[kernel] r6788 - patch-tracking/dsa-texts

Micah Anderson micah at costa.debian.org
Sat Jun 10 14:44:23 UTC 2006 

Author: micah
Date: Sat Jun 10 14:44:22 2006
New Revision: 6788

Modified:
   patch-tracking/dsa-texts/2.4.27-sarge3
   patch-tracking/dsa-texts/2.6.8-sarge3

Log:
small updates


Modified: patch-tracking/dsa-texts/2.4.27-sarge3
==============================================================================
--- patch-tracking/dsa-texts/2.4.27-sarge3	(original)
+++ patch-tracking/dsa-texts/2.4.27-sarge3	Sat Jun 10 14:44:22 2006
@@ -32,14 +32,14 @@
 CVE-2006-0039
 
     "Solar Designer" discovered a race condition in netfilter's
-    do_add_counters() function, which allows information disclosure of kernel
-    memory by exploiting a race condition. Likewise, it requires CAP_NET_ADMIN
-    privileges. 
+    do_add_counters() function, which allows information disclosure of
+    kernel memory by exploiting a race condition. Like CVE-2006-0038,
+    it requires CAP_NET_ADMIN privileges.
 
 CVE-2006-0741
 
     Intel EM64T systems were discovered to be susceptible to a local
-    DoS due to an endless recursive fault related to a bad elf entry
+    DoS due to an endless recursive fault related to a bad ELF entry
     address.
 
 CVE-2006-0742
@@ -125,13 +125,15 @@
 
 CVE-2006-2272
 
-    The "Mu security team" discovered that fragmented SCTP control chunks can
-    trigger kernel panics, which allows denial of service.
+    The "Mu security team" discovered that fragmented SCTP control
+    chunks can trigger kernel panics, which allows for denial of
+    service attacks.
 
 CVE-2006-2274
 
-    It was discovered that SCTP packets with two initial bundled data packets
-    can lead to infinite recursion, which allows denial of service.
+    It was discovered that SCTP packets with two initial bundled data
+    packets can lead to infinite recursion, which allows for denial of
+    service attacks.
 
 
 

Modified: patch-tracking/dsa-texts/2.6.8-sarge3
==============================================================================
--- patch-tracking/dsa-texts/2.6.8-sarge3	(original)
+++ patch-tracking/dsa-texts/2.6.8-sarge3	Sat Jun 10 14:44:22 2006
@@ -175,13 +175,15 @@
 
 CVE-2006-2272
 
-    The "Mu security team" discovered that fragmented SCTP control chunks can
-    trigger kernel panics, which allows denial of service.
+    The "Mu security team" discovered that fragmented SCTP control
+    chunks can trigger kernel panics, which allows for denial of
+    service attacks.
 
 CVE-2006-2274
 
-    It was discovered that SCTP packets with two initial bundled data packets
-    can lead to infinite recursion, which allows denial of service.
+    It was discovered that SCTP packets with two initial bundled data
+    packets can lead to infinite recursion, which allows for denial of
+    service attacks.

More information about the Kernel-svn-changes mailing list