[kernel] r5831 - patch-tracking/dsa-texts
Moritz Muehlenhoff
jmm-guest at costa.debian.org
Sun Feb 12 13:11:31 UTC 2006
Author: jmm-guest
Date: Sun Feb 12 13:11:29 2006
New Revision: 5831
Added:
patch-tracking/dsa-texts/2.4.27-sarge2
Modified:
patch-tracking/dsa-texts/2.6.8-sarge2
Log:
2.6.8 DSA text almost ready
started 2.4.27
Added: patch-tracking/dsa-texts/2.4.27-sarge2
==============================================================================
--- (empty file)
+++ patch-tracking/dsa-texts/2.4.27-sarge2 Sun Feb 12 13:11:29 2006
@@ -0,0 +1,154 @@
+Subject: New Linux kernel 2.4.27 packages fix several issues
+
+--------------------------------------------------------------------------
+Debian Security Advisory DSA XXX-1 security at debian.org
+http://www.debian.org/security/ Dann Frazier, Simon Horman
+XXXXX 8th, 2005 http://www.debian.org/security/faq
+--------------------------------------------------------------------------
+
+Package : kernel-source-2.4.27
+Vulnerability : several
+Problem-Type : local/remote
+Debian-specific: no
+CVE IDs :
+Debian Bug :
+
+Several local and remote vulnerabilities have been discovered in the Linux
+kernel that may lead to a denial of service or the execution of arbitrary
+code. The Common Vulnerabilities and Exposures project identifies the
+following problems:
+
+CVE-2004-0887
+
+ foo
+
+CVE-2004-1058
+
+ foo
+
+CVE-2004-2607
+
+ foo
+
+CVE-2005-0449
+
+ An error in the skb_checksum_help() function from the netfilter framework
+ has been discovered that allows the bypass of packet filter rules or
+ a denial of service attack.
+
+CVE-2005-1761
+
+ foo
+
+CVE-2005-2457
+
+ Tim Yamin discovered that insufficient input validation in the zisofs driver
+ for compressed ISO file systems allows a denial of service attack through
+ crafted ISO images.
+
+CVE-2005-2555
+
+ Herbert Xu discovered that the setsockopt() function was not restricted to
+ users/processes with the CAP_NET_ADMIN capability. This allows attackers to
+ manipulate IPSEC policies or initiate a denial of service attack.
+
+CVE-2005-2709
+
+ Al Viro discovered a race condition in the /proc handling of network devices.
+ A (local) attacker could exploit the stale reference after interface shutdown
+ to cause a denial of service or possibly execute code in kernel mode.
+
+CVE-2005-2973
+
+ Tetsuo Handa discovered that the udp_v6_get_port() function from the IPv6 code
+ can be forced into an endless loop, which allows a denial of service attack.
+
+CVE-2005-3257
+
+ Rudolf Polzer discovered that the kernel improperly restricts access to the
+ KDSKBSENT ioctl, which can possibly lead to privilege escalation.
+
+CVE-2005-3783
+
+ The ptrace code using CLONE_THREAD didn't use the thread group ID to
+ determine whether the caller is attaching to itself, which allows a denial
+ of service attack.
+
+CVE-2005-3806
+
+ Yen Zheng discovered that the IPv6 flow label code modified an incorrect variable,
+ which could lead to memory corruption and denial of service.
+
+CVE-2005-3848
+
+ Ollie Wild discovered a memory leak in the icmp_push_reply() function, which
+ allows denial of service through memory consumption.
+
+CVE-2005-3857
+
+ Chris Wright discovered that excessive allocation of broken file lock leases
+ in the VFS layer can exhause memory and fill up the system logging, which allows
+ denial of service.
+
+CVE-2005-3858
+
+ Patrick McHardy discovered a memory leak in the ip6_input_finish() function from
+ the IPv6 code, which allows denial of service.
+
+CVE-2005-4618
+
+ Yi Ying discovered that sysctl does inproperly enforce the size of a buffer, which
+ allows a denial of service attack.
+
+The following matrix explains which kernel version for which architecture
+fix the problems mentioned above:
+
+ Debian 3.1 (sarge)
+ Source 2.4.27-10sarge2
+ Alpha architecture 2.4.27-10sarge2
+ ARM architecture 2.4.27-2sarge2
+ Intel IA-32 architecture 2.4.27-10sarge2
+ Intel IA-64 architecture 2.4.27-10sarge2
+ Motorola 680x0 architecture 2.4.27-3sarge2
+ Big endian MIPS architecture 2.4.27-10.sarge1.040815-2
+ Little endian MIPS architecture 2.4.27-10.sarge1.040815-2
+ PowerPC architecture 2.4.27-10sarge2
+ IBM S/390 architecture 2.4.27-2sarge2
+ Sun Sparc architecture 2.4.27-9sarge2
+
+
+We recommend that you upgrade your kernel package immediately and reboot
+the machine.
+
+Upgrade Instructions
+--------------------
+
+wget url
+ will fetch the file for you
+dpkg -i file.deb
+ will install the referenced file.
+
+If you are using the apt-get package manager, use the line for
+sources.list as given below:
+
+apt-get update
+ will update the internal database
+apt-get upgrade
+ will install corrected packages
+
+You may use an automated update by adding the resources from the
+footer to the proper configuration.
+
+
+Debian GNU/Linux 3.1 alias sarge
+--------------------------------
+
+
+ These files will probably be moved into the stable distribution on
+ its next update.
+
+---------------------------------------------------------------------------------
+For apt-get: deb http://security.debian.org/ stable/updates main
+For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main
+Mailing list: debian-security-announce at lists.debian.org
+Package info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>
Modified: patch-tracking/dsa-texts/2.6.8-sarge2
==============================================================================
--- patch-tracking/dsa-texts/2.6.8-sarge2 (original)
+++ patch-tracking/dsa-texts/2.6.8-sarge2 Sun Feb 12 13:11:29 2006
@@ -1,8 +1,8 @@
-Subject: New XXXXXXXX packages fix XXXXXXXXXXXXXXXXXXXXXXXXX
+Subject: New Linux kernel 2.6.8 packages fix several issues
--------------------------------------------------------------------------
Debian Security Advisory DSA XXX-1 security at debian.org
-http://www.debian.org/security/ Martin Schulze
+http://www.debian.org/security/ Dann Frazier, Simon Horman
XXXXX 8th, 2005 http://www.debian.org/security/faq
--------------------------------------------------------------------------
@@ -18,7 +18,6 @@
code. The Common Vulnerabilities and Exposures project identifies the
following problems:
-
CVE-2004-1017
Multiple overflows exist in the io_edgeport driver which might be usable
@@ -106,7 +105,9 @@
CVE-2005-3356
- foo
+ Doug Chapman discovered that the mq_open syscall can be tricked into
+ decrementing an internal counter twice, which allows a denial of service attack
+ through a kernel panic.
CVE-2005-3358
@@ -153,38 +154,38 @@
CVE-2005-4605
- foo
+ Karl Janmar discovered that a signedness error in the procfs code can be exploited
+ to read kernel memory, which may disclosure sensitive information.
CVE-2005-4618
- foo
+ Yi Ying discovered that sysctl does inproperly enforce the size of a buffer, which
+ allows a denial of service attack.
CVE-2006-0095
- foo
+ Stefan Rompf discovered that dm_crypt does not clear an internal struct before freeing
+ it, which might disclose sensitive information.
CVE-2006-0096
- foo
+ It was discovered that the SDLA driver did too lax capability checks for firmware
+ upgrades.
CVE-2006-0482
- foo
+ Ludovic Courtes discovered that get_compat_timespec() performs insufficient input
+ sanitising, which allows a local denial of service attack.
ia64-buggy-preempt
- foo
+ It was discovered that ptrace() on the ia64 architecture allows a local denial of
+ service attack, when preemption is enabled.
lost-sockfd
foo
-
-
-
-XXXXXXXXXXXXXXXXXXXXXX
-
-
The following matrix explains which kernel version for which architecture
fix the problems mentioned above:
More information about the Kernel-svn-changes
mailing list