/main/k/kernel-source-2.6.8/kernel-source-2.6.8_2.6.8-16sarge7_all.deb
- Size/MD5 checksum: 34947952 2487a3846e7143fdfca3ad5664028c88
- http://security.debian.org/pool/updates/main/k/kernel-source-2.6.8/kernel-tree-2.6.8_2.6.8-16sarge7_all.deb
- Size/MD5 checksum: 37742 9d7013f35ef4f2720147f393efa265a4
-
- Alpha architecture:
-
- http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-alpha/kernel-headers-2.6.8-4_2.6.8-16sarge7_alpha.deb
- Size/MD5 checksum: 2762560 84e7e74114738170f4d9f7df9e270b78
- http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-alpha/kernel-headers-2.6.8-4-generic_2.6.8-16sarge7_alpha.deb
- Size/MD5 checksum: 234956 23c852ab91eb4a3ac982c9cbe04eff84
- http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-alpha/kernel-headers-2.6.8-4-smp_2.6.8-16sarge7_alpha.deb
- Size/MD5 checksum: 229566 aa37cc2ff3b38f45f0e83bed8d177b47
- http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-alpha/kernel-image-2.6.8-4-generic_2.6.8-16sarge7_alpha.deb
- Size/MD5 checksum: 20243562 d927ee8555993b8d6fc77790d3b55711
- http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-alpha/kernel-image-2.6.8-4-smp_2.6.8-16sarge7_alpha.deb
- Size/MD5 checksum: 20097284 206b31b2bd3751fcea2607ee351c9889
-
- AMD64 architecture:
-
- http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-amd64/kernel-headers-2.6.8-13_2.6.8-16sarge7_amd64.deb
- Size/MD5 checksum: 2725500 3f3ab58e8870ab61b9e23c23761a4604
- http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-amd64/kernel-headers-2.6.8-13-amd64-generic_2.6.8-16sarge7_amd64.deb
- Size/MD5 checksum: 228840 d16b8661666cdde1b13b566da719f49e
- http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-amd64/kernel-headers-2.6.8-13-amd64-k8_2.6.8-16sarge7_amd64.deb
- Size/MD5 checksum: 228024 afcb92db3b32fcef246cfdbaebc7c488
- http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-amd64/kernel-headers-2.6.8-13-amd64-k8-smp_2.6.8-16sarge7_amd64.deb
- Size/MD5 checksum: 224084 d726ad34628dce5f56a292726ef77418
- http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-amd64/kernel-headers-2.6.8-13-em64t-p4_2.6.8-16sarge7_amd64.deb
- Size/MD5 checksum: 225808 d284e53c3827339b685be9c0b2c2bfb0
- http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-amd64/kernel-headers-2.6.8-13-em64t-p4-smp_2.6.8-16sarge7_amd64.deb
- Size/MD5 checksum: 222522 97e162f7245121533a0a20fd6e439b1f
- http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-amd64/kernel-image-2.6.8-13-amd64-generic_2.6.8-16sarge7_amd64.deb
- Size/MD5 checksum: 12574610 c65adc755a40692b1351fa778a7ce25b
- http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-amd64/kernel-image-2.6.8-13-amd64-k8_2.6.8-16sarge7_amd64.deb
- Size/MD5 checksum: 13273222 e94fdc0178812250ce7beb3cbcb5156d
- http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-amd64/kernel-image-2.6.8-13-amd64-k8-smp_2.6.8-16sarge7_amd64.deb
- Size/MD5 checksum: 13229476 87dfdba1729330c694e488fc9bef1bd2
- http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-amd64/kernel-image-2.6.8-13-em64t-p4_2.6.8-16sarge7_amd64.deb
- Size/MD5 checksum: 13077014 02066ed9e51dbd403e4774492a1f1a4c
- http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-amd64/kernel-image-2.6.8-13-em64t-p4-smp_2.6.8-16sarge7_amd64.deb
- Size/MD5 checksum: 13058474 9599a93b640a5d5e8da7f23ed7f4ab27
-
- HP Precision architecture:
-
- http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-hppa/kernel-headers-2.6.8-4_2.6.8-6sarge7_hppa.deb
- Size/MD5 checksum: 2803824 0eb5a4184865094e9e835cd6f199b00c
- http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-hppa/kernel-headers-2.6.8-4-32_2.6.8-6sarge7_hppa.deb
- Size/MD5 checksum: 214636 3292ec383938984d8131a40f277319a5
- http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-hppa/kernel-headers-2.6.8-4-32-smp_2.6.8-6sarge7_hppa.deb
- Size/MD5 checksum: 213972 61f3fc8bb2046797b43a00c2221e1171
- http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-hppa/kernel-headers-2.6.8-4-64_2.6.8-6sarge7_hppa.deb
- Size/MD5 checksum: 213562 ee18d9c16cc6331dbb298d9262abbc9e
- http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-hppa/kernel-headers-2.6.8-4-64-smp_2.6.8-6sarge7_hppa.deb
- Size/MD5 checksum: 212888 698a340ca8a5e1d1609dc6352b0199ae
- http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-hppa/kernel-image-2.6.8-4-32_2.6.8-6sarge7_hppa.deb
- Size/MD5 checksum: 16039300 662e50ec503587eeb8745cc5744bfcc1
- http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-hppa/kernel-image-2.6.8-4-32-smp_2.6.8-6sarge7_hppa.deb
- Size/MD5 checksum: 16947726 551b44ab6365f48c3728046f9c625406
- http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-hppa/kernel-image-2.6.8-4-64_2.6.8-6sarge7_hppa.deb
- Size/MD5 checksum: 17493200 d463b06fd140bedf5ff92c922b3cff50
- http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-hppa/kernel-image-2.6.8-4-64-smp_2.6.8-6sarge7_hppa.deb
- Size/MD5 checksum: 18325380 6b79ea34d4e01ee2aea71140b379b380
-
- Intel IA-32 architecture:
-
- http://security.debian.org/pool/updates/main/f/fai-kernels/fai-kernels_1.9.1sarge6_i386.deb
- Size/MD5 checksum: 12007024 966cfd1adb7d4eb8b14eff257ad90576
- http://security.debian.org/pool/updates/main/h/hostap-modules-i386/hostap-modules-2.4.27-3-386_0.3.7-1sarge2_i386.deb
- Size/MD5 checksum: 140588 4d3d9c96e4566ea0ae5b8ce33892b9f5
- http://security.debian.org/pool/updates/main/h/hostap-modules-i386/hostap-modules-2.4.27-3-586tsc_0.3.7-1sarge2_i386.deb
- Size/MD5 checksum: 153216 ec1de04dfe524ed566c9168317c7f96d
- http://security.debian.org/pool/updates/main/h/hostap-modules-i386/hostap-modules-2.4.27-3-686_0.3.7-1sarge2_i386.deb
- Size/MD5 checksum: 156142 d3d7ccde57a411d1e57fd606dac627fb
- http://security.debian.org/pool/updates/main/h/hostap-modules-i386/hostap-modules-2.4.27-3-686-smp_0.3.7-1sarge2_i386.deb
- Size/MD5 checksum: 160348 3f0273700f3be9fa5430046ba227dd91
- http://security.debian.org/pool/updates/main/h/hostap-modules-i386/hostap-modules-2.4.27-3-k6_0.3.7-1sarge2_i386.deb
- Size/MD5 checksum: 149216 69c40d1ebb04a5ceca0374d28ff6faa2
- http://security.debian.org/pool/updates/main/h/hostap-modules-i386/hostap-modules-2.4.27-3-k7_0.3.7-1sarge2_i386.deb
- Size/MD5 checksum: 154834 49bca7c096574c6c0dbfe44db03c2cd0
- http://security.debian.org/pool/updates/main/h/hostap-modules-i386/hostap-modules-2.4.27-3-k7-smp_0.3.7-1sarge2_i386.deb
- Size/MD5 checksum: 158768 d31bb7bcec9ea2d123df2d9d2fc3ccff
- http://security.debian.org/pool/updates/main/h/hostap-modules-i386/hostap-modules-2.6.8-4-386_0.3.7-1sarge2_i386.deb
- Size/MD5 checksum: 147778 16e794df6938137a2bd066f4765c5cb2
- http://security.debian.org/pool/updates/main/h/hostap-modules-i386/hostap-modules-2.6.8-4-686_0.3.7-1sarge2_i386.deb
- Size/MD5 checksum: 165352 c92a69dee0c20259819ff4a6e1ce127f
- http://security.debian.org/pool/updates/main/h/hostap-modules-i386/hostap-modules-2.6.8-4-686-smp_0.3.7-1sarge2_i386.deb
- Size/MD5 checksum: 169670 fa480aa39abd471188776c526fd168fc
- http://security.debian.org/pool/updates/main/h/hostap-modules-i386/hostap-modules-2.6.8-4-k7_0.3.7-1sarge2_i386.deb
- Size/MD5 checksum: 163782 ae0f354c82688de2119cd9ade09e74c7
- http://security.debian.org/pool/updates/main/h/hostap-modules-i386/hostap-modules-2.6.8-4-k7-smp_0.3.7-1sarge2_i386.deb
- Size/MD5 checksum: 168098 bf6e5340a8f9c1484ee5ec72def36707
- http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-i386/kernel-headers-2.6.8-4_2.6.8-16sarge7_i386.deb
- Size/MD5 checksum: 2782142 060404a3576c79845753ca1d7fd32a20
- http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-i386/kernel-headers-2.6.8-4-386_2.6.8-16sarge7_i386.deb
- Size/MD5 checksum: 260950 875fa8dd31aa4ec2cd60789028b8998a
- http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-i386/kernel-headers-2.6.8-4-686_2.6.8-16sarge7_i386.deb
- Size/MD5 checksum: 259062 0aec026194b11813344b17bfcce1f891
- http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-i386/kernel-headers-2.6.8-4-686-smp_2.6.8-16sarge7_i386.deb
- Size/MD5 checksum: 256060 8bb21af70c57b6dce4f6e21e1681e1f9
- http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-i386/kernel-headers-2.6.8-4-k7_2.6.8-16sarge7_i386.deb
- Size/MD5 checksum: 259116 d894737b2d3bd873362fe8df8ec413b2
- http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-i386/kernel-headers-2.6.8-4-k7-smp_2.6.8-16sarge7_i386.deb
- Size/MD5 checksum: 256212 7bbbee51dae99f8a71d85284311bef37
- http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-i386/kernel-image-2.6.8-4-386_2.6.8-16sarge7_i386.deb
- Size/MD5 checksum: 14068328 6086f827005699f3ce18e8e38a4e6fff
- http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-i386/kernel-image-2.6.8-4-686_2.6.8-16sarge7_i386.deb
- Size/MD5 checksum: 15553736 91c0c8cf6f38ff8b13c33ff8eb76914f
- http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-i386/kernel-image-2.6.8-4-686-smp_2.6.8-16sarge7_i386.deb
- Size/MD5 checksum: 15391134 41f0635a9278030173cb9a949111e14e
- http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-i386/kernel-image-2.6.8-4-k7_2.6.8-16sarge7_i386.deb
- Size/MD5 checksum: 15275512 9e089adef128031a8f2115243ee03bd2
- http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-i386/kernel-image-2.6.8-4-k7-smp_2.6.8-16sarge7_i386.deb
- Size/MD5 checksum: 15168590 2d54f3727c4d608a21400408b2c9d493
- http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-amd64/kernel-headers-2.6.8-13_2.6.8-16sarge7_i386.deb
- Size/MD5 checksum: 2725464 90eeb0a9f5709f84c3c938616b1fccb5
- http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-amd64/kernel-headers-2.6.8-13-amd64-generic_2.6.8-16sarge7_i386.deb
- Size/MD5 checksum: 228766 ffbb8044767a4e03782e14941b72f96d
- http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-amd64/kernel-headers-2.6.8-13-amd64-k8_2.6.8-16sarge7_i386.deb
- Size/MD5 checksum: 227862 5a0d244abec1d92b8405c2d55f8d8ccc
- http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-amd64/kernel-headers-2.6.8-13-amd64-k8-smp_2.6.8-16sarge7_i386.deb
- Size/MD5 checksum: 224060 bbd653fcc567ce1c4c39af98e4e14f5c
- http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-amd64/kernel-headers-2.6.8-13-em64t-p4_2.6.8-16sarge7_i386.deb
- Size/MD5 checksum: 225776 52376bf8dc98cbd4729ca25461efb079
- http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-amd64/kernel-headers-2.6.8-13-em64t-p4-smp_2.6.8-16sarge7_i386.deb
- Size/MD5 checksum: 222518 39139014fc8b44bbc87db457a49ac084
- http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-amd64/kernel-image-2.6.8-13-amd64-generic_2.6.8-16sarge7_i386.deb
- Size/MD5 checksum: 12574442 d17f627e1d88d8bb3c57d10b108ce4d0
- http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-amd64/kernel-image-2.6.8-13-amd64-k8_2.6.8-16sarge7_i386.deb
- Size/MD5 checksum: 13273306 fd8193f685bc9ea4f76b39f00bba8f50
- http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-amd64/kernel-image-2.6.8-13-amd64-k8-smp_2.6.8-16sarge7_i386.deb
- Size/MD5 checksum: 13229824 5989357674d3f4e12bc2fc89a86ba549
- http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-amd64/kernel-image-2.6.8-13-em64t-p4_2.6.8-16sarge7_i386.deb
- Size/MD5 checksum: 13226862 dc2ebac9133fcd8c1b85fb539d779683
- http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-amd64/kernel-image-2.6.8-13-em64t-p4-smp_2.6.8-16sarge7_i386.deb
- Size/MD5 checksum: 13205066 6daa6858e61b1843e038f9e2a04df41c
-
-
- Intel IA-64 architecture:
-
- http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-ia64/kernel-headers-2.6-itanium_2.6.8-14sarge7_ia64.deb
- Size/MD5 checksum: 9496 bd1b20781c0a0261864cb25bfd65d9a4
- http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-ia64/kernel-headers-2.6-itanium-smp_2.6.8-14sarge7_ia64.deb
- Size/MD5 checksum: 9560 7e3ff1e6eee69c81f42dd9912dce7baf
- http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-ia64/kernel-headers-2.6-mckinley_2.6.8-14sarge7_ia64.deb
- Size/MD5 checksum: 9526 4d29c68fcde4f1164f310a8071783953
- http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-ia64/kernel-headers-2.6-mckinley-smp_2.6.8-14sarge7_ia64.deb
- Size/MD5 checksum: 9586 4b0c7ca8651f9c785eccce8b356f766b
- http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-ia64/kernel-headers-2.6.8-4_2.6.8-14sarge7_ia64.deb
- Size/MD5 checksum: 3101574 b38d525273063519f869b8025e586bf5
- http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-ia64/kernel-headers-2.6.8-4-itanium_2.6.8-14sarge7_ia64.deb
- Size/MD5 checksum: 203348 25239d213c84ee50c68884e6285a95c4
- http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-ia64/kernel-headers-2.6.8-4-itanium-smp_2.6.8-14sarge7_ia64.deb
- Size/MD5 checksum: 202850 8dc59012398a37e508bb33ed5088addd
- http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-ia64/kernel-headers-2.6.8-4-mckinley_2.6.8-14sarge7_ia64.deb
- Size/MD5 checksum: 202972 4370ad87aa8f711509fec39878608621
- http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-ia64/kernel-headers-2.6.8-4-mckinley-smp_2.6.8-14sarge7_ia64.deb
- Size/MD5 checksum: 202650 804b0b5408cf7d67187f620bf7c0c6c1
- http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-ia64/kernel-image-2.6-itanium_2.6.8-14sarge7_ia64.deb
- Size/MD5 checksum: 9486 f2391dc971232c3c8a8ab0de5b551fe6
- http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-ia64/kernel-image-2.6-itanium-smp_2.6.8-14sarge7_ia64.deb
- Size/MD5 checksum: 9556 3cae8e8cdf69ec485d731937ff6f0c30
- http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-ia64/kernel-image-2.6-mckinley_2.6.8-14sarge7_ia64.deb
- Size/MD5 checksum: 9516 1febb236a0987f6a4be151e3923a7ed5
- http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-ia64/kernel-image-2.6-mckinley-smp_2.6.8-14sarge7_ia64.deb
- Size/MD5 checksum: 9582 275b6170b6857bd1af929448dc54436c
- http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-ia64/kernel-image-2.6.8-4-itanium_2.6.8-14sarge7_ia64.deb
- Size/MD5 checksum: 21496480 8ba69f1e15994cfe843718d7b46e069f
- http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-ia64/kernel-image-2.6.8-4-itanium-smp_2.6.8-14sarge7_ia64.deb
- Size/MD5 checksum: 22145752 8ac7fa1bf92bf1c4c0205c182e70c0e9
- http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-ia64/kernel-image-2.6.8-4-mckinley_2.6.8-14sarge7_ia64.deb
- Size/MD5 checksum: 21409290 211383f4405c60f9dcd6f4abd63a863a
- http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-ia64/kernel-image-2.6.8-4-mckinley-smp_2.6.8-14sarge7_ia64.deb
- Size/MD5 checksum: 22161834 89aa6c21852a1dd897de9ee9c6686d31
-
- Motorola 680x0 architecture:
-
- http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-m68k/kernel-image-2.6.8-amiga_2.6.8-4sarge7_m68k.deb
- Size/MD5 checksum: 3308982 e5231d0f463e8cfad8a2b0affc640639
- http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-m68k/kernel-image-2.6.8-atari_2.6.8-4sarge7_m68k.deb
- Size/MD5 checksum: 3106740 4cb685cf5ba010c1af6c345b72bf9a09
- http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-m68k/kernel-image-2.6.8-bvme6000_2.6.8-4sarge7_m68k.deb
- Size/MD5 checksum: 3019810 daedbf476546953537e8b2fd0947bac4
- http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-m68k/kernel-image-2.6.8-hp_2.6.8-4sarge7_m68k.deb
- Size/MD5 checksum: 2991960 7f83fcf87edd48606c27e6e539c5e8ab
- http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-m68k/kernel-image-2.6.8-mac_2.6.8-4sarge7_m68k.deb
- Size/MD5 checksum: 3180758 479afd4614662b56a7f877a16c5733a8
- http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-m68k/kernel-image-2.6.8-mvme147_2.6.8-4sarge7_m68k.deb
- Size/MD5 checksum: 2984108 246b0da97b814115941b6b367a5a6d69
- http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-m68k/kernel-image-2.6.8-mvme16x_2.6.8-4sarge7_m68k.deb
- Size/MD5 checksum: 3052328 2a85ffeca76f8a87c09aab9da0365b35
- http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-m68k/kernel-image-2.6.8-q40_2.6.8-4sarge7_m68k.deb
- Size/MD5 checksum: 3113210 f6f561b65d33a58a0b4a2ba3b5d4eb37
- http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-m68k/kernel-image-2.6.8-sun3_2.6.8-4sarge7_m68k.deb
- Size/MD5 checksum: 2998472 665ea6e94f3e3215bdddde333a8e9109
-
- PowerPC architecture:
-
- http://security.debian.org/pool/updates/main/k/kernel-patch-powerpc-2.6.8/kernel-build-2.6.8-4-power3_2.6.8-12sarge7_powerpc.deb
- Size/MD5 checksum: 409476 5e7a4e3b2ed13f34b1e2677a497ee1e9
- http://security.debian.org/pool/updates/main/k/kernel-patch-powerpc-2.6.8/kernel-build-2.6.8-4-power3-smp_2.6.8-12sarge7_powerpc.deb
- Size/MD5 checksum: 409404 20c20aa48f210bda7407c38b025aa55e
- http://security.debian.org/pool/updates/main/k/kernel-patch-powerpc-2.6.8/kernel-build-2.6.8-4-power4_2.6.8-12sarge7_powerpc.deb
- Size/MD5 checksum: 409410 f334dac64177c488d67f466ebcf3e169
- http://security.debian.org/pool/updates/main/k/kernel-patch-powerpc-2.6.8/kernel-build-2.6.8-4-power4-smp_2.6.8-12sarge7_powerpc.deb
- Size/MD5 checksum: 409324 de89552c4f4a5b12c56653cd50fc7f95
- http://security.debian.org/pool/updates/main/k/kernel-patch-powerpc-2.6.8/kernel-build-2.6.8-4-powerpc_2.6.8-12sarge7_powerpc.deb
- Size/MD5 checksum: 409688 fcafa2cd922a131165ab0595375426ab
- http://security.debian.org/pool/updates/main/k/kernel-patch-powerpc-2.6.8/kernel-build-2.6.8-4-powerpc-smp_2.6.8-12sarge7_powerpc.deb
- Size/MD5 checksum: 409482 034ca72a697bfaaaf3f2594a5403f59c
- http://security.debian.org/pool/updates/main/k/kernel-patch-powerpc-2.6.8/kernel-headers-2.6.8-4_2.6.8-12sarge7_powerpc.deb
- Size/MD5 checksum: 5150300 70cca6665a0fc4f994c5ce7fda3a59e6
- http://security.debian.org/pool/updates/main/k/kernel-patch-powerpc-2.6.8/kernel-image-2.6.8-4-power3_2.6.8-12sarge7_powerpc.deb
- Size/MD5 checksum: 13587026 458c7359fbbc76bc02eb8ef2b55cc0b9
- http://security.debian.org/pool/updates/main/k/kernel-patch-powerpc-2.6.8/kernel-image-2.6.8-4-power3-smp_2.6.8-12sarge7_powerpc.deb
- Size/MD5 checksum: 13948056 a720aaf5f4b6ce53847e96435676842d
- http://security.debian.org/pool/updates/main/k/kernel-patch-powerpc-2.6.8/kernel-image-2.6.8-4-power4_2.6.8-12sarge7_powerpc.deb
- Size/MD5 checksum: 13579066 36f3e22d4d878a5733272019c5b3f25e
- http://security.debian.org/pool/updates/main/k/kernel-patch-powerpc-2.6.8/kernel-image-2.6.8-4-power4-smp_2.6.8-12sarge7_powerpc.deb
- Size/MD5 checksum: 13934448 689456442e9921f8f5f724b82c1a4388
- http://security.debian.org/pool/updates/main/k/kernel-patch-powerpc-2.6.8/kernel-image-2.6.8-4-powerpc_2.6.8-12sarge7_powerpc.deb
- Size/MD5 checksum: 13605826 589790a4236615c0b2e7ad508edfbe7c
- http://security.debian.org/pool/updates/main/k/kernel-patch-powerpc-2.6.8/kernel-image-2.6.8-4-powerpc-smp_2.6.8-12sarge7_powerpc.deb
- Size/MD5 checksum: 13864916 50a87b0529f598e4d4684ee6221e3cef
- http://security.debian.org/pool/updates/main/m/mol-modules-2.6.8/mol-modules-2.6.8-4-powerpc_0.9.70+2.6.8+12sarge2_powerpc.deb
- Size/MD5 checksum: 38440 5dd90d5f03bfe8457c5c2ecadc9c2d1c
- http://security.debian.org/pool/updates/main/m/mol-modules-2.6.8/mol-modules-2.6.8-4-powerpc-smp_0.9.70+2.6.8+12sarge2_powerpc.deb
- Size/MD5 checksum: 39372 4edd33511d47ff9e6cf971b0e930374e
-
- IBM S/390 architecture:
-
- http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-s390/kernel-headers-2.6.8-4_2.6.8-5sarge7_s390.deb
- Size/MD5 checksum: 5089222 1df72a6dadb3d4c860e7fb98b8059055
- http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-s390/kernel-image-2.6.8-4-s390_2.6.8-5sarge7_s390.deb
- Size/MD5 checksum: 2987292 c1defc5cabc10eaaf039513911ef0bb1
- http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-s390/kernel-image-2.6.8-4-s390-tape_2.6.8-5sarge7_s390.deb
- Size/MD5 checksum: 1147294 d2b7b3d5780fca7a4c02f26c2d13c0ba
- http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-s390/kernel-image-2.6.8-4-s390x_2.6.8-5sarge7_s390.deb
- Size/MD5 checksum: 3194032 d8e5e1f978e0342345190501e22bce49
-
- Sun Sparc architecture:
-
- http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-sparc/kernel-build-2.6.8-4_2.6.8-15sarge7_sparc.deb
- Size/MD5 checksum: 8128 2c3760c5ad3d06d389c33f5fc4cb0bca
- http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-sparc/kernel-headers-2.6.8-4_2.6.8-15sarge7_sparc.deb
- Size/MD5 checksum: 2893516 02e8eca22069fc8d5ccaf3fb20ac3c52
- http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-sparc/kernel-headers-2.6.8-4-sparc32_2.6.8-15sarge7_sparc.deb
- Size/MD5 checksum: 113334 ed0eb1de3b97b909c45dffeed89d40fb
- http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-sparc/kernel-headers-2.6.8-4-sparc64_2.6.8-15sarge7_sparc.deb
- Size/MD5 checksum: 148128 bafc5bf78fae912f73a38d927a2cbd47
- http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-sparc/kernel-headers-2.6.8-4-sparc64-smp_2.6.8-15sarge7_sparc.deb
- Size/MD5 checksum: 148594 2d01718f8cd038942004778a23ce91b4
- http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-sparc/kernel-image-2.6.8-4-sparc32_2.6.8-15sarge7_sparc.deb
- Size/MD5 checksum: 4556924 0061d182061c7b821fb208f348ed870f
- http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-sparc/kernel-image-2.6.8-4-sparc64_2.6.8-15sarge7_sparc.deb
- Size/MD5 checksum: 7440258 ce79e30d9a4807a8bf565b9045b47f9c
- http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-sparc/kernel-image-2.6.8-4-sparc64-smp_2.6.8-15sarge7_sparc.deb
- Size/MD5 checksum: 7638478 306f0c1fc183597513943c030c06505a
-
- These files will probably be moved into the stable distribution on
- its next update.
-
----------------------------------------------------------------------------------
-For apt-get: deb http://security.debian.org/ stable/updates main
-For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main
-Mailing list: debian-security-announce at lists.debian.org
-Package info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>
More information about the kernel-sec-discuss
mailing list