[kernel] r6618 - in dists/sarge-security/kernel/source/kernel-source-2.6.8-2.6.8/debian: patches patches/series

Dann Frazier dannf at costa.debian.org
Sat May 20 00:42:32 UTC 2006


Author: dannf
Date: Sat May 20 00:42:31 2006
New Revision: 6618

Added:
   dists/sarge-security/kernel/source/kernel-source-2.6.8-2.6.8/debian/patches/madvise_remove-restrict.dpatch
      - copied unchanged from r6617, /dists/sarge-security/kernel-2.4/source/kernel-source-2.4.27-2.4.27/213_madvise_remove-restrict.diff
Modified:
   dists/sarge-security/kernel/source/kernel-source-2.6.8-2.6.8/debian/changelog
   dists/sarge-security/kernel/source/kernel-source-2.6.8-2.6.8/debian/patches/series/2.6.8-16sarge3

Log:
* madvise_remove-restrict.dpatch
  [SECURITY] Fix vulnerability that allows local users to bypass IPC
  permissions and replace portions of read-only tmpfs files with zeroes.
  See CVE-2006-1524

Modified: dists/sarge-security/kernel/source/kernel-source-2.6.8-2.6.8/debian/changelog
==============================================================================
--- dists/sarge-security/kernel/source/kernel-source-2.6.8-2.6.8/debian/changelog	(original)
+++ dists/sarge-security/kernel/source/kernel-source-2.6.8-2.6.8/debian/changelog	Sat May 20 00:42:31 2006
@@ -51,6 +51,10 @@
   * group_complete_signal-BUG_ON.dpatch
     [SECURITY] Fix improper use of BUG_ON in __group_complete_signal()
     See CVE-2006-1523
+  * madvise_remove-restrict.dpatch
+    [SECURITY] Fix vulnerability that allows local users to bypass IPC
+    permissions and replace portions of read-only tmpfs files with zeroes.
+    See CVE-2006-1524
 
  -- dann frazier <dannf at debian.org>  Fri, 19 May 2006 18:29:35 -0500
 

Modified: dists/sarge-security/kernel/source/kernel-source-2.6.8-2.6.8/debian/patches/series/2.6.8-16sarge3
==============================================================================
--- dists/sarge-security/kernel/source/kernel-source-2.6.8-2.6.8/debian/patches/series/2.6.8-16sarge3	(original)
+++ dists/sarge-security/kernel/source/kernel-source-2.6.8-2.6.8/debian/patches/series/2.6.8-16sarge3	Sat May 20 00:42:31 2006
@@ -12,3 +12,4 @@
 + ipv4-id-no-increment.dpatch
 + usb-gadget-rndis-bufoverflow.dpatch
 + group_complete_signal-BUG_ON.dpatch
++ madvise_remove-restrict.dpatch



More information about the Kernel-svn-changes mailing list