[kernel] r11586 - in dists/etch/linux-2.6/debian: . patches/bugfix patches/series

Dann Frazier dannf at alioth.debian.org
Mon Jun 9 07:22:06 UTC 2008 

Author: dannf
Date: Mon Jun  9 07:22:04 2008
New Revision: 11586

Log:
* Merge in changes from 2.6.18.dfsg.1-18etch6
* bugfix/dccp-feature-length-check.patch
  [SECURITY] Validate feature length to avoid heap overflow
  See CVE-2008-2358
* bugfix/asn1-ber-decoding-checks.patch
  [SECURITY] Validate lengths in ASN.1 decoding code to avoid
  heap overflow
  See CVE-2008-1673


Added:
   dists/etch/linux-2.6/debian/patches/bugfix/asn1-ber-decoding-checks.patch
      - copied unchanged from r11585, /releases/linux-2.6/2.6.18.dfsg.1-18etch6/debian/patches/bugfix/asn1-ber-decoding-checks.patch
   dists/etch/linux-2.6/debian/patches/bugfix/dccp-feature-length-check.patch
      - copied unchanged from r11585, /releases/linux-2.6/2.6.18.dfsg.1-18etch6/debian/patches/bugfix/dccp-feature-length-check.patch
   dists/etch/linux-2.6/debian/patches/series/18etch6
      - copied unchanged from r11585, /releases/linux-2.6/2.6.18.dfsg.1-18etch6/debian/patches/series/18etch6
Modified:
   dists/etch/linux-2.6/debian/changelog

Modified: dists/etch/linux-2.6/debian/changelog
==============================================================================
--- dists/etch/linux-2.6/debian/changelog	(original)
+++ dists/etch/linux-2.6/debian/changelog	Mon Jun  9 07:22:04 2008
@@ -1,3 +1,9 @@
+linux-2.6 (2.6.18.dfsg.1-22) UNRELEASED; urgency=high
+
+  * Merge in changes from 2.6.18.dfsg.1-18etch6
+
+ -- dann frazier <dannf at debian.org>  Mon, 09 Jun 2008 01:21:13 -0600
+
 linux-2.6 (2.6.18.dfsg.1-21) stable; urgency=high
 
   * 3w-xxxx: Fix data corruption on em64t systems w/ > 2GB of memory
@@ -30,6 +36,18 @@
 
  -- dann frazier <dannf at debian.org>  Thu, 03 Apr 2008 16:22:55 -0600
 
+linux-2.6 (2.6.18.dfsg.1-18etch6) stable-security; urgency=high
+
+  * bugfix/dccp-feature-length-check.patch
+    [SECURITY] Validate feature length to avoid heap overflow
+    See CVE-2008-2358
+  * bugfix/asn1-ber-decoding-checks.patch
+    [SECURITY] Validate lengths in ASN.1 decoding code to avoid
+    heap overflow
+    See CVE-2008-1673
+  
+ -- dann frazier <dannf at debian.org>  Thu, 05 Jun 2008 22:36:07 -0600
+
 linux-2.6 (2.6.18.dfsg.1-18etch5) stable-security; urgency=high
 
   * bugfix/sit-missing-kfree_skb-on-pskb_may_pull.patch

More information about the Kernel-svn-changes mailing list