[kernel] r9340 - in dists/etch/linux-2.6/debian: . patches/bugfix patches/series
Dann Frazier
dannf at alioth.debian.org
Tue Aug 21 00:59:15 UTC 2007
Author: dannf
Date: Tue Aug 21 00:59:15 2007
New Revision: 9340
Log:
merge 2.6.18.dfsg.1-13etch1
Added:
dists/etch/linux-2.6/debian/patches/bugfix/bluetooth-l2cap-hci-info-leaks.patch
- copied unchanged from r9339, /releases/linux-2.6/2.6.18.dfsg.1-13etch1/debian/patches/bugfix/bluetooth-l2cap-hci-info-leaks.patch
dists/etch/linux-2.6/debian/patches/bugfix/dn_fib-out-of-bounds.patch
- copied unchanged from r9339, /releases/linux-2.6/2.6.18.dfsg.1-13etch1/debian/patches/bugfix/dn_fib-out-of-bounds.patch
dists/etch/linux-2.6/debian/patches/bugfix/i965-secure-batchbuffer.patch
- copied unchanged from r9339, /releases/linux-2.6/2.6.18.dfsg.1-13etch1/debian/patches/bugfix/i965-secure-batchbuffer.patch
dists/etch/linux-2.6/debian/patches/bugfix/nf_conntrack_h323-bounds-checking.patch
- copied unchanged from r9339, /releases/linux-2.6/2.6.18.dfsg.1-13etch1/debian/patches/bugfix/nf_conntrack_h323-bounds-checking.patch
dists/etch/linux-2.6/debian/patches/bugfix/nf_conntrack_sctp-null-deref.patch
- copied unchanged from r9339, /releases/linux-2.6/2.6.18.dfsg.1-13etch1/debian/patches/bugfix/nf_conntrack_sctp-null-deref.patch
dists/etch/linux-2.6/debian/patches/bugfix/pppoe-socket-release-mem-leak.patch
- copied unchanged from r9339, /releases/linux-2.6/2.6.18.dfsg.1-13etch1/debian/patches/bugfix/pppoe-socket-release-mem-leak.patch
dists/etch/linux-2.6/debian/patches/bugfix/random-fix-error-in-entropy-extraction.patch
- copied unchanged from r9339, /releases/linux-2.6/2.6.18.dfsg.1-13etch1/debian/patches/bugfix/random-fix-error-in-entropy-extraction.patch
dists/etch/linux-2.6/debian/patches/bugfix/random-fix-seeding-with-zero-entropy.patch
- copied unchanged from r9339, /releases/linux-2.6/2.6.18.dfsg.1-13etch1/debian/patches/bugfix/random-fix-seeding-with-zero-entropy.patch
dists/etch/linux-2.6/debian/patches/bugfix/reset-pdeathsig-on-suid.patch
- copied unchanged from r9339, /releases/linux-2.6/2.6.18.dfsg.1-13etch1/debian/patches/bugfix/reset-pdeathsig-on-suid.patch
dists/etch/linux-2.6/debian/patches/bugfix/usblcd-limit-memory-consumption.patch
- copied unchanged from r9339, /releases/linux-2.6/2.6.18.dfsg.1-13etch1/debian/patches/bugfix/usblcd-limit-memory-consumption.patch
dists/etch/linux-2.6/debian/patches/series/13etch1
- copied unchanged from r9339, /releases/linux-2.6/2.6.18.dfsg.1-13etch1/debian/patches/series/13etch1
Modified:
dists/etch/linux-2.6/debian/changelog
Modified: dists/etch/linux-2.6/debian/changelog
==============================================================================
--- dists/etch/linux-2.6/debian/changelog (original)
+++ dists/etch/linux-2.6/debian/changelog Tue Aug 21 00:59:15 2007
@@ -10,6 +10,47 @@
-- dann frazier <dannf at debian.org> Fri, 03 Aug 2007 15:17:22 -0600
+linux-2.6 (2.6.18.dfsg.1-13etch1) stable-security; urgency=high
+
+ * Update abi reference files for ABI 5
+ * bugfix/bluetooth-l2cap-hci-info-leaks.patch
+ [SECURITY] Fix information leaks in setsockopt() implementations
+ See CVE-2007-1353
+ * bugfix/usblcd-limit-memory-consumption.patch
+ [SECURITY] limit memory consumption during write in the usblcd driver
+ See CVE-2007-3513
+ * bugfix/pppoe-socket-release-mem-leak.patch
+ [SECURITY] fix unpriveleged memory leak when a PPPoE socket is released
+ after connect but before PPPIOCGCHAN ioctl is called upon it
+ See CVE-2007-2525
+ * bugfix/nf_conntrack_h323-bounds-checking.patch
+ [SECURITY] nf_conntrack_h323: add checking of out-of-range on choices'
+ index values
+ See CVE-2007-3642
+ * bugfix/dn_fib-out-of-bounds.patch
+ [SECURITY] Fix out of bounds condition in dn_fib_props[]
+ See CVE-2007-2172
+ * bugfix/random-fix-seeding-with-zero-entropy.patch
+ bugfix/random-fix-error-in-entropy-extraction.patch
+ [SECURITY] Avoid seeding with the same values at boot time when a
+ system has no entropy source and fix a casting error in entropy
+ extraction that resulted in slightly less random numbers.
+ See CVE-2007-2453
+ * bugfix/nf_conntrack_sctp-null-deref.patch
+ [SECURITY] Fix remotely triggerable NULL pointer dereference
+ by sending an unknown chunk type.
+ See CVE-2007-2876
+ * bugfix/i965-secure-batchbuffer.patch
+ [SECURITY] Fix i965 secured batchbuffer usage
+ See CVE-2007-3851
+ * bugfix/reset-pdeathsig-on-suid.patch
+ [SECURITY] Fix potential privilege escalation caused by improper
+ clearing of the child process' pdeath signal.
+ Thanks to Marcel Holtmann for the patch.
+ See CVE-2007-3848
+
+ -- dann frazier <dannf at debian.org> Sat, 11 Aug 2007 08:46:25 -0600
+
linux-2.6 (2.6.18.dfsg.1-13) stable; urgency=high
[ Bastian Blank ]
More information about the Kernel-svn-changes
mailing list