[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Accepted user-mode-linux 2.6.18-1um-2etch.23etch1 (source i386)



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.7
Date: Sun, 14 Dec 2008 16:23:32 -0700
Source: user-mode-linux
Binary: user-mode-linux
Architecture: source i386
Version: 2.6.18-1um-2etch.23etch1
Distribution: stable-security
Urgency: high
Maintainer: User Mode Linux Maintainers <pkg-uml-pkgs@lists.alioth.debian.org>
Changed-By: dann frazier <dannf@debian.org>
Description: 
 user-mode-linux - User-mode Linux (kernel)
Changes: 
 user-mode-linux (2.6.18-1um-2etch.23etch1) stable-security; urgency=high
 .
   * Rebuild against linux-source-2.6.18_2.6.18.dfsg.1-23etch1:
     * Fix missing boundary checks in syscall/syscall32_nopage():
        - bugfix/add-install_special_mapping.patch
        - bugfix/i386-vdso-use_install_special_mapping.patch
        - bugfix/x86_64-ia32-vDSO-use-install_special_mapping.patch
        - features/all/xen/vdso-use_install_special_mapping.patch
       See CVE-2008-3527
     * Modify feature patches to apply on top of the fixes for
       CVE-2008-3527:
        - features/all/vserver/vs2.0.2.2-rc9.patch
        - features/all/xen/fedora-2.6.18-36186.patch
        - features/all/xen/vserver-update.patch
     * Don't allow splicing to files opened with O_APPEND:
        - bugfix/dont-allow-splice-to-files-opened-with-O_APPEND.patch
       See CVE-2008-4554
     * Avoid printk floods when reading corrupted ext[2,3] directories
        - bugfix/ext2-avoid-corrupted-directory-printk-floods.patch
        - bugfix/ext3-avoid-corrupted-directory-printk-floods.patch
       See CVE-2008-3528
     * Fix oops in SCTP
        - bugfix/sctp-fix-oops-when-INIT-ACK-indicates-that-peer-doesnt-support-AUTH.patch
       See CVE-2008-4576
     * Fix buffer overflow in hfsplus
        - bugfix/hfsplus-fix-Buffer-overflow-with-a-corrupted-image.patch
       See CVE-2008-4933
     * Fix BUG() in hfsplus
        - bugfix/hfsplus-check_read_mapping_page-return-value.patch
       See CVE-2008-4934
     * Fix stack corruption in hfs
        - bugfix/hfs-fix-namelength-memory-corruption.patch
       See CVE-2008-5025
     * Fix recursive descent in __scm_destroy
        - bugfix/af_unix-fix-garbage-collector-races.patch
        - bugfix/af_unix-convert-socks-to-unix_socks.patch
        - bugfix/net-unix-fix-inflight-counting-bug-in-garbage-collector.patch
        - bugfix/net-fix-recursive-descent-in-__scm_destroy.patch
       See CVE-2008-5029
     * Make sendmsg() block during UNIX garbage collection:
        - bugfix/net-unix-gc-fix-soft-lockups-oom-issues.patch
       See CVE-2008-5300
     * Fix DoS when calling svc_listen twice on the same socket while reading
       /proc/net/atm/*vc:
        - bugfix/atm-duplicate-listen-on-socket-corrupts-the-vcc-table.patch
       See CVE-2008-5079
     * Fix race conditions between inotify removal and umount
        - bugfix/inotify-watch-removal-umount-races.patch
       See CVE-2008-5182
Files: 
 c7b86a1845bc273e6a7f0471e0555e58 892 misc extra user-mode-linux_2.6.18-1um-2etch.23etch1.dsc
 f0384a843ffc8952cbff2e25fe627a6b 19360 misc extra user-mode-linux_2.6.18-1um-2etch.23etch1.diff.gz
 8edf459235cf919e70db35db6e18a81c 25602042 misc extra user-mode-linux_2.6.18-1um-2etch.23etch1_i386.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)

iD8DBQFJRsEOhuANDBmkLRkRAqQJAJ0VZWCDjBY55gGb0PNo1PrkMFhYEQCdE9/d
Bb7+eKvR07lCQyziFgilAHs=
=hp1N
-----END PGP SIGNATURE-----


Accepted:
user-mode-linux_2.6.18-1um-2etch.23etch1.diff.gz
  to pool/main/u/user-mode-linux/user-mode-linux_2.6.18-1um-2etch.23etch1.diff.gz
user-mode-linux_2.6.18-1um-2etch.23etch1.dsc
  to pool/main/u/user-mode-linux/user-mode-linux_2.6.18-1um-2etch.23etch1.dsc
user-mode-linux_2.6.18-1um-2etch.23etch1_i386.deb
  to pool/main/u/user-mode-linux/user-mode-linux_2.6.18-1um-2etch.23etch1_i386.deb


Reply to: