[kernel] r5219 - in dists/sarge-security/kernel/source/kernel-source-2.6.8-2.6.8/debian: . patches/series

Dann Frazier dannf at costa.debian.org
Wed Jan 4 06:41:30 UTC 2006 

Author: dannf
Date: Wed Jan  4 06:41:26 2006
New Revision: 5219

Modified:
   dists/sarge-security/kernel/source/kernel-source-2.6.8-2.6.8/debian/changelog
   dists/sarge-security/kernel/source/kernel-source-2.6.8-2.6.8/debian/patches/series/2.6.8-16sarge2
Log:
* sysctl-unregistration-oops.dpatch
  [SECURITY] Fix a potential local root exploit in the
  /proc/sys/net/ipv4/conf interface.  See CVE-2005-2709
  ****CHANGES ABI****
* ipv4-fragment-queues-2.1.dpatch, ipv4-fragment-queues-3.dpatch,
  ipv4-fragment-queues-4.dpatch:
  [SECURITY] Re-apply the -3 and -4 patches, which were dropped in 2.6.8-15
  to avoid an ABI change.  Unapply the -2.1 patch which is superseded by -3.
  See CVE-2005-0449
  ****CHANGES ABI****

Modified: dists/sarge-security/kernel/source/kernel-source-2.6.8-2.6.8/debian/changelog
==============================================================================
--- dists/sarge-security/kernel/source/kernel-source-2.6.8-2.6.8/debian/changelog	(original)
+++ dists/sarge-security/kernel/source/kernel-source-2.6.8-2.6.8/debian/changelog	Wed Jan  4 06:41:26 2006
@@ -101,17 +101,24 @@
   * net-ipv6-udp_v6_get_port-loop.dpatch
     [SECURITY] Fix infinite loop in udp_v6_get_port().  See CVE-2005-2973
 
-  # DISABLED DUE TO ABI CHANGE
-  # * sysctl-unregistration-oops.dpatch
-  #   [SECURITY] Fix a potential local root exploit in the
-  #   /proc/sys/net/ipv4/conf interface.  See CVE-2005-2709
+  * sysctl-unregistration-oops.dpatch
+    [SECURITY] Fix a potential local root exploit in the
+    /proc/sys/net/ipv4/conf interface.  See CVE-2005-2709
+    ****CHANGES ABI****
 
   * setkeys-needs-root-1.dpatch, setkeys-needs-root-2.dpatch:
     [SECURITY] Require root privilege to write the current
     function key string entry of other user's terminals.
     See CVE-2005-3257
 
- -- Simon Horman <horms at verge.net.au>  Tue, 20 Dec 2005 11:42:14 +0900
+  * ipv4-fragment-queues-2.1.dpatch, ipv4-fragment-queues-3.dpatch,
+    ipv4-fragment-queues-4.dpatch:
+    [SECURITY] Re-apply the -3 and -4 patches, which were dropped in 2.6.8-15
+    to avoid an ABI change.  Unapply the -2.1 patch which is superseded by -3.
+    See CVE-2005-0449
+    ****CHANGES ABI****
+
+ -- dann frazier <dannf at debian.org>  Tue,  3 Jan 2006 23:36:41 -0700
 
 kernel-source-2.6.8 (2.6.8-16sarge1) stable-security; urgency=high
 

Modified: dists/sarge-security/kernel/source/kernel-source-2.6.8-2.6.8/debian/patches/series/2.6.8-16sarge2
==============================================================================
--- dists/sarge-security/kernel/source/kernel-source-2.6.8-2.6.8/debian/patches/series/2.6.8-16sarge2	(original)
+++ dists/sarge-security/kernel/source/kernel-source-2.6.8-2.6.8/debian/patches/series/2.6.8-16sarge2	Wed Jan  4 06:41:26 2006
@@ -12,7 +12,10 @@
 + orinoco-info-leak.dpatch
 + plug-names_cache-memleak.dpatch
 + net-ipv6-udp_v6_get_port-loop.dpatch
-# ABI CHANGE sysctl-unregistration-oops.dpatch
++ sysctl-unregistration-oops.dpatch
 + setkeys-needs-root-1.dpatch
 + setkeys-needs-root-2.dpatch
 + fs-lock-lease-log-spam.dpatch
+- ipv4-fragment-queues-2.1.dpatch
++ ipv4-fragment-queues-3.dpatch
++ ipv4-fragment-queues-4.dpatch

More information about the Kernel-svn-changes mailing list