[kernel] r5222 - in
dists/sarge-security/kernel-2.4/source/kernel-source-2.4.27-2.4.27/debian:
. patches/series
Dann Frazier
dannf at costa.debian.org
Wed Jan 4 06:53:18 UTC 2006
Author: dannf
Date: Wed Jan 4 06:53:14 2006
New Revision: 5222
Modified:
dists/sarge-security/kernel-2.4/source/kernel-source-2.4.27-2.4.27/debian/changelog
dists/sarge-security/kernel-2.4/source/kernel-source-2.4.27-2.4.27/debian/patches/series/2.4.27-10sarge2
Log:
* [SECURITY] Fix a potential local root exploit in the
/proc/sys/net/ipv4/conf interface. See CVE-2005-2709
196_sysctl-unregistration-oops.diff
****CHANGES ABI****
setkeys-needs-root-1.diff, setkeys-needs-root-2.
* 150_private_fragment_queues-1.diff, 150_private_fragment_queues-2.diff:
Keep fragment queues private to each user. See CAN-2005-0449 and
http://oss.sgi.com/archives/netdev/2005-01/msg01048.html
Modified: dists/sarge-security/kernel-2.4/source/kernel-source-2.4.27-2.4.27/debian/changelog
==============================================================================
--- dists/sarge-security/kernel-2.4/source/kernel-source-2.4.27-2.4.27/debian/changelog (original)
+++ dists/sarge-security/kernel-2.4/source/kernel-source-2.4.27-2.4.27/debian/changelog Wed Jan 4 06:53:14 2006
@@ -55,16 +55,20 @@
* [SECURITY] Fix infinite loop in udp_v6_get_port(). See CVE-2005-2973
195_net-ipv6-udp_v6_get_port-loop.diff
- # DISABLED DUE TO ABI CHANGE
- # * [SECURITY] Fix a potential local root exploit in the
- # /proc/sys/net/ipv4/conf interface. See CVE-2005-2709
- # 196_sysctl-unregistration-oops.diff
+ * [SECURITY] Fix a potential local root exploit in the
+ /proc/sys/net/ipv4/conf interface. See CVE-2005-2709
+ 196_sysctl-unregistration-oops.diff
+ ****CHANGES ABI****
* [SECURITY] Require root privilege to write the current
function key string entry of other user's terminals.
See CVE-2005-3257
- setkeys-needs-root-1.diff, setkeys-needs-root-2.diff:
+ setkeys-needs-root-1.diff, setkeys-needs-root-2.
+ * 150_private_fragment_queues-1.diff, 150_private_fragment_queues-2.diff:
+ Keep fragment queues private to each user. See CAN-2005-0449 and
+ http://oss.sgi.com/archives/netdev/2005-01/msg01048.html
+
-- Simon Horman <horms at verge.net.au> Tue, 20 Dec 2005 11:05:02 +0900
kernel-source-2.4.27 (2.4.27-10sarge1) stable-security; urgency=high
Modified: dists/sarge-security/kernel-2.4/source/kernel-source-2.4.27-2.4.27/debian/patches/series/2.4.27-10sarge2
==============================================================================
--- dists/sarge-security/kernel-2.4/source/kernel-source-2.4.27-2.4.27/debian/patches/series/2.4.27-10sarge2 (original)
+++ dists/sarge-security/kernel-2.4/source/kernel-source-2.4.27-2.4.27/debian/patches/series/2.4.27-10sarge2 Wed Jan 4 06:53:14 2006
@@ -6,7 +6,9 @@
+ 192_orinoco-info-leak.diff
+ 194_xfs-inode-race.diff
+ 195_net-ipv6-udp_v6_get_port-loop.diff
-# ABI CHANGE 196_sysctl-unregistration-oops.diff
++ 196_sysctl-unregistration-oops.diff
+ 197_setkeys-needs-root-1.diff
+ 197_setkeys-needs-root-2.diff
+ 198_fs-lock-lease-log-spam.diff
++ 150_private_fragment_queues-1.diff
++ 150_private_fragment_queues-2.diff
More information about the Kernel-svn-changes
mailing list