Accepted fai-kernels 1.17+etch4 (source i386)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.7
Date: Wed, 15 Aug 2007 17:06:20 -0600
Source: fai-kernels
Binary: fai-kernels
Architecture: source i386
Version: 1.17+etch4
Distribution: stable-security
Urgency: high
Maintainer: Holger Levsen <holger@debian.org>
Changed-By: dann frazier <dannf@debian.org>
Description:
fai-kernels - special kernels for FAI (Fully Automatic Installation)
Changes:
fai-kernels (1.17+etch4) stable-security; urgency=high
.
* NMU by the Security Team
* Rebuild against linux-source-2.6.18 (2.6.18.dfsg.1-13etch1):
* Update abi reference files for ABI 5
* bugfix/bluetooth-l2cap-hci-info-leaks.patch
[SECURITY] Fix information leaks in setsockopt() implementations
See CVE-2007-1353
* bugfix/usblcd-limit-memory-consumption.patch
[SECURITY] limit memory consumption during write in the usblcd driver
See CVE-2007-3513
* bugfix/pppoe-socket-release-mem-leak.patch
[SECURITY] fix unpriveleged memory leak when a PPPoE socket is released
after connect but before PPPIOCGCHAN ioctl is called upon it
See CVE-2007-2525
* bugfix/nf_conntrack_h323-bounds-checking.patch
[SECURITY] nf_conntrack_h323: add checking of out-of-range on choices'
index values
See CVE-2007-3642
* bugfix/dn_fib-out-of-bounds.patch
[SECURITY] Fix out of bounds condition in dn_fib_props[]
See CVE-2007-2172
* bugfix/random-fix-seeding-with-zero-entropy.patch
bugfix/random-fix-error-in-entropy-extraction.patch
[SECURITY] Avoid seeding with the same values at boot time when a
system has no entropy source and fix a casting error in entropy
extraction that resulted in slightly less random numbers.
See CVE-2007-2453
* bugfix/nf_conntrack_sctp-null-deref.patch
[SECURITY] Fix remotely triggerable NULL pointer dereference
by sending an unknown chunk type.
See CVE-2007-2876
* bugfix/i965-secure-batchbuffer.patch
[SECURITY] Fix i965 secured batchbuffer usage
See CVE-2007-3851
* bugfix/reset-pdeathsig-on-suid.patch
[SECURITY] Fix potential privilege escalation caused by improper
clearing of the child process' pdeath signal.
Thanks to Marcel Holtmann for the patch.
See CVE-2007-3848
Files:
9a52e923d40532efcaf60f0048cb8bae 711 admin extra fai-kernels_1.17+etch4.dsc
83214996352214796bbf6c54042b7b0b 53600 admin extra fai-kernels_1.17+etch4.tar.gz
6f5d247feb6ecd8a1e8c8f76c0a54708 5500032 admin extra fai-kernels_1.17+etch4_i386.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
iD8DBQFGw5H0huANDBmkLRkRAut3AJsFcoKHTNi3Jx7MkE6StkUOK5qUJwCaAhO6
yplkE7mAspK1NzEFlfhE9k0=
=dM5b
-----END PGP SIGNATURE-----
Accepted:
fai-kernels_1.17+etch4.dsc
to pool/main/f/fai-kernels/fai-kernels_1.17+etch4.dsc
fai-kernels_1.17+etch4.tar.gz
to pool/main/f/fai-kernels/fai-kernels_1.17+etch4.tar.gz
fai-kernels_1.17+etch4_i386.deb
to pool/main/f/fai-kernels/fai-kernels_1.17+etch4_i386.deb
Reply to: