Bug#272351: marked as done (2.2.25 has security issues, 2.2.26 available)

To: Martin Michlmayr <tbm@cyrius.com>
Cc: Debian kernel team <debian-kernel@lists.debian.org>
Subject: Bug#272351: marked as done (2.2.25 has security issues, 2.2.26 available)
From: owner@bugs.debian.org (Debian Bug Tracking System)
Date: Sun, 19 Sep 2004 15:03:05 -0700
Message-id: <[🔎] handler.272351.D272351.10956306945288.ackdone@bugs.debian.org>
In-reply-to: <20040919215034.GA23327@deprecation.cyrius.com>
References: <20040919215034.GA23327@deprecation.cyrius.com> <[🔎] 20040919142914.GB14654@deprecation.cyrius.com>

Your message dated Sun, 19 Sep 2004 22:50:34 +0100
with message-id <20040919215034.GA23327@deprecation.cyrius.com>
and subject line Bug#272351: 2.2.25 has security issues, 2.2.26 available
has caused the attached Bug report to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what I am
talking about this indicates a serious mail system misconfiguration
somewhere.  Please contact me immediately.)

Debian bug tracking system administrator
(administrator, Debian Bugs database)

--------------------------------------
Received: (at submit) by bugs.debian.org; 19 Sep 2004 14:30:15 +0000
>From tbm@cyrius.com Sun Sep 19 07:30:15 2004
Return-path: <tbm@cyrius.com>
Received: from sorrow.cyrius.com [65.19.161.204] 
	by spohr.debian.org with esmtp (Exim 3.35 1 (Debian))
	id 1C92hj-0007dK-00; Sun, 19 Sep 2004 07:30:15 -0700
Received: by sorrow.cyrius.com (Postfix, from userid 10)
	id D2D1F64D4B; Sun, 19 Sep 2004 14:30:13 +0000 (UTC)
Received: by deprecation.cyrius.com (Postfix, from userid 1000)
	id C6B79FF15; Sun, 19 Sep 2004 15:29:14 +0100 (BST)
Date: Sun, 19 Sep 2004 15:29:14 +0100
From: Martin Michlmayr <tbm@cyrius.com>
To: submit@bugs.debian.org
Subject: 2.2.25 has security issues, 2.2.26 available
Message-ID: <[🔎] 20040919142914.GB14654@deprecation.cyrius.com>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
User-Agent: Mutt/1.5.6+20040818i
Delivered-To: submit@bugs.debian.org
X-Spam-Checker-Version: SpamAssassin 2.60-bugs.debian.org_2004_03_25 
	(1.212-2003-09-23-exp) on spohr.debian.org
X-Spam-Status: No, hits=-8.0 required=4.0 tests=BAYES_00,HAS_PACKAGE 
	autolearn=no version=2.60-bugs.debian.org_2004_03_25
X-Spam-Level: 

Package: kernel-source-2.2.25
Severity: important
Tags: security

2.2.26 fixes some security issues.  I don't know how severe they are
so I'm filing this bug as 'important' but it may just as well be RC.

The 2.2.26 changelog from
http://www.kernel.org/pub/linux/kernel/v2.2/ChangeLog-2.2.26 is below:

2.2.26
------
o	CAN-2004-0077: behave safely in case of do_munmap()	(Solar Designer)
	  failures in mremap(2)
o	CAN-2003-0984: /dev/rtc can leak parts of kernel	(Solar Designer)
	  memory to unprivileged users (2.4 backport)
o	CAN-2003-0244: hashing exploits in network stack	(David S. Miller)
o	update_atime() performance improvement (2.4 backport)	(Solar Designer)
o	ability to swapoff after a device file might		(Solar Designer)
	  have been re-created
o	MAINTAINERS correction for Kernel 2.2 and 2.2 fixes	(me)
o	fixed some typos					(Solar Designer, me)

-- 
Martin Michlmayr
tbm@cyrius.com

---------------------------------------
Received: (at 272351-done) by bugs.debian.org; 19 Sep 2004 21:51:34 +0000
>From tbm@cyrius.com Sun Sep 19 14:51:34 2004
Return-path: <tbm@cyrius.com>
Received: from sorrow.cyrius.com [65.19.161.204] 
	by spohr.debian.org with esmtp (Exim 3.35 1 (Debian))
	id 1C99ao-0001N7-00; Sun, 19 Sep 2004 14:51:34 -0700
Received: by sorrow.cyrius.com (Postfix, from userid 10)
	id 0A5BE64D4C; Sun, 19 Sep 2004 21:51:31 +0000 (UTC)
Received: by deprecation.cyrius.com (Postfix, from userid 1000)
	id 7AA3AFF15; Sun, 19 Sep 2004 22:50:34 +0100 (BST)
Date: Sun, 19 Sep 2004 22:50:34 +0100
From: Martin Michlmayr <tbm@cyrius.com>
To: Herbert Xu <herbert@gondor.apana.org.au>
Cc: 272351-done@bugs.debian.org
Subject: Re: Bug#272351: 2.2.25 has security issues, 2.2.26 available
Message-ID: <20040919215034.GA23327@deprecation.cyrius.com>
References: <[🔎] 20040919142914.GB14654@deprecation.cyrius.com> <[🔎] E1C99Eu-0002S5-00@gondolin.me.apana.org.au>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <[🔎] E1C99Eu-0002S5-00@gondolin.me.apana.org.au>
User-Agent: Mutt/1.5.6+20040818i
Delivered-To: 272351-done@bugs.debian.org
X-Spam-Checker-Version: SpamAssassin 2.60-bugs.debian.org_2004_03_25 
	(1.212-2003-09-23-exp) on spohr.debian.org
X-Spam-Status: No, hits=-6.0 required=4.0 tests=BAYES_00,HAS_BUG_NUMBER 
	autolearn=no version=2.60-bugs.debian.org_2004_03_25
X-Spam-Level: 

* Herbert Xu <herbert@gondor.apana.org.au> [2004-09-20 07:28]:
> > 2.2.26 fixes some security issues.  I don't know how severe they are
> > so I'm filing this bug as 'important' but it may just as well be RC.
> 
> All of the security fixes in 2.2.26 are already in the Debian 2.2.25
> package.

Oh, I didn't check that - thanks for the note!
-- 
Martin Michlmayr
tbm@cyrius.com

Reply to:

References:
- Bug#272351: 2.2.25 has security issues, 2.2.26 available
  - From: Martin Michlmayr <tbm@cyrius.com>

Prev by Date: Re: 2.2 kernels and 2.2.26
Next by Date: Processed: fixed in -3
Previous by thread: Bug#272351: 2.2.25 has security issues, 2.2.26 available
Next by thread: Bug#271858: fixed in -3
Index(es):
- Date
- Thread