r4148 - in
dists/sarge-security/kernel/source/kernel-source-2.6.8-2.6.8/debian:
. patches patches/series
Simon Horman
horms at costa.debian.org
Fri Sep 9 02:55:56 UTC 2005
Author: horms
Date: 2005-09-09 02:55:55 +0000 (Fri, 09 Sep 2005)
New Revision: 4148
Added:
dists/sarge-security/kernel/source/kernel-source-2.6.8-2.6.8/debian/patches/fix-dst-leak-in-icmp_push_reply.dpatch
dists/sarge-security/kernel/source/kernel-source-2.6.8-2.6.8/debian/patches/fix-memory-leak-in-sg.c-seq_file.dpatch
dists/sarge-security/kernel/source/kernel-source-2.6.8-2.6.8/debian/patches/ipv6-skb-leak.dpatch
dists/sarge-security/kernel/source/kernel-source-2.6.8-2.6.8/debian/patches/nptl-signal-delivery-deadlock-fix.dpatch
Modified:
dists/sarge-security/kernel/source/kernel-source-2.6.8-2.6.8/debian/changelog
dists/sarge-security/kernel/source/kernel-source-2.6.8-2.6.8/debian/patches/series/2.6.8-16sarge2
Log:
* Fix security annotations
* fix-dst-leak-in-icmp_push_reply.dpatch
[SECURITY] Fix DST leak in icmp_push_reply(). Possible remote DoS?
From 2.6.12.6
* nptl-signal-delivery-deadlock-fix.dpatch
[SECURITY] NPTL signal delivery deadlock fix; Possible local DoS?
Backported From 2.6.12.6
* fix-memory-leak-in-sg.c-seq_file.dpatch
[SECURITY] fix a memory leak in devices seq_file implementation;
local DoS. From 2.6.12.6
See CAN-2005-2800
* ipv6-skb-leak.dpatch
[SECURITY] Fix SKB leak in ip6_input_finish(); local DoS.
From 2.6.12.6
Modified: dists/sarge-security/kernel/source/kernel-source-2.6.8-2.6.8/debian/changelog
===================================================================
--- dists/sarge-security/kernel/source/kernel-source-2.6.8-2.6.8/debian/changelog 2005-09-09 02:42:15 UTC (rev 4147)
+++ dists/sarge-security/kernel/source/kernel-source-2.6.8-2.6.8/debian/changelog 2005-09-09 02:55:55 UTC (rev 4148)
@@ -2,18 +2,18 @@
[ Simon Horman ]
* net-sockglue-cap.dpatch
- [Security] Restrict socket policy loading to CAP_NET_ADMIN.
+ [SECURITY] Restrict socket policy loading to CAP_NET_ADMIN.
See CAN-2005-2555.
* zisofs.diff
- [Security] Check input buffer size in zisofs
+ [SECURITY] Check input buffer size in zisofs
From 2.6.12.5
Omitted from the previous release, as I wasn't sure that it
was a security bug. But now it has a CAN number, so its in.
See CAN-2005-2457
* zlib-revert-broken-change.dpatch
- [Security] Revert huft_build() function fix
+ [SECURITY] Revert huft_build() function fix
From 2.6.12.6
See CAN-2005-2459
@@ -30,8 +30,25 @@
this should be net-bridge-forwarding-poison-1.dpatch and
net-bridge-forwarding-poison-2.dpatch
- -- Simon Horman <horms at debian.org> Fri, 9 Sep 2005 11:14:16 +0900
+ * fix-dst-leak-in-icmp_push_reply.dpatch
+ [SECURITY] Fix DST leak in icmp_push_reply(). Possible remote DoS?
+ From 2.6.12.6
+ * nptl-signal-delivery-deadlock-fix.dpatch
+ [SECURITY] NPTL signal delivery deadlock fix; Possible local DoS?
+ Backported From 2.6.12.6
+
+ * fix-memory-leak-in-sg.c-seq_file.dpatch
+ [SECURITY] fix a memory leak in devices seq_file implementation;
+ local DoS. From 2.6.12.6
+ See CAN-2005-2800
+
+ * ipv6-skb-leak.dpatch
+ [SECURITY] Fix SKB leak in ip6_input_finish(); local DoS.
+ From 2.6.12.6
+
+ -- Simon Horman <horms at debian.org> Fri, 9 Sep 2005 11:49:25 +0900
+
kernel-source-2.6.8 (2.6.8-16sarge1) stable-security; urgency=high
[ Dann Frazier ]
Copied: dists/sarge-security/kernel/source/kernel-source-2.6.8-2.6.8/debian/patches/fix-dst-leak-in-icmp_push_reply.dpatch (from rev 4147, dists/sarge/kernel/source/kernel-source-2.6.8-2.6.8/debian/patches/fix-dst-leak-in-icmp_push_reply.dpatch)
Copied: dists/sarge-security/kernel/source/kernel-source-2.6.8-2.6.8/debian/patches/fix-memory-leak-in-sg.c-seq_file.dpatch (from rev 4147, dists/sarge/kernel/source/kernel-source-2.6.8-2.6.8/debian/patches/fix-memory-leak-in-sg.c-seq_file.dpatch)
Copied: dists/sarge-security/kernel/source/kernel-source-2.6.8-2.6.8/debian/patches/ipv6-skb-leak.dpatch (from rev 4147, dists/sarge/kernel/source/kernel-source-2.6.8-2.6.8/debian/patches/ipv6-skb-leak.dpatch)
Copied: dists/sarge-security/kernel/source/kernel-source-2.6.8-2.6.8/debian/patches/nptl-signal-delivery-deadlock-fix.dpatch (from rev 4147, dists/sarge/kernel/source/kernel-source-2.6.8-2.6.8/debian/patches/nptl-signal-delivery-deadlock-fix.dpatch)
Modified: dists/sarge-security/kernel/source/kernel-source-2.6.8-2.6.8/debian/patches/series/2.6.8-16sarge2
===================================================================
--- dists/sarge-security/kernel/source/kernel-source-2.6.8-2.6.8/debian/patches/series/2.6.8-16sarge2 2005-09-09 02:42:15 UTC (rev 4147)
+++ dists/sarge-security/kernel/source/kernel-source-2.6.8-2.6.8/debian/patches/series/2.6.8-16sarge2 2005-09-09 02:55:55 UTC (rev 4148)
@@ -1,3 +1,7 @@
+ net-sockglue-cap.dpatch
+ zisofs.diff
+ zlib-revert-broken-change.dpatch
++ fix-dst-leak-in-icmp_push_reply.dpatch
++ nptl-signal-delivery-deadlock-fix.dpatch
++ fix-memory-leak-in-sg.c-seq_file.dpatch
++ ipv6-skb-leak.dpatch
More information about the Kernel-svn-changes
mailing list