Accepted kernel-source-2.4.27 2.4.27-10sarge1 (source all)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.7
Date: Wed, 17 Aug 2005 15:45:20 +0900
Source: kernel-source-2.4.27
Binary: kernel-tree-2.4.27 kernel-source-2.4.27 kernel-patch-debian-2.4.27 kernel-doc-2.4.27
Architecture: source all
Version: 2.4.27-10sarge1
Distribution: stable-security
Urgency: high
Maintainer: Debian Kernel Team <debian-kernel@lists.debian.org>
Changed-By: Simon Horman <horms@debian.org>
Description:
kernel-doc-2.4.27 - Linux kernel specific documentation for version 2.4.27
kernel-patch-debian-2.4.27 - Debian patches to Linux 2.4.27
kernel-source-2.4.27 - Linux kernel source for version 2.4.27 with Debian patches
kernel-tree-2.4.27 - Linux kernel source tree for building Debian kernel images
Closes: 311164 319629 320256 323318
Changes:
kernel-source-2.4.27 (2.4.27-10sarge1) stable-security; urgency=high
.
[ Simon Horman ]
* 184_arch-x86_64-ia32-ptrace32-oops.diff
[Security, x86_64] 32 bit ltrace oops when tracing 64 bit executable
http://lkml.org/lkml/2005/1/5/245
http://linux.bkbits.net:8080/linux-2.4/cset@41dd3455GwQPufrGvBJjcUOXQa3WXA
.
== Patches from 2.4.27-11 ==
.
[ Simon Horman ]
* 167_arch-ia64-x86_64_execve.diff:
Race condition in the ia32 compatibility code for the execve system call
See CAN-2005-1768. (closes: #319629).
.
* 168_fs_ext3_64bit_offset.diff:
Incorrect offset checks for ext3 xattr on 64 bit architectures
can lead to a local DoS.
See CAN-2005-0757. (closes: #311164).
.
* 169_arch-x86_64-kernel-ptrace-canonical-rip-1.dpatch
[Security, x86_64] This works around an AMD Erratum by
checking if the ptrace RIP is canonical.
See CAN-2005-1762
.
* 169_arch-x86_64-kernel-ptrace-canonical-rip-2.dpatch
[Security, x86_64] Fix canonical checking for segment registers in ptrace
See CAN-2005-0756
.
# Excluded from Security Update
# * Makefile-gcc-3.3.dpatch, control
# Build with gcc-3.3, as gcc-4.0, now the dedault in unstable,
# fails to build this source. Upstream has stated that they
# have no intention making the 2.4 kernel compile with gcc-4
# (closes: #320256, #323318)
.
* 171_arch-ia64-x86_64-execve-overflow.diff
[Security, ia64, x86_64] Fix overflow in 32bit execve
See CAN-2005-1768
.
* 172_ppc32-time_offset-misuse.diff
[ppc32] stop misusing ntps time_offset value
.
# Excluded from Security Update
# * 173_tty_ldisc_ref-return-null-check.diff
# tty_ldisc_ref return null check
.
* 174_net-ipv4-netfilter-nat-mem.diff
[Security] Fix potential memory corruption in NAT code (aka memory NAT)
.
# Excluded from Security Update
# * 175-net-ipv6-netfilter-deadlock.diff
# Fix deadlock in ip6_queue
.
* 176_ipsec-array-overflow.diff
[Security] Fix possible overflow of sock->sk_policy
See CAN-2005-2456 (See: #321401)
.
# Excluded from Security Update
# * 177_rocket_c-fix-ldisc-ref-count.diff
# Fix ldisc ref count handling in rocketport driver
.
* 178_fs_ext2_ext3_xattr-sharing.diff
[Security] Xattr sharing bug
See http://lists.debian.org/debian-kernel/2005/08/msg00238.html
.
* 179_net-ipv4-netfilter-ip_recent-last_pkts.diff
[Security] Fixes remote DoS when using ipt_recent on a 64 bit machine.
(See: #322237)
.
* 181_arch-x86_64-kernel-stack-faults.diff
[Security, x86_64] Disable exception stack for stack faults
See CAN-2005-1767
.
* 182_linux-zlib-fixes.diff
[Security] Fix security bugs in the Linux zlib implementations.
See CAN-2005-2458, CAN-2005-2459
From 2.6.12.5
http://sources.redhat.com/ml/bug-gnu-utils/1999-06/msg00183.html
http://bugs.gentoo.org/show_bug.cgi?id=94584
.
# Excluded from Security Update
# * zisofs.dpatch
# Check input buffer size in zisofs
# From 2.6.12.5
Files:
9f709ab218f6a0ce6e5886174f74c8cb 900 devel optional kernel-source-2.4.27_2.4.27-10sarge1.dsc
3b26bc94e734e3e9c7de8851e9e308b7 699494 devel optional kernel-source-2.4.27_2.4.27-10sarge1.diff.gz
2cfb0a84539c910e596abba17e7d8d48 650880 devel optional kernel-patch-debian-2.4.27_2.4.27-10sarge1_all.deb
3a2c82fcc546bee30fb522f28193f3e7 3577464 doc optional kernel-doc-2.4.27_2.4.27-10sarge1_all.deb
857f97955b1c7d145990f28581731fb7 31026166 devel optional kernel-source-2.4.27_2.4.27-10sarge1_all.deb
c346db9cb71c6e39328d49318a2f2ed4 24418 devel optional kernel-tree-2.4.27_2.4.27-10sarge1_all.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2 (GNU/Linux)
iD8DBQFDoOUFA8ACPgVBDpcRAqNkAJ0aj0eRUgtH4BqaEDsRSbte488iKwCcDi0Z
ccPuxUN3Emt1BqnY/GFzGpU=
=5XAz
-----END PGP SIGNATURE-----
Accepted:
kernel-doc-2.4.27_2.4.27-10sarge1_all.deb
to pool/main/k/kernel-source-2.4.27/kernel-doc-2.4.27_2.4.27-10sarge1_all.deb
kernel-patch-debian-2.4.27_2.4.27-10sarge1_all.deb
to pool/main/k/kernel-source-2.4.27/kernel-patch-debian-2.4.27_2.4.27-10sarge1_all.deb
kernel-source-2.4.27_2.4.27-10sarge1.diff.gz
to pool/main/k/kernel-source-2.4.27/kernel-source-2.4.27_2.4.27-10sarge1.diff.gz
kernel-source-2.4.27_2.4.27-10sarge1.dsc
to pool/main/k/kernel-source-2.4.27/kernel-source-2.4.27_2.4.27-10sarge1.dsc
kernel-source-2.4.27_2.4.27-10sarge1_all.deb
to pool/main/k/kernel-source-2.4.27/kernel-source-2.4.27_2.4.27-10sarge1_all.deb
kernel-tree-2.4.27_2.4.27-10sarge1_all.deb
to pool/main/k/kernel-source-2.4.27/kernel-tree-2.4.27_2.4.27-10sarge1_all.deb
Reply to: