Accepted user-mode-linux 2.6.18-1um-2etch.23etch1 (source i386)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.7
Date: Sun, 14 Dec 2008 16:23:32 -0700
Source: user-mode-linux
Binary: user-mode-linux
Architecture: source i386
Version: 2.6.18-1um-2etch.23etch1
Distribution: stable-security
Urgency: high
Maintainer: User Mode Linux Maintainers <pkg-uml-pkgs@lists.alioth.debian.org>
Changed-By: dann frazier <dannf@debian.org>
Description:
user-mode-linux - User-mode Linux (kernel)
Changes:
user-mode-linux (2.6.18-1um-2etch.23etch1) stable-security; urgency=high
.
* Rebuild against linux-source-2.6.18_2.6.18.dfsg.1-23etch1:
* Fix missing boundary checks in syscall/syscall32_nopage():
- bugfix/add-install_special_mapping.patch
- bugfix/i386-vdso-use_install_special_mapping.patch
- bugfix/x86_64-ia32-vDSO-use-install_special_mapping.patch
- features/all/xen/vdso-use_install_special_mapping.patch
See CVE-2008-3527
* Modify feature patches to apply on top of the fixes for
CVE-2008-3527:
- features/all/vserver/vs2.0.2.2-rc9.patch
- features/all/xen/fedora-2.6.18-36186.patch
- features/all/xen/vserver-update.patch
* Don't allow splicing to files opened with O_APPEND:
- bugfix/dont-allow-splice-to-files-opened-with-O_APPEND.patch
See CVE-2008-4554
* Avoid printk floods when reading corrupted ext[2,3] directories
- bugfix/ext2-avoid-corrupted-directory-printk-floods.patch
- bugfix/ext3-avoid-corrupted-directory-printk-floods.patch
See CVE-2008-3528
* Fix oops in SCTP
- bugfix/sctp-fix-oops-when-INIT-ACK-indicates-that-peer-doesnt-support-AUTH.patch
See CVE-2008-4576
* Fix buffer overflow in hfsplus
- bugfix/hfsplus-fix-Buffer-overflow-with-a-corrupted-image.patch
See CVE-2008-4933
* Fix BUG() in hfsplus
- bugfix/hfsplus-check_read_mapping_page-return-value.patch
See CVE-2008-4934
* Fix stack corruption in hfs
- bugfix/hfs-fix-namelength-memory-corruption.patch
See CVE-2008-5025
* Fix recursive descent in __scm_destroy
- bugfix/af_unix-fix-garbage-collector-races.patch
- bugfix/af_unix-convert-socks-to-unix_socks.patch
- bugfix/net-unix-fix-inflight-counting-bug-in-garbage-collector.patch
- bugfix/net-fix-recursive-descent-in-__scm_destroy.patch
See CVE-2008-5029
* Make sendmsg() block during UNIX garbage collection:
- bugfix/net-unix-gc-fix-soft-lockups-oom-issues.patch
See CVE-2008-5300
* Fix DoS when calling svc_listen twice on the same socket while reading
/proc/net/atm/*vc:
- bugfix/atm-duplicate-listen-on-socket-corrupts-the-vcc-table.patch
See CVE-2008-5079
* Fix race conditions between inotify removal and umount
- bugfix/inotify-watch-removal-umount-races.patch
See CVE-2008-5182
Files:
c7b86a1845bc273e6a7f0471e0555e58 892 misc extra user-mode-linux_2.6.18-1um-2etch.23etch1.dsc
f0384a843ffc8952cbff2e25fe627a6b 19360 misc extra user-mode-linux_2.6.18-1um-2etch.23etch1.diff.gz
8edf459235cf919e70db35db6e18a81c 25602042 misc extra user-mode-linux_2.6.18-1um-2etch.23etch1_i386.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
iD8DBQFJRsEOhuANDBmkLRkRAqQJAJ0VZWCDjBY55gGb0PNo1PrkMFhYEQCdE9/d
Bb7+eKvR07lCQyziFgilAHs=
=hp1N
-----END PGP SIGNATURE-----
Accepted:
user-mode-linux_2.6.18-1um-2etch.23etch1.diff.gz
to pool/main/u/user-mode-linux/user-mode-linux_2.6.18-1um-2etch.23etch1.diff.gz
user-mode-linux_2.6.18-1um-2etch.23etch1.dsc
to pool/main/u/user-mode-linux/user-mode-linux_2.6.18-1um-2etch.23etch1.dsc
user-mode-linux_2.6.18-1um-2etch.23etch1_i386.deb
to pool/main/u/user-mode-linux/user-mode-linux_2.6.18-1um-2etch.23etch1_i386.deb
Reply to: