[kernel-sec-discuss] r1394 - dsa-texts
Dann Frazier
dannf at alioth.debian.org
Mon Jun 1 21:35:17 UTC 2009
Author: dannf
Date: 2009-06-01 21:35:17 +0000 (Mon, 01 Jun 2009)
New Revision: 1394
Added:
dsa-texts/2.6.26-15lenny3
Log:
new text
Copied: dsa-texts/2.6.26-15lenny3 (from rev 1392, dsa-texts/2.6.26-15lenny2)
===================================================================
--- dsa-texts/2.6.26-15lenny3 (rev 0)
+++ dsa-texts/2.6.26-15lenny3 2009-06-01 21:35:17 UTC (rev 1394)
@@ -0,0 +1,92 @@
+----------------------------------------------------------------------
+Debian Security Advisory DSA-XXXX-1 security at debian.org
+http://www.debian.org/security/ dann frazier
+Jun 01, 2009 http://www.debian.org/security/faq
+----------------------------------------------------------------------
+
+Package : linux-2.6
+Vulnerability : denial of service/privilege escalation/sensitive memory leak
+Problem type : local/remote
+Debian-specific: no
+CVE Id(s) : CVE-2009-1630 CVE-2009-1633 CVE-2009-1758
+
+Several vulnerabilities have been discovered in the Linux kernel that
+may lead to a denial of service, privilege escalation or a sensitive
+memory leak. The Common Vulnerabilities and Exposures project
+identifies the following problems:
+
+CVE-2009-1630
+
+ Frank Filz discovered that local users may be able to execute
+ files without execute permission when accessed via an nfs4 mount.
+
+CVE-2009-1633
+
+ Jeff Layton and Suresh Jayaraman fixed several buffer overflows
+ in the CIFS filesystem whcih allow remote servers to cause memory
+ corruption.
+
+CVE-2009-1758
+
+ Jan Beulich discovered an issue in Xen where local gues users may
+ cause a denial of service (oops).
+
+This update also fixes a regression introduced by the fix for CVE-2009-1184
+in 2.6.26-15lenny3. This prevents a boottime panic on systems with selinux
+enabled.
+
+For the stable distribution (lenny), these problems have been fixed in
+version 2.6.26-15lenny3.
+
+For the oldstable distribution (etch), these problems, where applicable,
+will be fixed in future updates to linux-2.6 and linux-2.6.24.
+
+We recommend that you upgrade your linux-2.6 and user-mode-linux packages.
+
+Note: Debian carefully tracks all known security issues across every
+linux kernel package in all releases under active security support.
+However, given the high frequency at which low-severity security
+issues are discovered in the kernel and the resource requirements of
+doing an update, updates for lower priority issues will normally not
+be released for all kernels at the same time. Rather, they will be
+released in a staggered or "leap-frog" fashion.
+
+Upgrade instructions
+--------------------
+
+wget url
+ will fetch the file for you
+dpkg -i file.deb
+ will install the referenced file.
+
+If you are using the apt-get package manager, use the line for
+sources.list as given below:
+
+apt-get update
+ will update the internal database
+apt-get upgrade
+ will install corrected packages
+
+The following matrix lists additional source packages that were rebuilt for
+compatability with or to take advantage of this update:
+
+ Debian 5.0 (lenny)
+ user-mode-linux 2.6.26-1um-2+15lenny3
+
+You may use an automated update by adding the resources from the
+footer to the proper configuration.
+
+Debian GNU/Linux 5.0 alias lenny
+--------------------------------
+
+Stable updates are available for alpha, amd64, arm, armel, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc.
+
+
+ These changes will probably be included in the stable distribution on
+ its next update.
+
+---------------------------------------------------------------------------------
+For apt-get: deb http://security.debian.org/ stable/updates main
+For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main
+Mailing list: debian-security-announce at lists.debian.org
+Package info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>
More information about the kernel-sec-discuss
mailing list