[kernel] r7305 - dists/sarge-security/kernel/amd64/kernel-image-2.6.8-amd64-2.6.8/debian

Dann Frazier dannf at costa.debian.org
Mon Sep 4 15:56:11 UTC 2006 

Author: dannf
Date: Mon Sep  4 15:56:09 2006
New Revision: 7305

Modified:
   dists/sarge-security/kernel/amd64/kernel-image-2.6.8-amd64-2.6.8/debian/changelog
   dists/sarge-security/kernel/amd64/kernel-image-2.6.8-amd64-2.6.8/debian/control

Log:
* Build against kernel-tree-2.6.8-16sarge5:
  * [ERRATA] madvise_remove-restrict.dpatch
    [SECURITY] The 2.6.8-16sarge3 changelog associated this patch with
    CVE-2006-1524. However, this patch fixes an mprotect issue that was
    split off from the original report into CVE-2006-2071. 2.6.8 is not
    vulnerable to CVE-2006-1524 the madvise_remove issue.
    See CVE-2006-2071
  * fs-ext3-bad-nfs-handle.dpatch
    [SECURITY] James McKenzie discovered a Denial of Service vulnerability
    in the NFS driver. When exporting an ext3 file system over NFS, a remote
    attacker could exploit this to trigger a file system panic by sending
    a specially crafted UDP packet.
    See CVE-2006-3468
  * direct-io-write-mem-leak.dpatch
    [SECURITY] Fix memory leak in O_DIRECT write.
    See CVE-2004-2660
  * nfs-handle-long-symlinks.dpatch
    [SECURITY] Fix buffer overflow in NFS readline handling that allows a
    remote server to cause a denial of service (crash) via a long symlink
    See CVE-2005-4798
  * cdrom-bad-cgc.buflen-assign.dpatch
    [SECURITY] Fix buffer overflow in dvd_read_bca which could potentially
    be used by a local user to trigger a buffer overflow via a specially
    crafted DVD, USB stick, or similar automatically mounted device.
    See CVE-2006-2935
  * usb-serial-ftdi_sio-dos.patch
    [SECURITY] fix userspace DoS in ftdi_sio driver
    See CVE-2006-2936
  * selinux-tracer-SID-fix.dpatch
    [SECURITY] Fix vulnerability in selinux_ptrace that prevents local
    users from changing the tracer SID to the SID of another process
    See CVE-2006-1052
  * netfilter-SO_ORIGINAL_DST-leak.dpatch
    [SECURITY] Fix information leak in SO_ORIGINAL_DST
    See CVE-2006-1343
  * sg-no-mmap-VM_IO.dpatch
    [SECURITY] Fix DoS vulnerability whereby a local user could attempt
    a dio/mmap and cause the sg driver to oops.
    See CVE-2006-1528
  * exit-bogus-bugon.dpatch
    [SECURITY] Remove bogus BUG() in exit.c which could be maliciously
    triggered by a local user
    See CVE-2006-1855
  * readv-writev-missing-lsm-check.dpatch,
    readv-writev-missing-lsm-check-compat.dpatch
    [SECURITY] Add missing file_permission callback in readv/writev syscalls
    See CVE-2006-1856
  * snmp-nat-mem-corruption-fix.dpatch
    [SECURITY] Fix memory corruption in snmp_trap_decode
    See CVE-2006-2444
  * kfree_skb-race.dpatch
    [SECURITY] Fix race between kfree_skb and __skb_unlink
    See CVE-2006-2446
  * sctp-priv-elevation.dpatch, sctp-priv-elevation-2.dpatch
    [SECURITY] Fix SCTP privelege escalation
    See CVE-2006-3745
  * ppc-hid0-dos.dpatch
    [SECURITY][ppc] Fix local DoS by clearing HID0 attention enable on
    PPC970 at boot time
    See CVE-2006-4093
  * udf-deadlock.dpatch
    [SECURITY] Fix possible UDF deadlock and memory corruption
    See CVE-2006-4145

Modified: dists/sarge-security/kernel/amd64/kernel-image-2.6.8-amd64-2.6.8/debian/changelog
==============================================================================
--- dists/sarge-security/kernel/amd64/kernel-image-2.6.8-amd64-2.6.8/debian/changelog	(original)
+++ dists/sarge-security/kernel/amd64/kernel-image-2.6.8-amd64-2.6.8/debian/changelog	Mon Sep  4 15:56:09 2006
@@ -1,3 +1,71 @@
+kernel-image-2.6.8-amd64 (2.6.8-16sarge5) stable-security; urgency=high
+
+  * Build against kernel-tree-2.6.8-16sarge5:
+    * [ERRATA] madvise_remove-restrict.dpatch
+      [SECURITY] The 2.6.8-16sarge3 changelog associated this patch with
+      CVE-2006-1524. However, this patch fixes an mprotect issue that was
+      split off from the original report into CVE-2006-2071. 2.6.8 is not
+      vulnerable to CVE-2006-1524 the madvise_remove issue.
+      See CVE-2006-2071
+    * fs-ext3-bad-nfs-handle.dpatch
+      [SECURITY] James McKenzie discovered a Denial of Service vulnerability
+      in the NFS driver. When exporting an ext3 file system over NFS, a remote
+      attacker could exploit this to trigger a file system panic by sending
+      a specially crafted UDP packet.
+      See CVE-2006-3468
+    * direct-io-write-mem-leak.dpatch
+      [SECURITY] Fix memory leak in O_DIRECT write.
+      See CVE-2004-2660
+    * nfs-handle-long-symlinks.dpatch
+      [SECURITY] Fix buffer overflow in NFS readline handling that allows a
+      remote server to cause a denial of service (crash) via a long symlink
+      See CVE-2005-4798
+    * cdrom-bad-cgc.buflen-assign.dpatch
+      [SECURITY] Fix buffer overflow in dvd_read_bca which could potentially
+      be used by a local user to trigger a buffer overflow via a specially
+      crafted DVD, USB stick, or similar automatically mounted device.
+      See CVE-2006-2935
+    * usb-serial-ftdi_sio-dos.patch
+      [SECURITY] fix userspace DoS in ftdi_sio driver
+      See CVE-2006-2936
+    * selinux-tracer-SID-fix.dpatch
+      [SECURITY] Fix vulnerability in selinux_ptrace that prevents local
+      users from changing the tracer SID to the SID of another process
+      See CVE-2006-1052
+    * netfilter-SO_ORIGINAL_DST-leak.dpatch
+      [SECURITY] Fix information leak in SO_ORIGINAL_DST
+      See CVE-2006-1343
+    * sg-no-mmap-VM_IO.dpatch
+      [SECURITY] Fix DoS vulnerability whereby a local user could attempt
+      a dio/mmap and cause the sg driver to oops.
+      See CVE-2006-1528
+    * exit-bogus-bugon.dpatch
+      [SECURITY] Remove bogus BUG() in exit.c which could be maliciously
+      triggered by a local user
+      See CVE-2006-1855
+    * readv-writev-missing-lsm-check.dpatch,
+      readv-writev-missing-lsm-check-compat.dpatch
+      [SECURITY] Add missing file_permission callback in readv/writev syscalls
+      See CVE-2006-1856
+    * snmp-nat-mem-corruption-fix.dpatch
+      [SECURITY] Fix memory corruption in snmp_trap_decode
+      See CVE-2006-2444
+    * kfree_skb-race.dpatch
+      [SECURITY] Fix race between kfree_skb and __skb_unlink
+      See CVE-2006-2446
+    * sctp-priv-elevation.dpatch, sctp-priv-elevation-2.dpatch
+      [SECURITY] Fix SCTP privelege escalation
+      See CVE-2006-3745
+    * ppc-hid0-dos.dpatch
+      [SECURITY][ppc] Fix local DoS by clearing HID0 attention enable on
+      PPC970 at boot time
+      See CVE-2006-4093
+    * udf-deadlock.dpatch
+      [SECURITY] Fix possible UDF deadlock and memory corruption
+      See CVE-2006-4145
+
+ -- dann frazier <dannf at debian.org>  Mon,  4 Sep 2006 09:54:51 -0600
+
 kernel-image-2.6.8-amd64 (2.6.8-16sarge4) stable-security; urgency=high
 
   * Build against kernel-tree-2.6.8-16sarge4:

Modified: dists/sarge-security/kernel/amd64/kernel-image-2.6.8-amd64-2.6.8/debian/control
==============================================================================
--- dists/sarge-security/kernel/amd64/kernel-image-2.6.8-amd64-2.6.8/debian/control	(original)
+++ dists/sarge-security/kernel/amd64/kernel-image-2.6.8-amd64-2.6.8/debian/control	Mon Sep  4 15:56:09 2006
@@ -4,7 +4,7 @@
 Maintainer: Debian Kernel Team <debian-kernel at lists.debian.org>
 Uploaders: Frederik Schüler <fschueler at gmx.net> 
 Standards-Version: 3.6.1
-Build-Depends: debhelper (>= 4), kernel-package (>= 8.131), kernel-tree-2.6.8-16sarge4, module-init-tools, gcc-3.4 (>= 3.4.1-6), dpkg-dev (>= 1.10.23)
+Build-Depends: debhelper (>= 4), kernel-package (>= 8.131), kernel-tree-2.6.8-16sarge5, module-init-tools, gcc-3.4 (>= 3.4.1-6), dpkg-dev (>= 1.10.23)
 
 Package: kernel-headers-2.6.8-12
 Architecture: amd64 i386

More information about the Kernel-svn-changes mailing list