[kernel-sec-discuss] r1362 - dsa-texts

Micah Anderson micah at alioth.debian.org
Tue May 5 16:01:06 UTC 2009 

Author: micah
Date: 2009-05-05 16:01:06 +0000 (Tue, 05 May 2009)
New Revision: 1362

Modified:
   dsa-texts/2.6.18.dfsg.1-24etch2
Log:
some minor spelling, grammar and formatting fixes


Modified: dsa-texts/2.6.18.dfsg.1-24etch2
===================================================================
--- dsa-texts/2.6.18.dfsg.1-24etch2	2009-05-05 08:07:27 UTC (rev 1361)
+++ dsa-texts/2.6.18.dfsg.1-24etch2	2009-05-05 16:01:06 UTC (rev 1362)
@@ -15,9 +15,9 @@
                  CVE-2009-1336 CVE-2009-1337 CVE-2009-1439
 
 Several vulnerabilities have been discovered in the Linux kernel that
-may lead to a denial of service or privilege escalation. The Common
-Vulnerabilities and Exposures project identifies the following
-problems:
+may lead to denial of service, privilege escalation, or information
+leak. The Common Vulnerabilities and Exposures project identifies the
+following problems:
 
 CVE-2008-4307
 
@@ -28,14 +28,14 @@
 CVE-2008-5395
 
     Helge Deller discovered a denial of service condition that allows
-    local users on PA-RISC systems to crash a system by attempting to
-    unwind a stack contiaining userspace addresses.
+    local users on PA-RISC to crash the system by attempting to unwind
+    a stack contiaining userspace addresses.
 
 CVE-2008-5701
 
-    Vlad Malov reported an issue on 64-bit MIPS systems where a local
-    user could cause a system crash by crafing a malicious binary
-    which makes o32 syscalls with a number less than 4000.
+    Vlad Malov reported an issue on 64-bit MIPS where a local user
+    could cause a system crash by crafting a malicious binary which
+    makes o32 syscalls with a number less than 4000.
 
 CVE-2008-5702
 
@@ -46,8 +46,8 @@
 
 CVE-2008-5713
 
-    Flavio Leitner discovered that a local user can cause a denial
-    of service by generating large amounts of traffic on a large SMP
+    Flavio Leitner discovered that a local user can cause a denial of
+    service by generating large amounts of traffic on a large SMP
     system, resulting in soft lockups.
 
 CVE-2009-0028
@@ -66,7 +66,7 @@
 
     Vegard Nossum discovered a memory leak in the keyctl subsystem
     that allows local users to cause a denial of service by consuming
-    all of kernel memory.
+    all available kernel memory.
 
 CVE-2009-0065
 
@@ -117,9 +117,10 @@
 
 CVE-2009-1336
 
-    Trond Myklebust reported an issue in the encode_lookup() function in
-    the nfs server subsystem that allows local users to cause a denial
-    of service (oops in encode_lookup()) by use of a long filename.
+    Trond Myklebust reported an issue in the encode_lookup() function
+    in the nfs server subsystem that allows local users to cause a
+    denial of service (oops in encode_lookup()) by use of a long
+    filename.
     
 CVE-2009-1337
 
@@ -142,11 +143,11 @@
 
 Note: Debian carefully tracks all known security issues across every
 linux kernel package in all releases under active security support.
-However, given the high frequency at which low-severity
-security issues are discovered in the kernel and the resource
-requirements of doing an update, updates for lower priority issues
-will normally not be released for all kernels at the same time. Rather,
-they will be released in a staggered or "leap-frog" fashion.
+However, given the high frequency at which low-severity security
+issues are discovered in the kernel and the resource requirements of
+doing an update, updates for lower priority issues will normally not
+be released for all kernels at the same time. Rather, they will be
+released in a staggered or "leap-frog" fashion.
 
 Upgrade instructions
 --------------------

More information about the kernel-sec-discuss mailing list