r4148 - in dists/sarge-security/kernel/source/kernel-source-2.6.8-2.6.8/debian: . patches patches/series

Simon Horman horms at costa.debian.org
Fri Sep 9 02:55:56 UTC 2005 

Author: horms
Date: 2005-09-09 02:55:55 +0000 (Fri, 09 Sep 2005)
New Revision: 4148

Added:
   dists/sarge-security/kernel/source/kernel-source-2.6.8-2.6.8/debian/patches/fix-dst-leak-in-icmp_push_reply.dpatch
   dists/sarge-security/kernel/source/kernel-source-2.6.8-2.6.8/debian/patches/fix-memory-leak-in-sg.c-seq_file.dpatch
   dists/sarge-security/kernel/source/kernel-source-2.6.8-2.6.8/debian/patches/ipv6-skb-leak.dpatch
   dists/sarge-security/kernel/source/kernel-source-2.6.8-2.6.8/debian/patches/nptl-signal-delivery-deadlock-fix.dpatch
Modified:
   dists/sarge-security/kernel/source/kernel-source-2.6.8-2.6.8/debian/changelog
   dists/sarge-security/kernel/source/kernel-source-2.6.8-2.6.8/debian/patches/series/2.6.8-16sarge2
Log:
* Fix security annotations

  * fix-dst-leak-in-icmp_push_reply.dpatch
    [SECURITY] Fix DST leak in icmp_push_reply(). Possible remote DoS?
    From 2.6.12.6

  * nptl-signal-delivery-deadlock-fix.dpatch
    [SECURITY] NPTL signal delivery deadlock fix; Possible local DoS?
    Backported From 2.6.12.6

  * fix-memory-leak-in-sg.c-seq_file.dpatch
    [SECURITY] fix a memory leak in devices seq_file implementation;
    local DoS. From 2.6.12.6
    See CAN-2005-2800

  * ipv6-skb-leak.dpatch
    [SECURITY] Fix SKB leak in ip6_input_finish(); local DoS.
    From 2.6.12.6


Modified: dists/sarge-security/kernel/source/kernel-source-2.6.8-2.6.8/debian/changelog
===================================================================
--- dists/sarge-security/kernel/source/kernel-source-2.6.8-2.6.8/debian/changelog	2005-09-09 02:42:15 UTC (rev 4147)
+++ dists/sarge-security/kernel/source/kernel-source-2.6.8-2.6.8/debian/changelog	2005-09-09 02:55:55 UTC (rev 4148)
@@ -2,18 +2,18 @@
 
   [ Simon Horman ]
   * net-sockglue-cap.dpatch
-    [Security] Restrict socket policy loading to CAP_NET_ADMIN.
+    [SECURITY] Restrict socket policy loading to CAP_NET_ADMIN.
     See CAN-2005-2555.
 
   * zisofs.diff
-    [Security] Check input buffer size in zisofs
+    [SECURITY] Check input buffer size in zisofs
     From 2.6.12.5
     Omitted from the previous release, as I wasn't sure that it
     was a security bug. But now it has a CAN number, so its in.
     See CAN-2005-2457
 
   * zlib-revert-broken-change.dpatch
-    [Security] Revert huft_build() function fix
+    [SECURITY] Revert huft_build() function fix
     From 2.6.12.6
     See CAN-2005-2459
 
@@ -30,8 +30,25 @@
     this should be net-bridge-forwarding-poison-1.dpatch and
     net-bridge-forwarding-poison-2.dpatch
 
- -- Simon Horman <horms at debian.org>  Fri,  9 Sep 2005 11:14:16 +0900
+  * fix-dst-leak-in-icmp_push_reply.dpatch
+    [SECURITY] Fix DST leak in icmp_push_reply(). Possible remote DoS?
+    From 2.6.12.6
 
+  * nptl-signal-delivery-deadlock-fix.dpatch
+    [SECURITY] NPTL signal delivery deadlock fix; Possible local DoS?
+    Backported From 2.6.12.6
+
+  * fix-memory-leak-in-sg.c-seq_file.dpatch
+    [SECURITY] fix a memory leak in devices seq_file implementation;
+    local DoS. From 2.6.12.6
+    See CAN-2005-2800
+
+  * ipv6-skb-leak.dpatch
+    [SECURITY] Fix SKB leak in ip6_input_finish(); local DoS.
+    From 2.6.12.6
+
+ -- Simon Horman <horms at debian.org>  Fri,  9 Sep 2005 11:49:25 +0900
+
 kernel-source-2.6.8 (2.6.8-16sarge1) stable-security; urgency=high
 
   [ Dann Frazier ]

Copied: dists/sarge-security/kernel/source/kernel-source-2.6.8-2.6.8/debian/patches/fix-dst-leak-in-icmp_push_reply.dpatch (from rev 4147, dists/sarge/kernel/source/kernel-source-2.6.8-2.6.8/debian/patches/fix-dst-leak-in-icmp_push_reply.dpatch)

Copied: dists/sarge-security/kernel/source/kernel-source-2.6.8-2.6.8/debian/patches/fix-memory-leak-in-sg.c-seq_file.dpatch (from rev 4147, dists/sarge/kernel/source/kernel-source-2.6.8-2.6.8/debian/patches/fix-memory-leak-in-sg.c-seq_file.dpatch)

Copied: dists/sarge-security/kernel/source/kernel-source-2.6.8-2.6.8/debian/patches/ipv6-skb-leak.dpatch (from rev 4147, dists/sarge/kernel/source/kernel-source-2.6.8-2.6.8/debian/patches/ipv6-skb-leak.dpatch)

Copied: dists/sarge-security/kernel/source/kernel-source-2.6.8-2.6.8/debian/patches/nptl-signal-delivery-deadlock-fix.dpatch (from rev 4147, dists/sarge/kernel/source/kernel-source-2.6.8-2.6.8/debian/patches/nptl-signal-delivery-deadlock-fix.dpatch)

Modified: dists/sarge-security/kernel/source/kernel-source-2.6.8-2.6.8/debian/patches/series/2.6.8-16sarge2
===================================================================
--- dists/sarge-security/kernel/source/kernel-source-2.6.8-2.6.8/debian/patches/series/2.6.8-16sarge2	2005-09-09 02:42:15 UTC (rev 4147)
+++ dists/sarge-security/kernel/source/kernel-source-2.6.8-2.6.8/debian/patches/series/2.6.8-16sarge2	2005-09-09 02:55:55 UTC (rev 4148)
@@ -1,3 +1,7 @@
 + net-sockglue-cap.dpatch
 + zisofs.diff
 + zlib-revert-broken-change.dpatch
++ fix-dst-leak-in-icmp_push_reply.dpatch
++ nptl-signal-delivery-deadlock-fix.dpatch
++ fix-memory-leak-in-sg.c-seq_file.dpatch
++ ipv6-skb-leak.dpatch

More information about the Kernel-svn-changes mailing list