Accepted kernel-image-2.2.20-i386 2.2.20-5woody1 (i386 source)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.7
Date: Thu, 19 Jun 2003 19:10:07 -0400
Source: kernel-image-2.2.20-i386
Binary: kernel-headers-2.2.20-compact kernel-image-2.2.20 kernel-image-2.2.20-idepci kernel-headers-2.2.20 kernel-headers-2.2.20-idepci kernel-image-2.2.20-compact
Architecture: source i386
Version: 2.2.20-5woody1
Distribution: stable-security
Urgency: high
Maintainer: Herbert Xu <herbert@debian.org>
Changed-By: Matt Zimmerman <mdz@debian.org>
Description:
kernel-headers-2.2.20 - Header files related to Linux kernel version 2.2.20
kernel-headers-2.2.20-compact - Header files related to Linux kernel version 2.2.20-compact
kernel-headers-2.2.20-idepci - Header files related to Linux kernel version 2.2.20-idepci
kernel-image-2.2.20 - Linux kernel binary image for version 2.2.20.
kernel-image-2.2.20-compact - Linux kernel binary image.
kernel-image-2.2.20-idepci - Linux kernel binary image.
Changes:
kernel-image-2.2.20-i386 (2.2.20-5woody1) stable-security; urgency=high
.
* Non-maintainer upload by the Security Team
* Build with kernel-source-2.2.20-5woody1, fixing several security
vulnerabilities:
- CAN-2003-0364: The TCP/IP fragment reassembly handling in the Linux
kernel 2.4 allows remote attackers to cause a denial of service (CPU
consumption) via certain packets that cause a large number of hash table
collisions
- CAN-2003-0001: Multiple ethernet Network Interface Card (NIC) device
drivers do not pad frames with null bytes, which allows remote
attackers to obtain information from previous packets or kernel
memory by using malformed packets
- CAN-2003-0127: The kernel module loader allows local users to gain
root privileges by using ptrace to attach to a child process that
is spawned by the kernel
- CVE-2002-0429: The iBCS routines in arch/i386/kernel/traps.c for Linux
kernels 2.4.18 and earlier on x86 systems allow local users to kill
arbitrary processes via a a binary compatibility interface (lcall)
- CAN-2002-1380: Linux kernel 2.2.x allows local users to cause a denial
of service (crash) by using the mmap() function with a PROT_READ
parameter to access non-readable memory pages through the /proc/pid/mem
interface.
Files:
d690144f0c106f4c0985d2da5355d559 837 devel optional kernel-image-2.2.20-i386_2.2.20-5woody1.dsc
e99e136a8f4944cb87bb0791c68dd6f2 16613037 devel optional kernel-image-2.2.20-i386_2.2.20-5woody1.tar.gz
46b1d00bdb529f48f3a4b2e509053c1d 1918456 devel optional kernel-headers-2.2.20_2.2.20-5woody1_i386.deb
0b40a743b73ab17e6413099f9db5ffe0 5901586 base optional kernel-image-2.2.20_2.2.20-5woody1_i386.deb
46e02bad46c401366adbf34e43fd442e 1867050 devel optional kernel-headers-2.2.20-compact_2.2.20-5woody1_i386.deb
80122785d6cf43483855e0f898056187 1733252 base optional kernel-image-2.2.20-compact_2.2.20-5woody1_i386.deb
f9dcbeecda9d95aa433da73d37ed4c42 1839270 devel optional kernel-headers-2.2.20-idepci_2.2.20-5woody1_i386.deb
727699171a921892cca32abefe5d2eac 1395106 base optional kernel-image-2.2.20-idepci_2.2.20-5woody1_i386.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.2 (GNU/Linux)
iD8DBQE+81A8ArxCt0PiXR4RAuIkAKDKiH3Os9pgQGbRXMbtDWaeD/tBVQCfaK4n
7VoZw41lwKiMj7bRgGNIBY8=
=0kuF
-----END PGP SIGNATURE-----
Accepted:
kernel-headers-2.2.20-compact_2.2.20-5woody1_i386.deb
to pool/main/k/kernel-image-2.2.20-i386/kernel-headers-2.2.20-compact_2.2.20-5woody1_i386.deb
kernel-headers-2.2.20-idepci_2.2.20-5woody1_i386.deb
to pool/main/k/kernel-image-2.2.20-i386/kernel-headers-2.2.20-idepci_2.2.20-5woody1_i386.deb
kernel-headers-2.2.20_2.2.20-5woody1_i386.deb
to pool/main/k/kernel-image-2.2.20-i386/kernel-headers-2.2.20_2.2.20-5woody1_i386.deb
kernel-image-2.2.20-compact_2.2.20-5woody1_i386.deb
to pool/main/k/kernel-image-2.2.20-i386/kernel-image-2.2.20-compact_2.2.20-5woody1_i386.deb
kernel-image-2.2.20-i386_2.2.20-5woody1.dsc
to pool/main/k/kernel-image-2.2.20-i386/kernel-image-2.2.20-i386_2.2.20-5woody1.dsc
kernel-image-2.2.20-i386_2.2.20-5woody1.tar.gz
to pool/main/k/kernel-image-2.2.20-i386/kernel-image-2.2.20-i386_2.2.20-5woody1.tar.gz
kernel-image-2.2.20-idepci_2.2.20-5woody1_i386.deb
to pool/main/k/kernel-image-2.2.20-i386/kernel-image-2.2.20-idepci_2.2.20-5woody1_i386.deb
kernel-image-2.2.20_2.2.20-5woody1_i386.deb
to pool/main/k/kernel-image-2.2.20-i386/kernel-image-2.2.20_2.2.20-5woody1_i386.deb
Reply to: