r2800 - trunk/kernel-2.4/source/kernel-source-2.4.27-2.4.27/debian
Simon Horman
horms@costa.debian.org
Wed, 23 Mar 2005 09:05:25 +0100
Author: horms
Date: 2005-03-23 09:05:24 +0100 (Wed, 23 Mar 2005)
New Revision: 2800
Modified:
trunk/kernel-2.4/source/kernel-source-2.4.27-2.4.27/debian/changelog
Log:
CAN-2004-1191 annotation
Modified: trunk/kernel-2.4/source/kernel-source-2.4.27-2.4.27/debian/changelog
===================================================================
--- trunk/kernel-2.4/source/kernel-source-2.4.27-2.4.27/debian/changelog 2005-03-23 07:32:38 UTC (rev 2799)
+++ trunk/kernel-2.4/source/kernel-source-2.4.27-2.4.27/debian/changelog 2005-03-23 08:05:24 UTC (rev 2800)
@@ -83,11 +83,18 @@
(closes: #296906) (Simon Horman)
* 153_ppp_async_dos.diff:
- [SECURITY] mote Linux DoS on ppp servers. See: CAN-2005-0384
+ [SECURITY] remote Linux DoS on ppp servers. See: CAN-2005-0384
(Simon Horman)
- -- Simon Horman <horms@debian.org> Wed, 23 Mar 2005 13:51:59 +0900
+ * 111-smb-client-overflow-fix-2.diff, 111-smb-client-overflow-fix-1.diff:
+ [SECURITY] The above patches, included in 2.4.27-6 resolve:
+ local information leak caused by race in SMP systems with
+ more than 4GB of memory. remote information leak cansed by
+ handling of TRANS2 packets handling in smbfs. See CAN-2004-1191.
+ (see: #300163) (Simon Horman)
+ -- Simon Horman <horms@debian.org> Wed, 23 Mar 2005 16:41:08 +0900
+
kernel-source-2.4.27 (2.4.27-8) unstable; urgency=high
* add dh_fixperms to the build targets to kernel-patch-debian-2.4.27