Accepted user-mode-linux 2.6.18-1um-2etch.24etch2 (source i386)

To: debian-changes@lists.debian.org
Subject: Accepted user-mode-linux 2.6.18-1um-2etch.24etch2 (source i386)
From: dann frazier <dannf@debian.org>
Date: Mon, 11 May 2009 19:54:15 +0000
Message-id: <[🔎] E1M3bZn-0005Ge-Ro@ries.debian.org>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.7
Date: Wed, 06 May 2009 16:19:13 -0600
Source: user-mode-linux
Binary: user-mode-linux
Architecture: source i386
Version: 2.6.18-1um-2etch.24etch2
Distribution: oldstable-security
Urgency: high
Maintainer: User Mode Linux Maintainers <pkg-uml-pkgs@lists.alioth.debian.org>
Changed-By: dann frazier <dannf@debian.org>
Description: 
 user-mode-linux - User-mode Linux (kernel)
Changes: 
 user-mode-linux (2.6.18-1um-2etch.24etch2) oldstable-security; urgency=high
 .
   * Rebuild against linux-source-2.6.18_2.6.18.dfsg.1-24etch2:
     * Fix buffer underflow in the ib700wdt watchdog driver:
      - bugfix/all/watchdog-ib700wdt-buffer_underflow.patch
     See CVE-2008-5702
     * nfs: Fix fcntl/close race
        - bugfix/all/nfs-remove-buggy-lock-if-signalled-case.patch
       See CVE-2008-4307
     * sctp: fix memory overflow
        - bugfix/all/sctp-avoid-memory-overflow.patch
       See CVE-2009-0065
     * Fix sign-extend ABI issue w/ system calls on various 64-bit architectures
        - bugfix/all/CVE-2009-0029/*
       See CVE-2009-0029
     * security: introduce missing kfree
        - bugfix/all/security-keyctl-missing-kfree.patch
       See CVE-2009-0031
     * dell_rbu: use scnprintf instead of less secure sprintf
        - bugfix/all/dell_rbu-use-scnprintf-instead-of-sprintf.patch
       See CVE-2009-0322
     * [hppa] Fix system crash while unwinding a userspace process
        - bugfix/hppa/userspace-unwind-crash.patch
       See CVE-2008-5395
     * NET: Add preemption point in qdisc_run
        - bugfix/all/net-add-preempt-point-in-qdisc_run.patch
       See CVE-2008-5713
     * [mips] Fix potential DOS by untrusted user app
        - bugfix/mips/fix-potential-dos.patch
       See CVE-2008-5701
     * Fix sensitive memory leak in SO_BSDCOMPAT gsopt
        - bugfix/all/net-SO_BSDCOMPAT-leak.patch
        - bugfix/all/net-SO_BSDCOMPAT-leak-2.patch
       See CVE-2009-0676
     * skfp: Fix inverted capabilities check logic
        - bugfix/all/skfp-fix-inverted-cap-logic.patch
       See CVE-2009-0675
     * [amd64] syscall-audit: fix 32/64 syscall hole
        - bugfix/syscall-audit-fix-32+64-syscall-hole.patch
       See CVE-2009-0834
     * shm: fix shmctl(SHM_INFO) lockup with !CONFIG_SHMEM
       This issue does not effect pre-build Debian kernels.
        - bugfix/all/shm-fix-shmctl-SHM_INFO-lockup-without-CONFIG_SHMEM.patch
       See CVE-2009-0859
     * copy_process: fix CLONE_PARENT && parent_exec_id interaction
        - bugfix/all/copy_process-fix-CLONE_PARENT-and-parent_exec_id-interaction.patch
       See CVE-2009-0028
     * af_rose/x25: Sanity check the maximum user frame size
        - bugfix/all/af_rose+x25-sanity-check-the-max-user-frame-size.patch
       See CVE-2009-1265
     * NFS: fix an oops in encode_lookup()
        - bugfix/all/nfs-fix-oops-in-encode_lookup.patch
       See CVE-2009-1336
     * exit_notify: kill the wrong capable(CAP_KILL) check
        - bugfix/all/exit_notify-kill-wrong-CAP_KILL-check.patch
       See CVE-2009-1337
     * agp: zero pages before sending to userspace
        - bugfix/all/agp-zero-pages-before-sending-to-userspace.patch
       See CVE-2009-1192
     * cifs: Fix memory overwrite when saving nativeFileSystem field during mount
        - bugfix/all/cifs-fix-memory-overwrite-when-saving-nativeFileSystem-field-during-mount.patch
        - bugfix/all/cifs-fix-buffer-size-for-tcon-nativeFileSystem-field.patch
        - bugfix/all/cifs-remove-unneeded-bcc_ptr-update-in-CIFSTCon.patch
       See CVE-2009-1439
     * Fix mips FTBFS due to a missed rename of the mips-specific
       sys_pipe symbol.
Files: 
 68d98e1c77c46035a49ff30831b6dde9 892 misc extra user-mode-linux_2.6.18-1um-2etch.24etch2.dsc
 9fe6e2b6513767676fb005a00cbb71f6 20663 misc extra user-mode-linux_2.6.18-1um-2etch.24etch2.diff.gz
 a43ee679786a92ff8600c6a8e7fb036c 25602218 misc extra user-mode-linux_2.6.18-1um-2etch.24etch2_i386.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)

iD8DBQFKAhbDhuANDBmkLRkRAvAeAJ410ehKxwxJvzN7xtnngWyuRwcsagCffUSW
3+ETuyZcu+ABX087NDx7j/Q=
=EdGC
-----END PGP SIGNATURE-----


Accepted:
user-mode-linux_2.6.18-1um-2etch.24etch2.diff.gz
  to pool/main/u/user-mode-linux/user-mode-linux_2.6.18-1um-2etch.24etch2.diff.gz
user-mode-linux_2.6.18-1um-2etch.24etch2.dsc
  to pool/main/u/user-mode-linux/user-mode-linux_2.6.18-1um-2etch.24etch2.dsc
user-mode-linux_2.6.18-1um-2etch.24etch2_i386.deb
  to pool/main/u/user-mode-linux/user-mode-linux_2.6.18-1um-2etch.24etch2_i386.deb

Reply to:

Prev by Date: Accepted linux-2.6 2.6.18.dfsg.1-24etch1 (source i386 all)
Next by Date: Accepted fai-kernels 1.17+etch.24etch2 (source amd64)
Previous by thread: Accepted linux-2.6 2.6.18.dfsg.1-24etch1 (source i386 all)
Next by thread: Accepted fai-kernels 1.17+etch.24etch2 (source amd64)
Index(es):
- Date
- Thread