[kernel-sec-discuss] r1363 - dsa-texts

Micah Anderson micah at alioth.debian.org
Tue May 5 16:16:21 UTC 2009 

Author: micah
Date: 2009-05-05 16:16:21 +0000 (Tue, 05 May 2009)
New Revision: 1363

Modified:
   dsa-texts/2.6.26-15lenny1
Log:
some minor tweaks


Modified: dsa-texts/2.6.26-15lenny1
===================================================================
--- dsa-texts/2.6.26-15lenny1	2009-05-05 16:01:06 UTC (rev 1362)
+++ dsa-texts/2.6.26-15lenny1	2009-05-05 16:16:21 UTC (rev 1363)
@@ -14,9 +14,9 @@
                  CVE-2009-1439
 
 Several vulnerabilities have been discovered in the Linux kernel that
-may lead to a denial of service or privilege escalation. The Common
-Vulnerabilities and Exposures project identifies the following
-problems:
+may lead to a denial of service, privilege escalation or a sensitive
+memory leak. The Common Vulnerabilities and Exposures project
+identifies the following problems:
 
 CVE-2009-0028
 
@@ -31,9 +31,9 @@
 
 CVE-2009-0835
 
-    Roland McGrath discovered an issue on amd64 kernels with CONFIG_SECCOMP
-    enabled. By making a specially crafted syscall, local users can bypass
-    access restrictions.
+    Roland McGrath discovered an issue on amd64 kernels with
+    CONFIG_SECCOMP enabled. By making a specially crafted syscall,
+    local users can bypass access restrictions.
 
 CVE-2009-0859
 
@@ -50,15 +50,15 @@
 
 CVE-2009-1072
 
-    Igor Zhbanov reported that nfsd was not properly dropping CAP_MKNOD,
-    allowing users to create device nodes on file systems exported with
-    root_squash.
+    Igor Zhbanov reported that nfsd was not properly dropping
+    CAP_MKNOD, allowing users to create device nodes on file systems
+    exported with root_squash.
 
 CVE-2009-1184
 
-    Dan Carpenter reported a coding issue in the selinux subsystem that
-    allows local users to bypass certain networking checks when running
-    with compat_net=1.
+    Dan Carpenter reported a coding issue in the selinux subsystem
+    that allows local users to bypass certain networking checks when
+    running with compat_net=1.
     
 CVE-2009-1192
 
@@ -97,7 +97,7 @@
     nativeFileSystem field in a Tree Connect response during mount.
 
 For the stable distribution (lenny), these problems have been fixed in
-version 2.6.26-13lenny2.
+version 2.6.26-15lenny1.
 
 For the oldstable distribution (etch), these problems, where applicable,
 will be fixed in future updates to linux-2.6 and linux-2.6.24.

More information about the kernel-sec-discuss mailing list