Accepted kernel-image-2.4.27-alpha 2.4.27-10sarge6 (source alpha)

[dann frazier <dannf@debian.org>]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.7
Date: Sun, 17 Feb 2008 23:39:08 -0700
Source: kernel-image-2.4.27-alpha
Binary: kernel-headers-2.4.27-4-smp kernel-image-2.4.27-4-smp kernel-image-2.4.27-4-generic kernel-headers-2.4.27-4-generic kernel-headers-2.4.27-4 kernel-build-2.4.27-4
Architecture: source alpha
Version: 2.4.27-10sarge6
Distribution: oldstable-security
Urgency: high
Maintainer: Debian Kernel Team <debian-kernel@lists.debian.org>
Changed-By: dann frazier <dannf@debian.org>
Description: 
 kernel-build-2.4.27-4 - Headers for building modules for Linux 2.4.27
 kernel-headers-2.4.27-4 - Header files related to Linux kernel version 2.4.27
 kernel-headers-2.4.27-4-generic - Linux kernel headers 2.4.27 on Alpha
 kernel-headers-2.4.27-4-smp - Linux kernel headers 2.4.27 on Alpha SMP
 kernel-image-2.4.27-4-generic - Linux kernel image for version 2.4.27 on Alpha.
 kernel-image-2.4.27-4-smp - Linux kernel image for version 2.4.27 on Alpha SMP.
Changes: 
 kernel-image-2.4.27-alpha (2.4.27-10sarge6) oldstable-security; urgency=high
 .
   * Build against kernel-tree-2.4.27-10sarge6:
     * 239_mincore-hang.diff
       [SECURITY] Fix a potential deadlock in mincore
       See CVE-2006-4814
     * [ERRATA] 240_smbfs-honor-mount-opts-2.diff
       Fix some regressions with respect to file types (e.g., symlinks)
       introduced by the fix for CVE-2006-5871 in 2.4.27-10sarge5
     * 241_bluetooth-capi-size-checks.diff
       [SECURITY] Add additional length checks to avoid potential remote
       DoS attacks in the handling of CAPI messages in the bluetooth driver
       See CVE-2006-6106
     * 242_ext3-fsfuzz.diff
       [SECURITY] Fix a DoS vulnerability that can be triggered by a local
       user with the ability to mount a corrupted ext3 filesystem
       See CVE-2006-6053
     * 243_ipv6_fl_socklist-no-share.diff
       [SECURITY] Fix local DoS vulnerability caused by inadvertently sharing
       ipv6_fl_socklist between the listening socket and the socket created
       for connection.
       See CVE-2007-1592
     * 244_bluetooth-l2cap-hci-info-leaks.diff
       245_bluetooth-l2cap-hci-info-leaks-2.diff
       [SECURITY] Fix information leaks in setsockopt() implementations
       See CVE-2007-1353
     * 246_dn_fib-out-of-bounds.diff
       266_ipv4-fib_props-out-of-bounds.diff
       267_ipv4-fib_props-out-of-bounds-2.diff
       [SECURITY] Fix out of bounds condition in dn_fib_props[]
       See CVE-2007-2172
     * 247_reset-pdeathsig-on-suid.diff
       [SECURITY] Fix potential privilege escalation caused by improper
       clearing of the child process' pdeath signal.
       Thanks to Marcel Holtmann for the patch.
       See CVE-2007-3848
     * 248_random-reseed-sizeof-fix.diff
       [SECURITY] Fix a bug in the random driver reseeding code that reduces
       entropy by reseeding a smaller buffer size than expected
       See CVE-2007-4311
     * 249_openpromfs-signedness-bug.diff
       250_openpromfs-checks-1.diff
       251_openpromfs-checks-2.diff
       252_openpromfs-checks-3.diff
       [SECURITY] Fix a number of data checks in openprom code
       See CVE-2004-2731
     * 253_coredump-only-to-same-uid.diff
       [SECURITY] Fix an issue where core dumping over a file that
       already exists retains the ownership of the original file
       See CVE-2007-6206
     * 254_cramfs-check-block-length.diff
       [SECURITY] Add a sanity check of the block length in cramfs_readpage to
       avoid a potential oops condition
       See CVE-2006-5823
     * 255_pppoe-socket-release-mem-leak.diff
       [SECURITY] fix unpriveleged memory leak when a PPPoE socket is released
       after connect but before PPPIOCGCHAN ioctl is called upon it
       See CVE-2007-2525
     * 256_i4l-isdn_ioctl-mem-overrun.diff
       [SECURITY] Fix potential isdn ioctl memory overrun
       See CVE-2007-6151
     * 257_isdn-net-overflow.diff
       [SECURITY] Fix potential overflows in the ISDN subsystem
       See CVE-2007-6063
     * 258_ext2_readdir-f_pos-fix.diff,
       259_ext2_readdir-infinite-loop.diff,
       260_ext2-skip-pages-past-num-blocks.diff
       [SECURITY] Add some sanity checking for a corrupted i_size in
       ext2_find_entry()
       See CVE-2006-6054
     * 261_listxattr-mem-corruption.diff
       [SECURITY] Fix userspace corruption vulnerability caused by
       incorrectly promoted return values in bad_inode_ops
       This patches changes the kernel ABI.
       See CVE-2006-5753
     * 262_aacraid-ioctl-perm-check.diff
       [SECURITY] Require admin capabilities to issue ioctls to aacraid devices
       See CVE-2007-4308
     * 263_usb-pwc-disconnect-block.diff
       [SECURITY] Fix issue with unplugging webcams that use the pwc driver.
       If userspace still has the device open it can result, the driver would
       wait for the device to close, blocking the USB subsystem.
       See CVE-2007-5093
     * 264_mmap-VM_DONTEXPAND.diff
       [SECURITY] Add VM_DONTEXPAND to vm_flags in drivers that register
       a fault handler but do not bounds check the offset argument
       See CVE-2008-0007
     * 265_powerpc-chrp-null-deref.diff
       [SECURITY][powerpc] Fix NULL pointer dereference if get_property
       fails on the subarchitecture
       See CVE-2007-6694
   * ABI changing update, increment ABI number to 4. If you don't understand
     what this means, see http://wiki.debian.org/DebianKernelABIChanges
Files: 
 8562d7488f7cb95d205bf76fe110f6c1 831 devel optional kernel-image-2.4.27-alpha_2.4.27-10sarge6.dsc
 94e6565cd478f866a0f079b8d5de5b1e 33837 devel optional kernel-image-2.4.27-alpha_2.4.27-10sarge6.tar.gz
 e46f99205e2b499dabf3e13b6778d776 4649894 devel optional kernel-headers-2.4.27-4_2.4.27-10sarge6_alpha.deb
 f7a91380e5f5a795a4eccfcff273a2b1 277016 devel optional kernel-headers-2.4.27-4-smp_2.4.27-10sarge6_alpha.deb
 3644d797f1b4f4fe17810fc128ecfef2 16991940 base optional kernel-image-2.4.27-4-smp_2.4.27-10sarge6_alpha.deb
 ac124d1aef568fc04144cfde499ba818 275104 devel optional kernel-headers-2.4.27-4-generic_2.4.27-10sarge6_alpha.deb
 250c932f3b2048587f8dc8e41ab26926 16537164 base optional kernel-image-2.4.27-4-generic_2.4.27-10sarge6_alpha.deb
 818db9ca2e9411bd9395956f8a466850 9536 devel optional kernel-build-2.4.27-4_2.4.27-10sarge6_alpha.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)

iD4DBQFHvNCShuANDBmkLRkRAsTNAJjFPXJFFA1AwL3FtzsPVorS7guSAKCLPrZN
OlxeZqxfZivbKveZM9Au5Q==
=MH29
-----END PGP SIGNATURE-----


Accepted:
kernel-build-2.4.27-4_2.4.27-10sarge6_alpha.deb
  to pool/main/k/kernel-image-2.4.27-alpha/kernel-build-2.4.27-4_2.4.27-10sarge6_alpha.deb
kernel-headers-2.4.27-4-generic_2.4.27-10sarge6_alpha.deb
  to pool/main/k/kernel-image-2.4.27-alpha/kernel-headers-2.4.27-4-generic_2.4.27-10sarge6_alpha.deb
kernel-headers-2.4.27-4-smp_2.4.27-10sarge6_alpha.deb
  to pool/main/k/kernel-image-2.4.27-alpha/kernel-headers-2.4.27-4-smp_2.4.27-10sarge6_alpha.deb
kernel-headers-2.4.27-4_2.4.27-10sarge6_alpha.deb
  to pool/main/k/kernel-image-2.4.27-alpha/kernel-headers-2.4.27-4_2.4.27-10sarge6_alpha.deb
kernel-image-2.4.27-4-generic_2.4.27-10sarge6_alpha.deb
  to pool/main/k/kernel-image-2.4.27-alpha/kernel-image-2.4.27-4-generic_2.4.27-10sarge6_alpha.deb
kernel-image-2.4.27-4-smp_2.4.27-10sarge6_alpha.deb
  to pool/main/k/kernel-image-2.4.27-alpha/kernel-image-2.4.27-4-smp_2.4.27-10sarge6_alpha.deb
kernel-image-2.4.27-alpha_2.4.27-10sarge6.dsc
  to pool/main/k/kernel-image-2.4.27-alpha/kernel-image-2.4.27-alpha_2.4.27-10sarge6.dsc
kernel-image-2.4.27-alpha_2.4.27-10sarge6.tar.gz
  to pool/main/k/kernel-image-2.4.27-alpha/kernel-image-2.4.27-alpha_2.4.27-10sarge6.tar.gz