[kernel-sec-discuss] r1396 - dsa-texts
Micah Anderson
micah at alioth.debian.org
Mon Jun 1 22:59:44 UTC 2009
Author: micah
Date: 2009-06-01 22:59:44 +0000 (Mon, 01 Jun 2009)
New Revision: 1396
Modified:
dsa-texts/2.6.26-15lenny3
Log:
update the vulnerability list, fix some spelling errors
Modified: dsa-texts/2.6.26-15lenny3
===================================================================
--- dsa-texts/2.6.26-15lenny3 2009-06-01 22:50:35 UTC (rev 1395)
+++ dsa-texts/2.6.26-15lenny3 2009-06-01 22:59:44 UTC (rev 1396)
@@ -5,7 +5,7 @@
----------------------------------------------------------------------
Package : linux-2.6
-Vulnerability : denial of service
+Vulnerability : denial of service, privilege escalation, memory leak
Problem type : local/remote
Debian-specific: no
CVE Id(s) : CVE-2009-1630 CVE-2009-1633 CVE-2009-1758
@@ -22,8 +22,8 @@
CVE-2009-1633
- Jeff Layton and Suresh Jayaraman fixed several buffer overflows
- in the CIFS filesystem whcih allow remote servers to cause memory
+ Jeff Layton and Suresh Jayaraman fixed several buffer overflows in
+ the CIFS filesystem which allow remote servers to cause memory
corruption.
CVE-2009-1758
@@ -31,17 +31,19 @@
Jan Beulich discovered an issue in Xen where local guest users may
cause a denial of service (oops).
-This update also fixes a regression introduced by the fix for CVE-2009-1184
-in 2.6.26-15lenny3. This prevents a boottime panic on systems with selinux
-enabled.
+This update also fixes a regression introduced by the fix for
+CVE-2009-1184 in 2.6.26-15lenny3. This prevents a boot time panic on
+systems with SELinux enabled.
For the stable distribution (lenny), these problems have been fixed in
version 2.6.26-15lenny3.
-For the oldstable distribution (etch), these problems, where applicable,
-will be fixed in future updates to linux-2.6 and linux-2.6.24.
+For the oldstable distribution (etch), these problems, where
+applicable, will be fixed in future updates to linux-2.6 and
+linux-2.6.24.
-We recommend that you upgrade your linux-2.6 and user-mode-linux packages.
+We recommend that you upgrade your linux-2.6 and user-mode-linux
+packages.
Note: Debian carefully tracks all known security issues across every
linux kernel package in all releases under active security support.
@@ -68,7 +70,7 @@
will install corrected packages
The following matrix lists additional source packages that were rebuilt for
-compatability with or to take advantage of this update:
+compatibility with or to take advantage of this update:
Debian 5.0 (lenny)
user-mode-linux 2.6.26-1um-2+15lenny3
More information about the kernel-sec-discuss
mailing list