[kernel] r9446 - in dists/etch/linux-2.6/debian: . patches/bugfix patches/series

Dann Frazier dannf at alioth.debian.org
Tue Sep 4 04:32:32 UTC 2007 

Author: dannf
Date: Tue Sep  4 04:32:32 2007
New Revision: 9446

Log:
merge in 2.6.18.dfsg.1-13etch2

Added:
   dists/etch/linux-2.6/debian/patches/bugfix/aacraid-ioctl-perm-check.patch
      - copied unchanged from r9445, /releases/linux-2.6/2.6.18.dfsg.1-13etch2/debian/patches/bugfix/aacraid-ioctl-perm-check.patch
   dists/etch/linux-2.6/debian/patches/bugfix/cifs-fix-sign-settings.patch
      - copied unchanged from r9445, /releases/linux-2.6/2.6.18.dfsg.1-13etch2/debian/patches/bugfix/cifs-fix-sign-settings.patch
   dists/etch/linux-2.6/debian/patches/bugfix/cpuset_tasks-underflow.patch
      - copied unchanged from r9445, /releases/linux-2.6/2.6.18.dfsg.1-13etch2/debian/patches/bugfix/cpuset_tasks-underflow.patch
   dists/etch/linux-2.6/debian/patches/bugfix/ipv4-fib_props-out-of-bounds.patch
      - copied unchanged from r9445, /releases/linux-2.6/2.6.18.dfsg.1-13etch2/debian/patches/bugfix/ipv4-fib_props-out-of-bounds.patch
   dists/etch/linux-2.6/debian/patches/bugfix/random-bound-check-ordering.patch
      - copied unchanged from r9445, /releases/linux-2.6/2.6.18.dfsg.1-13etch2/debian/patches/bugfix/random-bound-check-ordering.patch
   dists/etch/linux-2.6/debian/patches/series/13etch2
      - copied unchanged from r9445, /releases/linux-2.6/2.6.18.dfsg.1-13etch2/debian/patches/series/13etch2
Modified:
   dists/etch/linux-2.6/debian/changelog

Modified: dists/etch/linux-2.6/debian/changelog
==============================================================================
--- dists/etch/linux-2.6/debian/changelog	(original)
+++ dists/etch/linux-2.6/debian/changelog	Tue Sep  4 04:32:32 2007
@@ -27,6 +27,31 @@
 
  -- dann frazier <dannf at debian.org>  Wed, 29 Aug 2007 01:54:05 -0600
 
+linux-2.6 (2.6.18.dfsg.1-13etch2) stable-security; urgency=high
+
+  * bugfix/ipv4-fib_props-out-of-bounds.patch
+    [SECURITY] Fix a typo which caused fib_props[] to be of the wrong size
+    and check for out of bounds condition in index provided by userspace
+    See CVE-2007-2172
+  * bugfix/cpuset_tasks-underflow.patch
+    [SECURITY] Fix integer underflow in /dev/cpuset/tasks which could allow
+    local attackers to read sensitive kernel memory if the cpuset filesystem
+    is mounted.
+    See CVE-2007-2875
+  * bugfix/random-bound-check-ordering.patch
+    [SECURITY] Fix stack-based buffer overflow in the random number
+    generator
+    See CVE-2007-3105
+  * bugfix/cifs-fix-sign-settings.patch
+    [SECURITY] Fix overriding the server to force signing on caused by
+    checking the wrong gloal variable.
+    See CVE-2007-3843
+  * bugfix/aacraid-ioctl-perm-check.patch
+    [SECURITY] Require admin capabilities to issue ioctls to aacraid devices
+    See CVE-2007-4308
+
+ -- dann frazier <dannf at debian.org>  Mon, 27 Aug 2007 23:29:31 -0600
+
 linux-2.6 (2.6.18.dfsg.1-13etch1) stable-security; urgency=high
 
   * Update abi reference files for ABI 5

More information about the Kernel-svn-changes mailing list