[kernel-sec-discuss] r2357 - dsa-texts
Dann Frazier
dannf at alioth.debian.org
Sat Jun 18 23:23:03 UTC 2011
Author: dannf
Date: 2011-06-18 23:23:02 +0000 (Sat, 18 Jun 2011)
New Revision: 2357
Modified:
dsa-texts/2.6.26-26lenny3
Log:
flesh out
Modified: dsa-texts/2.6.26-26lenny3
===================================================================
--- dsa-texts/2.6.26-26lenny3 2011-06-18 23:11:14 UTC (rev 2356)
+++ dsa-texts/2.6.26-26lenny3 2011-06-18 23:23:02 UTC (rev 2357)
@@ -1,7 +1,7 @@
-------------------------------------------------------------------------
-Debian Security Advisory DSA-XXXX-1 security at debian.org
+Debian Security Advisory DSA-2264-1 security at debian.org
http://www.debian.org/security/ dann frazier
-June XX, 2011 http://www.debian.org/security/faq
+June 18, 2011 http://www.debian.org/security/faq
-------------------------------------------------------------------------
Package : linux-2.6
@@ -175,9 +175,9 @@
CVE-2011-1493
- Dan Rosenburg reported two issues in the Linux implementation of the Amateur
- Radio X.25 PLP (Rose) protocol. A remote user can cause a denial of service
- by providing specially crafted facilities fields.
+ Dan Rosenburg reported two issues in the Linux implementation of the
+ Amateur Radio X.25 PLP (Rose) protocol. A remote user can cause a denial of
+ service by providing specially crafted facilities fields.
CVE-2011-1577
@@ -206,10 +206,10 @@
CVE-2011-1746
Vasiliy Kulikov reported an issue in the Linux support for AGP devices.
- Local users can obtain elevated privileges or cause a denial of service due
- to missing bounds checking in the agp_allocate_memory and
- agp_create_user_memory. On default Debian installations, this is exploitable
- only by users in the video group.
+ Local users can obtain elevated privileges or cause a denial of service
+ due to missing bounds checking in the agp_allocate_memory and
+ agp_create_user_memory. On default Debian installations, this is
+ exploitable only by users in the video group.
CVE-2011-1748
@@ -226,8 +226,8 @@
CVE-2011-1767
Alexecy Dobriyan reported an issue in the GRE over IP implementation.
- Remote users can cause a denial of service by sending a packet during module
- initialization.
+ Remote users can cause a denial of service by sending a packet during
+ module initialization.
CVE-2011-1768
@@ -239,8 +239,8 @@
Timo Warns reported an issue in the Linux implementation for GUID
partitions. Users with physical access can gain access to sensitive kernel
- memory by adding a storage device with a specially crafted corrupted invalid
- partition table.
+ memory by adding a storage device with a specially crafted corrupted
+ invalid partition table.
CVE-2011-2022
@@ -254,8 +254,9 @@
Ben Hutchings reported an issue with the fix for CVE-2011-1017 (see above)
that made it insufficient to resolve the issue.
-For the stable distribution (lenny), this problem has been fixed in
-version 2.6.26-26lenny2.
+For the oldstable distribution (lenny), this problem has been fixed in
+version 2.6.26-26lenny3. Updates for arm and hppa are not yet available,
+but will be released as soon as possible.
The following matrix lists additional source packages that were rebuilt for
compatibility with or to take advantage of this update:
@@ -264,9 +265,15 @@
user-mode-linux 2.6.26-1um-2+26lenny3
We recommend that you upgrade your linux-2.6 and user-mode-linux packages.
+These updates will not become active until after your system is rebooted.
-Note that these updates will not become active until after your system is
-rebooted.
+Note: Debian carefully tracks all known security issues across every
+linux kernel package in all releases under active security support.
+However, given the high frequency at which low-severity security
+issues are discovered in the kernel and the resource requirements of
+doing an update, updates for lower priority issues will normally not
+be released for all kernels at the same time. Rather, they will be
+released in a staggered or "leap-frog" fashion.
Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
More information about the kernel-sec-discuss
mailing list