[kernel] r6624 - in dists/sarge-security/kernel-2.4/source/kernel-source-2.4.27-2.4.27/debian: patches patches/series

Dann Frazier dannf at costa.debian.org
Sat May 20 05:25:49 UTC 2006


Author: dannf
Date: Sat May 20 05:25:47 2006
New Revision: 6624

Added:
   dists/sarge-security/kernel-2.4/source/kernel-source-2.4.27-2.4.27/debian/patches/215_sctp-fragment-recurse.diff
      - copied unchanged from r6623, /dists/sarge-security/kernel/source/kernel-source-2.6.8-2.6.8/debian/patches/sctp-fragment-recurse.dpatch
Modified:
   dists/sarge-security/kernel-2.4/source/kernel-source-2.4.27-2.4.27/debian/changelog
   dists/sarge-security/kernel-2.4/source/kernel-source-2.4.27-2.4.27/debian/patches/series/2.4.27-10sarge3

Log:
* 215_sctp-fragment-recurse.diff
  [SECURITY] Fix remote DoS vulnerability that can lead to infinite recursion
  when a packet containing two or more DATA fragments is received
  See CVE-2006-2274

Modified: dists/sarge-security/kernel-2.4/source/kernel-source-2.4.27-2.4.27/debian/changelog
==============================================================================
--- dists/sarge-security/kernel-2.4/source/kernel-source-2.4.27-2.4.27/debian/changelog	(original)
+++ dists/sarge-security/kernel-2.4/source/kernel-source-2.4.27-2.4.27/debian/changelog	Sat May 20 05:25:47 2006
@@ -31,8 +31,12 @@
     [SECURITY] Fix local DoS vulnerability that allows local users to panic
     a system by requesting a route for a multicast IP
     See CVE-2006-1525
+  * 215_sctp-fragment-recurse.diff
+    [SECURITY] Fix remote DoS vulnerability that can lead to infinite recursion
+    when a packet containing two or more DATA fragments is received
+    See CVE-2006-2274
 
- -- dann frazier <dannf at debian.org>  Fri, 19 May 2006 19:49:40 -0500
+ -- dann frazier <dannf at debian.org>  Sat, 20 May 2006 00:25:01 -0500
 
 kernel-source-2.4.27 (2.4.27-10sarge2) stable-security; urgency=high
 

Modified: dists/sarge-security/kernel-2.4/source/kernel-source-2.4.27-2.4.27/debian/patches/series/2.4.27-10sarge3
==============================================================================
--- dists/sarge-security/kernel-2.4/source/kernel-source-2.4.27-2.4.27/debian/patches/series/2.4.27-10sarge3	(original)
+++ dists/sarge-security/kernel-2.4/source/kernel-source-2.4.27-2.4.27/debian/patches/series/2.4.27-10sarge3	Sat May 20 05:25:47 2006
@@ -6,3 +6,4 @@
 + 212_ipv4-sin_zero_clear.diff
 + 213_madvise_remove-restrict.diff
 + 214_mcast-ip-route-null-deref.diff
++ 215_sctp-fragment-recurse.diff



More information about the Kernel-svn-changes mailing list