[kernel-sec-discuss] r2500 - dsa-texts

Micah Anderson micah at alioth.debian.org
Tue Sep 20 15:06:46 UTC 2011 

Author: micah
Date: 2011-09-20 15:06:45 +0000 (Tue, 20 Sep 2011)
New Revision: 2500

Modified:
   dsa-texts/2.6.26-26lenny4
Log:
update dsa text to get rid of asterisks, fix a missing word and format

Modified: dsa-texts/2.6.26-26lenny4
===================================================================
--- dsa-texts/2.6.26-26lenny4	2011-09-20 03:17:05 UTC (rev 2499)
+++ dsa-texts/2.6.26-26lenny4	2011-09-20 15:06:45 UTC (rev 2500)
@@ -18,14 +18,14 @@
 to a privilege escalation, denial of service or information leak.  The Common
 Vulnerabilities and Exposures project identifies the following problems:
 
-[*]CVE-2009-4067
+CVE-2009-4067
 
-    Rafael Dominguez Vega of MWR InfoSecurity reported an issue in auerswald
-    module, a driver for Auerswald PBX/System Telephone USB devices.
-    Attackers with physical access to a system's USB ports could obtain
-    elevated privileges using a specially crafted USB device.
+    Rafael Dominguez Vega of MWR InfoSecurity reported an issue in the auerswald
+    module, a driver for Auerswald PBX/System Telephone USB devices.  Attackers
+    with physical access to a system's USB ports could obtain elevated
+    privileges using a specially crafted USB device.
 
-[*]CVE-2011-0712
+CVE-2011-0712
 
     Rafael Dominguez Vega of MWR InfoSecurity reported an issue in the caiaq
     module, a USB driver for Native Instruments USB audio devices. Attackers
@@ -38,18 +38,18 @@
     users to gain access to sensitive process information after execution of a
     setuid binary.
 
-[*]CVE-2011-2209
+CVE-2011-2209
 
-    Dan Rosenberg discovered an issue in the osf_sysinfo() system call on
-    the alpha architecture. Local users could obtain access to sensitive
-    kernel memory.
+    Dan Rosenberg discovered an issue in the osf_sysinfo() system call on the
+    alpha architecture. Local users could obtain access to sensitive kernel
+    memory.
     
-[*]CVE-2011-2211
+CVE-2011-2211
 
     Dan Rosenberg discovered an issue in the osf_wait4() system call on the
     alpha architecture permitting local users to gain elevated privileges.
 
-[*]CVE-2011-2213
+CVE-2011-2213
 
     Dan Rosenberg discovered an issue in the INET socket monitoring interface.
     Local users could cause a denial of service by injecting code and causing
@@ -116,8 +116,8 @@
 This update also includes a fix for a regression introduced with the previous
 security fix for CVE-2011-1768 (Debian: #633738)
 
-For the oldstable distribution (lenny), this problem has been fixed in
-version 2.6.26-26lenny4.
+For the oldstable distribution (lenny), this problem has been fixed in version
+2.6.26-26lenny4.
 
 The following matrix lists additional source packages that were rebuilt for
 compatibility with or to take advantage of this update:

More information about the kernel-sec-discuss mailing list