[kernel-sec-discuss] r1363 - dsa-texts
Micah Anderson
micah at alioth.debian.org
Tue May 5 16:16:21 UTC 2009
Author: micah
Date: 2009-05-05 16:16:21 +0000 (Tue, 05 May 2009)
New Revision: 1363
Modified:
dsa-texts/2.6.26-15lenny1
Log:
some minor tweaks
Modified: dsa-texts/2.6.26-15lenny1
===================================================================
--- dsa-texts/2.6.26-15lenny1 2009-05-05 16:01:06 UTC (rev 1362)
+++ dsa-texts/2.6.26-15lenny1 2009-05-05 16:16:21 UTC (rev 1363)
@@ -14,9 +14,9 @@
CVE-2009-1439
Several vulnerabilities have been discovered in the Linux kernel that
-may lead to a denial of service or privilege escalation. The Common
-Vulnerabilities and Exposures project identifies the following
-problems:
+may lead to a denial of service, privilege escalation or a sensitive
+memory leak. The Common Vulnerabilities and Exposures project
+identifies the following problems:
CVE-2009-0028
@@ -31,9 +31,9 @@
CVE-2009-0835
- Roland McGrath discovered an issue on amd64 kernels with CONFIG_SECCOMP
- enabled. By making a specially crafted syscall, local users can bypass
- access restrictions.
+ Roland McGrath discovered an issue on amd64 kernels with
+ CONFIG_SECCOMP enabled. By making a specially crafted syscall,
+ local users can bypass access restrictions.
CVE-2009-0859
@@ -50,15 +50,15 @@
CVE-2009-1072
- Igor Zhbanov reported that nfsd was not properly dropping CAP_MKNOD,
- allowing users to create device nodes on file systems exported with
- root_squash.
+ Igor Zhbanov reported that nfsd was not properly dropping
+ CAP_MKNOD, allowing users to create device nodes on file systems
+ exported with root_squash.
CVE-2009-1184
- Dan Carpenter reported a coding issue in the selinux subsystem that
- allows local users to bypass certain networking checks when running
- with compat_net=1.
+ Dan Carpenter reported a coding issue in the selinux subsystem
+ that allows local users to bypass certain networking checks when
+ running with compat_net=1.
CVE-2009-1192
@@ -97,7 +97,7 @@
nativeFileSystem field in a Tree Connect response during mount.
For the stable distribution (lenny), these problems have been fixed in
-version 2.6.26-13lenny2.
+version 2.6.26-15lenny1.
For the oldstable distribution (etch), these problems, where applicable,
will be fixed in future updates to linux-2.6 and linux-2.6.24.
More information about the kernel-sec-discuss
mailing list