Accepted user-mode-linux 2.6.26-1um-2+26lenny2 (source amd64)

To: debian-changes@lists.debian.org
Subject: Accepted user-mode-linux 2.6.26-1um-2+26lenny2 (source amd64)
From: dann frazier <dannf@debian.org>
Date: Fri, 04 Feb 2011 01:59:40 +0000
Message-id: <[🔎] E1PlAxY-0001vn-PB@franck.debian.org>
Mail-followup-to: debian-devel@lists.debian.org
Reply-to: debian-devel@lists.debian.org

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Format: 1.8
Date: Sat, 29 Jan 2011 19:35:42 -0600
Source: user-mode-linux
Binary: user-mode-linux
Architecture: source amd64
Version: 2.6.26-1um-2+26lenny2
Distribution: stable-security
Urgency: high
Maintainer: User Mode Linux Maintainers <pkg-uml-pkgs@lists.alioth.debian.org>
Changed-By: dann frazier <dannf@debian.org>
Description: 
 user-mode-linux - User-mode Linux (kernel)
Changes: 
 user-mode-linux (2.6.26-1um-2+26lenny2) stable-security; urgency=high
 .
   * Rebuild against linux-source-2.6.26 (2.6.26-26lenny2):
     * filter: make sure filters dont read uninitialized memory (CVE-2010-4158)
     * bio: take care not overflow page count when mapping/copying user data
       (CVE-2010-4162)
     * block: check for proper length of iov entries in blk_rq_map_user_iov()
       (CVE-2010-4163)
     * bluetooth: Fix missing NULL check (CVE-2010-4242)
     * posix-cpu-timers: workaround to suppress the problems with mt exec
       (CVE-2010-4248)
     * KVM: VMX: fix vmx null pointer dereference on debug register access
       (CVE-2010-0435)
     * exec: make argv/envp memory visible to oom-killer (CVE-2010-4243)
     * af_unix: limit unix_tot_inflight (CVE-2010-4249)
     * do_exit(): make sure that we run with get_fs() == USER_DS (CVE-2010-4258)
     * econet: Disable auto-loading as mitigation against local exploits. This
       module has been shown to be broken, so this risk of this affecting
       real users is insignificant.
     * econet: Fix crash in aun_incoming() (CVE-2010-4342)
     * install_special_mapping skips security_file_mmap check (CVE-2010-4346)
     * CAN: Use inode instead of kernel address for /proc file (CVE-2010-4565)
     * IB/uverbs: Handle large number of entries in poll CQ (CVE-2010-4649)
     * block: check for proper length of iov entries earlier in
       blk_rq_map_user_iov() (CVE-2010-4668)
     * av7110: check for negative array offset (CVE-2011-0521)
     * usb: iowarrior: don't trust report_size for buffer size (CVE-2010-4656)
     * blkback/blktap/netback: Fix CVE-2010-3699
     * sctp: Fix a race between ICMP protocol unreachable and connect()
       (CVE-2010-4526)
     * sound: Prevent buffer overflow in OSS load_mixer_volumes (CVE-2010-4527)
     * irda: prevent integer underflow in IRLMP_ENUMDEVICES (CVE-2010-4529)
Checksums-Sha1: 
 8338033a60ebab65473fd8cbf849b313ad4f1c20 1921 user-mode-linux_2.6.26-1um-2+26lenny2.dsc
 d41d73b7b436eb1e9e98d4e63b959639d52dccdd 21165 user-mode-linux_2.6.26-1um-2+26lenny2.diff.gz
 5712b85fbdd15b20bbdcf045a82763b152fd42d0 5845972 user-mode-linux_2.6.26-1um-2+26lenny2_amd64.deb
Checksums-Sha256: 
 6cb74a64c5a20c35fb5d8e85cbf7d5ceed7703f9b58cbe566defad93729c8de8 1921 user-mode-linux_2.6.26-1um-2+26lenny2.dsc
 6b2aa7275a63ab25e2c1055feb317f801868883319405f81d5d06701a1e9fa44 21165 user-mode-linux_2.6.26-1um-2+26lenny2.diff.gz
 fd61ef6d3724be0dbb3d7cf73be703a2ccbebd227b11e34800f464f11be92f92 5845972 user-mode-linux_2.6.26-1um-2+26lenny2_amd64.deb
Files: 
 61e6ec6e9a0ee447102031507d5db2c9 1921 misc extra user-mode-linux_2.6.26-1um-2+26lenny2.dsc
 8528b529ae10ae656bd8f0f7a7cc7496 21165 misc extra user-mode-linux_2.6.26-1um-2+26lenny2.diff.gz
 bd41061b60c984a547628baa73cf2330 5845972 misc extra user-mode-linux_2.6.26-1um-2+26lenny2_amd64.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)

iQIcBAEBCAAGBQJNRPRPAAoJEBv4PF5U/IZA3bQP/jOB3a48oqhUTDl1k9jyJQqz
na5U+G/NibUISINTJafW2J/8DJfXc/OPDKrXs4zizlBSV7PeVNK8ot8ecXfJ4bUS
fArUfkE8NxPfabeICs2jzWeLRTi3vh2o0tuyiCPSdz/n+ymwfYFn3KbkDK+jaiIP
tJwscTsspD5r+mvCdReVCb8QXW9dM/GTzZUuyaD9ZI+mzprPEhSY3IbtWtGjI2Q8
B/65hMxO9l/6siOj7Vm7wKix+XS3IeOANZABYerla02jNCBmFXdqT7ldo9/jDBpU
Z08Q/lPQnjg38H3v0juL34ncePwwFLYE9MiUJ6IRkN9i4OXJqk8ib2FpaI+C59xm
lbJcNfxvIW7UiHuQedYrZ1M9VtILos3BQXjaSkf7gX5/FMPcuOCwrRhY0BmQTstL
vTgfzYtxq3uXKN030mVyLQm4WYi36G/vZvilBi30T3Cyyxb7nX0PYMqvFrV1bITk
dMBChhXw2jvlXPHF0AZngYuvEVpH+OOv19SrLcwpQD0AvSoCUy2B1Ic2VUSPcJvd
mH701zWw3kyMOQ2jFJxbGMsybu6GRljNp9flSaR+rYXQGKs2+zkE8f104Wye/pdi
Xwv7b5tPouO80FoLEkM+0k2OV1Xa0OnlYGjELHPZT7dUlfZJ2YMGTob+Oy+cA+by
Dbl9hxs9Yo17SbFv3lVD
=0btj
-----END PGP SIGNATURE-----


Accepted:
user-mode-linux_2.6.26-1um-2+26lenny2.diff.gz
  to main/u/user-mode-linux/user-mode-linux_2.6.26-1um-2+26lenny2.diff.gz
user-mode-linux_2.6.26-1um-2+26lenny2.dsc
  to main/u/user-mode-linux/user-mode-linux_2.6.26-1um-2+26lenny2.dsc
user-mode-linux_2.6.26-1um-2+26lenny2_amd64.deb
  to main/u/user-mode-linux/user-mode-linux_2.6.26-1um-2+26lenny2_amd64.deb

Reply to:

Prev by Date: Accepted postgresql-8.3 8.3.14-0lenny1 (source all amd64)
Next by Date: Accepted devscripts 2.10.69+squeeze1 (source i386)
Previous by thread: Accepted postgresql-8.3 8.3.14-0lenny1 (source all amd64)
Next by thread: Accepted devscripts 2.10.69+squeeze1 (source i386)
Index(es):
- Date
- Thread