[kernel] r6624 - in
dists/sarge-security/kernel-2.4/source/kernel-source-2.4.27-2.4.27/debian:
patches patches/series
Dann Frazier
dannf at costa.debian.org
Sat May 20 05:25:49 UTC 2006
Author: dannf
Date: Sat May 20 05:25:47 2006
New Revision: 6624
Added:
dists/sarge-security/kernel-2.4/source/kernel-source-2.4.27-2.4.27/debian/patches/215_sctp-fragment-recurse.diff
- copied unchanged from r6623, /dists/sarge-security/kernel/source/kernel-source-2.6.8-2.6.8/debian/patches/sctp-fragment-recurse.dpatch
Modified:
dists/sarge-security/kernel-2.4/source/kernel-source-2.4.27-2.4.27/debian/changelog
dists/sarge-security/kernel-2.4/source/kernel-source-2.4.27-2.4.27/debian/patches/series/2.4.27-10sarge3
Log:
* 215_sctp-fragment-recurse.diff
[SECURITY] Fix remote DoS vulnerability that can lead to infinite recursion
when a packet containing two or more DATA fragments is received
See CVE-2006-2274
Modified: dists/sarge-security/kernel-2.4/source/kernel-source-2.4.27-2.4.27/debian/changelog
==============================================================================
--- dists/sarge-security/kernel-2.4/source/kernel-source-2.4.27-2.4.27/debian/changelog (original)
+++ dists/sarge-security/kernel-2.4/source/kernel-source-2.4.27-2.4.27/debian/changelog Sat May 20 05:25:47 2006
@@ -31,8 +31,12 @@
[SECURITY] Fix local DoS vulnerability that allows local users to panic
a system by requesting a route for a multicast IP
See CVE-2006-1525
+ * 215_sctp-fragment-recurse.diff
+ [SECURITY] Fix remote DoS vulnerability that can lead to infinite recursion
+ when a packet containing two or more DATA fragments is received
+ See CVE-2006-2274
- -- dann frazier <dannf at debian.org> Fri, 19 May 2006 19:49:40 -0500
+ -- dann frazier <dannf at debian.org> Sat, 20 May 2006 00:25:01 -0500
kernel-source-2.4.27 (2.4.27-10sarge2) stable-security; urgency=high
Modified: dists/sarge-security/kernel-2.4/source/kernel-source-2.4.27-2.4.27/debian/patches/series/2.4.27-10sarge3
==============================================================================
--- dists/sarge-security/kernel-2.4/source/kernel-source-2.4.27-2.4.27/debian/patches/series/2.4.27-10sarge3 (original)
+++ dists/sarge-security/kernel-2.4/source/kernel-source-2.4.27-2.4.27/debian/patches/series/2.4.27-10sarge3 Sat May 20 05:25:47 2006
@@ -6,3 +6,4 @@
+ 212_ipv4-sin_zero_clear.diff
+ 213_madvise_remove-restrict.diff
+ 214_mcast-ip-route-null-deref.diff
++ 215_sctp-fragment-recurse.diff
More information about the Kernel-svn-changes
mailing list