[kernel] r5054 -
dists/sarge-security/kernel-2.4/source/kernel-source-2.4.27-2.4.27/debian
Simon Horman
horms at costa.debian.org
Tue Dec 20 02:33:54 UTC 2005
Author: horms
Date: Tue Dec 20 02:33:51 2005
New Revision: 5054
Modified:
dists/sarge-security/kernel-2.4/source/kernel-source-2.4.27-2.4.27/debian/changelog
Log:
Revamped changelog
Modified: dists/sarge-security/kernel-2.4/source/kernel-source-2.4.27-2.4.27/debian/changelog
==============================================================================
--- dists/sarge-security/kernel-2.4/source/kernel-source-2.4.27-2.4.27/debian/changelog (original)
+++ dists/sarge-security/kernel-2.4/source/kernel-source-2.4.27-2.4.27/debian/changelog Tue Dec 20 02:33:51 2005
@@ -1,30 +1,34 @@
kernel-source-2.4.27 (2.4.27-10sarge2) UNRELEASED; urgency=low
[ Simon Horman ]
- * 185_net-sockglue-cap.diff
- [Security] Restrict socket policy loading to CAP_NET_ADMIN.
- See CAN-2005-2555.
- * 187_zisofs-2.diff
- [Security] Check input buffer size in zisofs
+ * Errata for 2.4.27-10sarge1
+ - [SECURITY] Xattr sharing bug. See CAN-2005-2801
+ 178_fs_ext2_ext3_xattr-sharing.diff, included in 2.4.27-10sarge1
+ - [SECURITY] Fixes remote DoS when using ipt_recent on a 64 bit machine.
+ See CAN-2005-2872 (See: #322237)
+ 179_net-ipv4-netfilter-ip_recent-last_pkts.diff, included in
+ 2.4.27-10sarge1
+ - [SECURITY] x86_64: 32 bit ltrace oops when tracing 64 bit executable
+ http://lkml.org/lkml/2005/1/5/245
+ http://linux.bkbits.net:8080/linux-2.4/cset@41dd3455GwQPufrGvBJjcUOXQa3WXA
+ 184_arch-x86_64-ia32-ptrace32-oops.diff, included in 2.4.27-10sarge1
+
+ * [Security] Restrict socket policy loading to CAP_NET_ADMIN.
+ See CAN-2005-2555.
+ 185_net-sockglue-cap.diff
+
+ * [Security] Check input buffer size in zisofs
From 2.6.12.5
Omitted from the previous release, as I wasn't sure that it was a
security bug. But now it has a CAN number, so its in.
See CAN-2005-2457
+ 187_zisofs-2.diff
- * 186_zlib-revert-broken-change.diff
- [Security] Revert huft_build() function fix
+ * [Security] Revert huft_build() function fix
From 2.6.12.6
See CAN-2005-2459
-
- * 178_fs_ext2_ext3_xattr-sharing.diff
- Included in 2.4.27-10sarge1 is CAN-2005-2801
-
- * 179_net-ipv4-netfilter-ip_recent-last_pkts.diff
- Included in 2.4.27-10sarge1 is CAN-2005-2872
-
- * 184_arch-x86_64-ia32-ptrace32-oops.diff
- Included in 2.4.27-10sarge1 is CAN-2005-2553
+ 186_zlib-revert-broken-change.diff
* [SECURITY] IPV4: Fix DST leak in icmp_push_reply(). Remote DoS.
See CVE-2005-3848.
@@ -34,32 +38,32 @@
See CVE-2005-3858.
189_ipv6-skb-leak.diff
- * 192_orinoco-info-leak.diff
- [SECURITY] orinoco: Information leakage due to incorrect padding
+ * [SECURITY] orinoco: Information leakage due to incorrect padding
See CAN-2005-3180
From 2.6.13.4
+ 192_orinoco-info-leak.diff
- * 194_xfs-inode-race.diff
- [SECURITY] XFS: Handle inode creation race
- CAN-NOMATCH
- Links in Patch file
+ * [SECURITY] XFS: Handle inode creation race
+ CAN-NOMATCH
+ Links in Patch file
+ 194_xfs-inode-race.diff
- * 198_fs-lock-lease-log-spam.diff
- [SECURITY] VFS: local denial-of-service with file leases. See CVE-2005-3857
+ * [SECURITY] VFS: local denial-of-service with file leases. See CVE-2005-3857
+ 198_fs-lock-lease-log-spam.diff
[ dann frazier ]
- * 195_net-ipv6-udp_v6_get_port-loop.diff
- [SECURITY] Fix infinite loop in udp_v6_get_port(). See CVE-2005-2973
+ * [SECURITY] Fix infinite loop in udp_v6_get_port(). See CVE-2005-2973
+ 195_net-ipv6-udp_v6_get_port-loop.diff
# DISABLED DUE TO ABI CHANGE
- # * 196_sysctl-unregistration-oops.patch
- # [SECURITY] Fix a potential local root exploit in the
- # /proc/sys/net/ipv4/conf interface. See CVE-2005-2709
+ # * [SECURITY] Fix a potential local root exploit in the
+ # /proc/sys/net/ipv4/conf interface. See CVE-2005-2709
+ # 196_sysctl-unregistration-oops.patch
- * setkeys-needs-root-1.diff, setkeys-needs-root-2.diff:
- [SECURITY] Require root privilege to write the current
+ * [SECURITY] Require root privilege to write the current
function key string entry of other user's terminals.
See CVE-2005-3257
+ setkeys-needs-root-1.diff, setkeys-needs-root-2.diff:
-- Simon Horman <horms at verge.net.au> Tue, 20 Dec 2005 11:05:02 +0900
More information about the Kernel-svn-changes
mailing list