[kernel] r5051 - in
dists/sarge-security/kernel-2.4/source/kernel-source-2.4.27-2.4.27/debian:
. patches patches/series
Simon Horman
horms at costa.debian.org
Tue Dec 20 02:05:52 UTC 2005
Author: horms
Date: Tue Dec 20 02:05:51 2005
New Revision: 5051
Added:
dists/sarge-security/kernel-2.4/source/kernel-source-2.4.27-2.4.27/debian/patches/188_fix-dst-leak-in-icmp_push_reply.diff
- copied unchanged from r5013, dists/trunk/kernel-2.4/source/kernel-source-2.4.27-2.4.27/debian/patches/188_fix-dst-leak-in-icmp_push_reply.diff
dists/sarge-security/kernel-2.4/source/kernel-source-2.4.27-2.4.27/debian/patches/189_ipv6-skb-leak.diff
- copied unchanged from r5013, dists/trunk/kernel-2.4/source/kernel-source-2.4.27-2.4.27/debian/patches/189_ipv6-skb-leak.diff
Modified:
dists/sarge-security/kernel-2.4/source/kernel-source-2.4.27-2.4.27/debian/changelog
dists/sarge-security/kernel-2.4/source/kernel-source-2.4.27-2.4.27/debian/patches/series/2.4.27-10sarge2
Log:
* [SECURITY] IPV4: Fix DST leak in icmp_push_reply(). Remote DoS.
See CVE-2005-3848.
188_fix-dst-leak-in-icmp_push_reply.diff
* [SECURITY] IPV6: Fix SKB leak in ip6_input_finish. Remote DoS.
See CVE-2005-3858.
189_ipv6-skb-leak.diff
Modified: dists/sarge-security/kernel-2.4/source/kernel-source-2.4.27-2.4.27/debian/changelog
==============================================================================
--- dists/sarge-security/kernel-2.4/source/kernel-source-2.4.27-2.4.27/debian/changelog (original)
+++ dists/sarge-security/kernel-2.4/source/kernel-source-2.4.27-2.4.27/debian/changelog Tue Dec 20 02:05:51 2005
@@ -26,6 +26,14 @@
* 184_arch-x86_64-ia32-ptrace32-oops.diff
Included in 2.4.27-10sarge1 is CAN-2005-2553
+ * [SECURITY] IPV4: Fix DST leak in icmp_push_reply(). Remote DoS.
+ See CVE-2005-3848.
+ 188_fix-dst-leak-in-icmp_push_reply.diff
+
+ * [SECURITY] IPV6: Fix SKB leak in ip6_input_finish. Remote DoS.
+ See CVE-2005-3858.
+ 189_ipv6-skb-leak.diff
+
* 192_orinoco-info-leak.diff
[SECURITY] orinoco: Information leakage due to incorrect padding
See CAN-2005-3180
@@ -53,7 +61,7 @@
function key string entry of other user's terminals.
See CVE-2005-3257
- -- Simon Horman <horms at verge.net.au> Mon, 19 Dec 2005 19:08:54 +0900
+ -- Simon Horman <horms at verge.net.au> Tue, 20 Dec 2005 11:05:02 +0900
kernel-source-2.4.27 (2.4.27-10sarge1) stable-security; urgency=high
Modified: dists/sarge-security/kernel-2.4/source/kernel-source-2.4.27-2.4.27/debian/patches/series/2.4.27-10sarge2
==============================================================================
--- dists/sarge-security/kernel-2.4/source/kernel-source-2.4.27-2.4.27/debian/patches/series/2.4.27-10sarge2 (original)
+++ dists/sarge-security/kernel-2.4/source/kernel-source-2.4.27-2.4.27/debian/patches/series/2.4.27-10sarge2 Tue Dec 20 02:05:51 2005
@@ -1,6 +1,8 @@
+ 185_net-sockglue-cap.diff
+ 186_zlib-revert-broken-change.diff
+ 187_zisofs-2.diff
++ 188_fix-dst-leak-in-icmp_push_reply.diff
++ 189_ipv6-skb-leak.diff
+ 192_orinoco-info-leak.diff
+ 194_xfs-inode-race.diff
+ 195_net-ipv6-udp_v6_get_port-loop.diff
More information about the Kernel-svn-changes
mailing list