[kernel] r6604 - in dists/sarge-security/kernel-2.4/source/kernel-source-2.4.27-2.4.27/debian: patches patches/series

Dann Frazier dannf at costa.debian.org
Thu May 18 23:22:48 UTC 2006


Author: dannf
Date: Thu May 18 23:22:47 2006
New Revision: 6604

Added:
   dists/sarge-security/kernel-2.4/source/kernel-source-2.4.27-2.4.27/debian/patches/209_sctp-discard-unexpected-in-closed.diff
      - copied unchanged from r6602, /dists/sarge-security/kernel/source/kernel-source-2.6.8-2.6.8/debian/patches/sctp-discard-unexpected-in-closed.dpatch
Modified:
   dists/sarge-security/kernel-2.4/source/kernel-source-2.4.27-2.4.27/debian/changelog
   dists/sarge-security/kernel-2.4/source/kernel-source-2.4.27-2.4.27/debian/patches/series/2.4.27-10sarge3

Log:
* 209_sctp-discard-unexpected-in-closed.diff
  [SECURITY] Fix remote DoS in SCTP code by discarding unexpected chunks
  received in CLOSED state instead of calling BUG()
  See CVE-2006-2271

Modified: dists/sarge-security/kernel-2.4/source/kernel-source-2.4.27-2.4.27/debian/changelog
==============================================================================
--- dists/sarge-security/kernel-2.4/source/kernel-source-2.4.27-2.4.27/debian/changelog	(original)
+++ dists/sarge-security/kernel-2.4/source/kernel-source-2.4.27-2.4.27/debian/changelog	Thu May 18 23:22:47 2006
@@ -8,6 +8,10 @@
     [SECURITY][ia64] Fix a potential local DoS on ia64 systems caused by
     an incorrect 'noreturn' attribute on die_if_kernel()
     See CVE-2006-0742
+  * 209_sctp-discard-unexpected-in-closed.diff
+    [SECURITY] Fix remote DoS in SCTP code by discarding unexpected chunks
+    received in CLOSED state instead of calling BUG()
+    See CVE-2006-2271
 
  -- dann frazier <dannf at debian.org>  Thu, 18 May 2006 18:19:54 -0500
 

Modified: dists/sarge-security/kernel-2.4/source/kernel-source-2.4.27-2.4.27/debian/patches/series/2.4.27-10sarge3
==============================================================================
--- dists/sarge-security/kernel-2.4/source/kernel-source-2.4.27-2.4.27/debian/patches/series/2.4.27-10sarge3	(original)
+++ dists/sarge-security/kernel-2.4/source/kernel-source-2.4.27-2.4.27/debian/patches/series/2.4.27-10sarge3	Thu May 18 23:22:47 2006
@@ -1,2 +1,3 @@
 + 207_smbfs-chroot-escape.diff
 + 208_ia64-die_if_kernel-returns.diff
++ 209_sctp-discard-unexpected-in-closed.diff



More information about the Kernel-svn-changes mailing list