[kernel-sec-discuss] r1396 - dsa-texts

Micah Anderson micah at alioth.debian.org
Mon Jun 1 22:59:44 UTC 2009 

Author: micah
Date: 2009-06-01 22:59:44 +0000 (Mon, 01 Jun 2009)
New Revision: 1396

Modified:
   dsa-texts/2.6.26-15lenny3
Log:
update the vulnerability list, fix some spelling errors


Modified: dsa-texts/2.6.26-15lenny3
===================================================================
--- dsa-texts/2.6.26-15lenny3	2009-06-01 22:50:35 UTC (rev 1395)
+++ dsa-texts/2.6.26-15lenny3	2009-06-01 22:59:44 UTC (rev 1396)
@@ -5,7 +5,7 @@
 ----------------------------------------------------------------------
 
 Package        : linux-2.6
-Vulnerability  : denial of service
+Vulnerability  : denial of service, privilege escalation, memory leak
 Problem type   : local/remote
 Debian-specific: no
 CVE Id(s)      : CVE-2009-1630 CVE-2009-1633 CVE-2009-1758
@@ -22,8 +22,8 @@
 
 CVE-2009-1633
 
-    Jeff Layton and Suresh Jayaraman fixed several buffer overflows
-    in the CIFS filesystem whcih allow remote servers to cause memory
+    Jeff Layton and Suresh Jayaraman fixed several buffer overflows in
+    the CIFS filesystem which allow remote servers to cause memory
     corruption.
 
 CVE-2009-1758
@@ -31,17 +31,19 @@
     Jan Beulich discovered an issue in Xen where local guest users may
     cause a denial of service (oops).
 
-This update also fixes a regression introduced by the fix for CVE-2009-1184
-in 2.6.26-15lenny3. This prevents a boottime panic on systems with selinux
-enabled.
+This update also fixes a regression introduced by the fix for
+CVE-2009-1184 in 2.6.26-15lenny3. This prevents a boot time panic on
+systems with SELinux enabled.
 
 For the stable distribution (lenny), these problems have been fixed in
 version 2.6.26-15lenny3.
 
-For the oldstable distribution (etch), these problems, where applicable,
-will be fixed in future updates to linux-2.6 and linux-2.6.24.
+For the oldstable distribution (etch), these problems, where
+applicable, will be fixed in future updates to linux-2.6 and
+linux-2.6.24.
 
-We recommend that you upgrade your linux-2.6 and user-mode-linux packages.
+We recommend that you upgrade your linux-2.6 and user-mode-linux
+packages.
 
 Note: Debian carefully tracks all known security issues across every
 linux kernel package in all releases under active security support.
@@ -68,7 +70,7 @@
         will install corrected packages
 
 The following matrix lists additional source packages that were rebuilt for
-compatability with or to take advantage of this update:
+compatibility with or to take advantage of this update:
 
                                              Debian 5.0 (lenny)
      user-mode-linux                         2.6.26-1um-2+15lenny3

More information about the kernel-sec-discuss mailing list