[kernel] r8378 - in dists/etch/linux-2.6/debian: . patches/bugfix
patches/series
Dann Frazier
dannf at alioth.debian.org
Thu Mar 22 01:05:32 UTC 2007
Author: dannf
Date: Thu Mar 22 00:05:32 2007
New Revision: 8378
Added:
dists/etch/linux-2.6/debian/patches/bugfix/ipv6_getsockopt_sticky-null-opt.patch
- copied unchanged from r8377, dists/etch-security/linux-2.6/debian/patches/bugfix/ipv6_getsockopt_sticky-null-opt.patch
dists/etch/linux-2.6/debian/patches/bugfix/ipv6_setsockopt-NULL-deref.patch
- copied unchanged from r8377, dists/etch-security/linux-2.6/debian/patches/bugfix/ipv6_setsockopt-NULL-deref.patch
dists/etch/linux-2.6/debian/patches/bugfix/keys-serial-num-collision.patch
- copied unchanged from r8377, dists/etch-security/linux-2.6/debian/patches/bugfix/keys-serial-num-collision.patch
dists/etch/linux-2.6/debian/patches/bugfix/listxattr-mem-corruption.patch
- copied unchanged from r8377, dists/etch-security/linux-2.6/debian/patches/bugfix/listxattr-mem-corruption.patch
Modified:
dists/etch/linux-2.6/debian/changelog
dists/etch/linux-2.6/debian/patches/series/12
Log:
merge the changes from the etch-security branch as of r8377 - requested by vorlon, in case of potential update prior to 4.0r0
Modified: dists/etch/linux-2.6/debian/changelog
==============================================================================
--- dists/etch/linux-2.6/debian/changelog (original)
+++ dists/etch/linux-2.6/debian/changelog Thu Mar 22 00:05:32 2007
@@ -23,7 +23,26 @@
Thanks to Doug Nazar for the patch and to Daniel J. Priem for testing.
Closes: #409313.
- -- Steve Langasek <vorlon at debian.org> Mon, 5 Mar 2007 00:25:35 -0800
+ [ dann frazier ]
+ * bugfix/keys-serial-num-collision.patch
+ [SECURITY] Fix the key serial number collision avoidance code in
+ key_alloc_serial() that could lead to a local DoS (oops).
+ (closes: #398470)
+ See CVE-2007-0006
+ * bugfix/ipv6_getsockopt_sticky-null-opt.patch
+ [SECURITY] Fix NULL dereference in ipv6_setsockopt that could lead
+ to a local DoS (oops).
+ See CVE-2007-1388
+ * bugfix/ipv6_getsockopt_sticky-null-opt.patch
+ [SECURITY] Fix kernel memory leak vulnerability in
+ ipv6_getsockopt_sticky() which can be triggered by passing a len < 0.
+ See CVE-2007-1000
+ * bugfix/listxattr-mem-corruption.patch
+ [SECURITY] Fix userspace corruption vulnerability caused by
+ incorrectly promoted return values in bad_inode_ops
+ See CVE-2006-5753
+
+ -- dann frazier <dannf at debian.org> Wed, 21 Mar 2007 18:03:28 -0600
linux-2.6 (2.6.18.dfsg.1-11) unstable; urgency=low
Modified: dists/etch/linux-2.6/debian/patches/series/12
==============================================================================
--- dists/etch/linux-2.6/debian/patches/series/12 (original)
+++ dists/etch/linux-2.6/debian/patches/series/12 Thu Mar 22 00:05:32 2007
@@ -2,3 +2,7 @@
+ bugfix/sparc/eth1394-unaligned-access.patch
+ bugfix/sparc/kenvctrld-cpu-consumption.patch
+ bugfix/sparc/ip_rcv-unaligned-access.patch
++ bugfix/keys-serial-num-collision.patch
++ bugfix/ipv6_setsockopt-NULL-deref.patch
++ bugfix/ipv6_getsockopt_sticky-null-opt.patch
++ bugfix/listxattr-mem-corruption.patch
More information about the Kernel-svn-changes
mailing list