Accepted kernel-image-2.2.20-i386 2.2.20-5woody1 (i386 source)

To: debian-changes@lists.debian.org
Subject: Accepted kernel-image-2.2.20-i386 2.2.20-5woody1 (i386 source)
From: Matt Zimmerman <mdz@debian.org>
Date: Sun, 29 Jun 2003 12:32:51 -0400
Message-id: <[🔎] E19Wf6h-00006w-00@auric.debian.org>
Mail-followup-to: debian-devel@lists.debian.org
Reply-to: debian-devel@lists.debian.org

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.7
Date: Thu, 19 Jun 2003 19:10:07 -0400
Source: kernel-image-2.2.20-i386
Binary: kernel-headers-2.2.20-compact kernel-image-2.2.20 kernel-image-2.2.20-idepci kernel-headers-2.2.20 kernel-headers-2.2.20-idepci kernel-image-2.2.20-compact
Architecture: source i386
Version: 2.2.20-5woody1
Distribution: stable-security
Urgency: high
Maintainer: Herbert Xu <herbert@debian.org>
Changed-By: Matt Zimmerman <mdz@debian.org>
Description: 
 kernel-headers-2.2.20 - Header files related to Linux kernel version 2.2.20
 kernel-headers-2.2.20-compact - Header files related to Linux kernel version 2.2.20-compact
 kernel-headers-2.2.20-idepci - Header files related to Linux kernel version 2.2.20-idepci
 kernel-image-2.2.20 - Linux kernel binary image for version 2.2.20.
 kernel-image-2.2.20-compact - Linux kernel binary image.
 kernel-image-2.2.20-idepci - Linux kernel binary image.
Changes: 
 kernel-image-2.2.20-i386 (2.2.20-5woody1) stable-security; urgency=high
 .
   * Non-maintainer upload by the Security Team
   * Build with kernel-source-2.2.20-5woody1, fixing several security
     vulnerabilities:
     - CAN-2003-0364: The TCP/IP fragment reassembly handling in the Linux
       kernel 2.4 allows remote attackers to cause a denial of service (CPU
       consumption) via certain packets that cause a large number of hash table
       collisions
     - CAN-2003-0001: Multiple ethernet Network Interface Card (NIC) device
       drivers do not pad frames with null bytes, which allows remote
       attackers to obtain information from previous packets or kernel
       memory by using malformed packets
     - CAN-2003-0127: The kernel module loader allows local users to gain
       root privileges by using ptrace to attach to a child process that
       is spawned by the kernel
     - CVE-2002-0429: The iBCS routines in arch/i386/kernel/traps.c for Linux
       kernels 2.4.18 and earlier on x86 systems allow local users to kill
       arbitrary processes via a a binary compatibility interface (lcall)
     - CAN-2002-1380: Linux kernel 2.2.x allows local users to cause a denial
       of service (crash) by using the mmap() function with a PROT_READ
       parameter to access non-readable memory pages through the /proc/pid/mem
       interface.
Files: 
 d690144f0c106f4c0985d2da5355d559 837 devel optional kernel-image-2.2.20-i386_2.2.20-5woody1.dsc
 e99e136a8f4944cb87bb0791c68dd6f2 16613037 devel optional kernel-image-2.2.20-i386_2.2.20-5woody1.tar.gz
 46b1d00bdb529f48f3a4b2e509053c1d 1918456 devel optional kernel-headers-2.2.20_2.2.20-5woody1_i386.deb
 0b40a743b73ab17e6413099f9db5ffe0 5901586 base optional kernel-image-2.2.20_2.2.20-5woody1_i386.deb
 46e02bad46c401366adbf34e43fd442e 1867050 devel optional kernel-headers-2.2.20-compact_2.2.20-5woody1_i386.deb
 80122785d6cf43483855e0f898056187 1733252 base optional kernel-image-2.2.20-compact_2.2.20-5woody1_i386.deb
 f9dcbeecda9d95aa433da73d37ed4c42 1839270 devel optional kernel-headers-2.2.20-idepci_2.2.20-5woody1_i386.deb
 727699171a921892cca32abefe5d2eac 1395106 base optional kernel-image-2.2.20-idepci_2.2.20-5woody1_i386.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.2 (GNU/Linux)

iD8DBQE+81A8ArxCt0PiXR4RAuIkAKDKiH3Os9pgQGbRXMbtDWaeD/tBVQCfaK4n
7VoZw41lwKiMj7bRgGNIBY8=
=0kuF
-----END PGP SIGNATURE-----


Accepted:
kernel-headers-2.2.20-compact_2.2.20-5woody1_i386.deb
  to pool/main/k/kernel-image-2.2.20-i386/kernel-headers-2.2.20-compact_2.2.20-5woody1_i386.deb
kernel-headers-2.2.20-idepci_2.2.20-5woody1_i386.deb
  to pool/main/k/kernel-image-2.2.20-i386/kernel-headers-2.2.20-idepci_2.2.20-5woody1_i386.deb
kernel-headers-2.2.20_2.2.20-5woody1_i386.deb
  to pool/main/k/kernel-image-2.2.20-i386/kernel-headers-2.2.20_2.2.20-5woody1_i386.deb
kernel-image-2.2.20-compact_2.2.20-5woody1_i386.deb
  to pool/main/k/kernel-image-2.2.20-i386/kernel-image-2.2.20-compact_2.2.20-5woody1_i386.deb
kernel-image-2.2.20-i386_2.2.20-5woody1.dsc
  to pool/main/k/kernel-image-2.2.20-i386/kernel-image-2.2.20-i386_2.2.20-5woody1.dsc
kernel-image-2.2.20-i386_2.2.20-5woody1.tar.gz
  to pool/main/k/kernel-image-2.2.20-i386/kernel-image-2.2.20-i386_2.2.20-5woody1.tar.gz
kernel-image-2.2.20-idepci_2.2.20-5woody1_i386.deb
  to pool/main/k/kernel-image-2.2.20-i386/kernel-image-2.2.20-idepci_2.2.20-5woody1_i386.deb
kernel-image-2.2.20_2.2.20-5woody1_i386.deb
  to pool/main/k/kernel-image-2.2.20-i386/kernel-image-2.2.20_2.2.20-5woody1_i386.deb

Reply to:

Prev by Date: Accepted xgalaga 2.0.34-19woody1 (i386 source)
Next by Date: Accepted kernel-image-2.2.20-i386 2.2.20-5woody2 (i386 source)
Previous by thread: Accepted xgalaga 2.0.34-19woody1 (i386 source)
Next by thread: Accepted kernel-image-2.2.20-i386 2.2.20-5woody2 (i386 source)
Index(es):
- Date
- Thread