Bug#301799: marked as done (use 4 level digits for stable kernels)
Your message dated Thu, 19 May 2005 07:17:45 -0400
with message-id <E1DYj29-0001y5-00@newraff.debian.org>
and subject line Bug#301799: fixed in kernel-source-2.6.8 2.6.8-16
has caused the attached Bug report to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what I am
talking about this indicates a serious mail system misconfiguration
somewhere. Please contact me immediately.)
Debian bug tracking system administrator
(administrator, Debian Bugs database)
--------------------------------------
Received: (at submit) by bugs.debian.org; 28 Mar 2005 13:10:23 +0000
>From hmh@debian.org Mon Mar 28 05:10:23 2005
Return-path: <hmh@debian.org>
Received: from master.debian.org [146.82.138.7]
by spohr.debian.org with esmtp (Exim 3.35 1 (Debian))
id 1DFu0d-0003nd-00; Mon, 28 Mar 2005 05:10:23 -0800
Received: from rcm-200-220-132-60.nipnet.net.br (khazad-dum.debian.net) [200.220.132.60]
by master.debian.org with esmtp (Exim 3.35 1 (Debian))
id 1DFu0c-0006k5-00; Mon, 28 Mar 2005 07:10:22 -0600
Received: from localhost (localhost [127.0.0.1])
by localhost.khazad-dum.debian.net (Postfix) with ESMTP id A3EDE208BCC;
Mon, 28 Mar 2005 10:10:21 -0300 (BRT)
Received: from khazad-dum.debian.net ([127.0.0.1])
by localhost (khazad-dum [127.0.0.1]) (amavisd-new, port 10024)
with LMTP id 22567-06-2; Mon, 28 Mar 2005 10:10:21 -0300 (BRT)
Received: by khazad-dum.debian.net (Postfix, from userid 1000)
id F2983200290; Mon, 28 Mar 2005 10:10:20 -0300 (BRT)
Date: Mon, 28 Mar 2005 10:10:20 -0300
From: Henrique de Moraes Holschuh <hmh@debian.org>
To: Debian Bug Tracking System <submit@bugs.debian.org>
Subject: kernel-tree-2.6.11: new upstream source available: 2.6.11.6
Message-ID: <20050328131020.GA14336@khazad-dum.debian.net>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
X-Reportbug-Version: 3.9
X-GPG-Fingerprint: 1024D/1CDB0FE3 5422 5C61 F6B7 06FB 7E04 3738 EE25 DE3F 1CDB 0FE3
User-Agent: Mutt/1.5.8i
X-Virus-Scanned: by amavisd-new-20030616-p10 (Debian) at khazad-dum.debian.net
Delivered-To: submit@bugs.debian.org
X-Spam-Checker-Version: SpamAssassin 2.60-bugs.debian.org_2005_01_02
(1.212-2003-09-23-exp) on spohr.debian.org
X-Spam-Status: No, hits=-8.0 required=4.0 tests=BAYES_00,HAS_PACKAGE
autolearn=no version=2.60-bugs.debian.org_2005_01_02
X-Spam-Level:
Package: kernel-tree-2.6.11
Version: 2.6.11-1
Severity: grave
Tags: security
Justification: user security hole
As usual. I feel weird filling what used to be a wishlist-level report as
grave, but...
Summary of changes from v2.6.11.5 to v2.6.11.6
==============================================
Chris Wright:
o isofs: more defensive checks against corrupt isofs images
o Linux 2.6.11.6
Herbert Xu:
o Potential DOS in load_elf_library
Linus Torvalds:
o isofs: Handle corupted rock-ridge info slightly better
o isofs: more "corrupted iso image" error cases
Marcel Holtmann:
o Fix signedness problem at socket creation
Mathieu Lafon:
o Suspected information leak (mem pages) in ext2
-- System Information:
Debian Release: 3.1
APT prefers unstable
APT policy: (990, 'unstable')
Architecture: i386 (i686)
Kernel: Linux 2.6.10-debian6+libata9dev1+bluesmoke
Locale: LANG=pt_BR.ISO-8859-1, LC_CTYPE=pt_BR.ISO-8859-1 (charmap=ISO-8859-1)
Versions of packages kernel-tree-2.6.11 depends on:
ii kernel-patch-debian-2.6.11 2.6.11-1 Debian patches to Linux 2.6.11
ii kernel-source-2.6.11 2.6.11-1 Linux kernel source for version 2.
-- no debconf information
--
"One disk to rule them all, One disk to find them. One disk to bring
them all and in the darkness grind them. In the Land of Redmond
where the shadows lie." -- The Silicon Valley Tarot
Henrique Holschuh
---------------------------------------
Received: (at 301799-close) by bugs.debian.org; 19 May 2005 11:22:47 +0000
>From katie@ftp-master.debian.org Thu May 19 04:22:47 2005
Return-path: <katie@ftp-master.debian.org>
Received: from newraff.debian.org [208.185.25.31] (mail)
by spohr.debian.org with esmtp (Exim 3.35 1 (Debian))
id 1DYj71-000885-00; Thu, 19 May 2005 04:22:47 -0700
Received: from katie by newraff.debian.org with local (Exim 3.35 1 (Debian))
id 1DYj29-0001y5-00; Thu, 19 May 2005 07:17:45 -0400
From: Simon Horman <horms@debian.org>
To: 301799-close@bugs.debian.org
X-Katie: $Revision: 1.55 $
Subject: Bug#301799: fixed in kernel-source-2.6.8 2.6.8-16
Message-Id: <E1DYj29-0001y5-00@newraff.debian.org>
Sender: Archive Administrator <katie@ftp-master.debian.org>
Date: Thu, 19 May 2005 07:17:45 -0400
Delivered-To: 301799-close@bugs.debian.org
X-Spam-Checker-Version: SpamAssassin 2.60-bugs.debian.org_2005_01_02
(1.212-2003-09-23-exp) on spohr.debian.org
X-Spam-Status: No, hits=-6.0 required=4.0 tests=BAYES_00,HAS_BUG_NUMBER
autolearn=no version=2.60-bugs.debian.org_2005_01_02
X-Spam-Level:
X-CrossAssassin-Score: 10
Source: kernel-source-2.6.8
Source-Version: 2.6.8-16
We believe that the bug you reported is fixed in the latest version of
kernel-source-2.6.8, which is due to be installed in the Debian FTP archive:
kernel-doc-2.6.8_2.6.8-16_all.deb
to pool/main/k/kernel-source-2.6.8/kernel-doc-2.6.8_2.6.8-16_all.deb
kernel-patch-debian-2.6.8_2.6.8-16_all.deb
to pool/main/k/kernel-source-2.6.8/kernel-patch-debian-2.6.8_2.6.8-16_all.deb
kernel-source-2.6.8_2.6.8-16.diff.gz
to pool/main/k/kernel-source-2.6.8/kernel-source-2.6.8_2.6.8-16.diff.gz
kernel-source-2.6.8_2.6.8-16.dsc
to pool/main/k/kernel-source-2.6.8/kernel-source-2.6.8_2.6.8-16.dsc
kernel-source-2.6.8_2.6.8-16_all.deb
to pool/main/k/kernel-source-2.6.8/kernel-source-2.6.8_2.6.8-16_all.deb
kernel-tree-2.6.8_2.6.8-16_all.deb
to pool/main/k/kernel-source-2.6.8/kernel-tree-2.6.8_2.6.8-16_all.deb
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to 301799@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Simon Horman <horms@debian.org> (supplier of updated kernel-source-2.6.8 package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@debian.org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.7
Date: Thu, 19 May 2005 16:51:34 +0900
Source: kernel-source-2.6.8
Binary: kernel-source-2.6.8 kernel-doc-2.6.8 kernel-tree-2.6.8 kernel-patch-debian-2.6.8
Architecture: source all
Version: 2.6.8-16
Distribution: unstable
Urgency: low
Maintainer: Debian kernel team <debian-kernel@lists.debian.org>
Changed-By: Simon Horman <horms@debian.org>
Description:
kernel-doc-2.6.8 - Linux kernel specific documentation for version 2.6.8
kernel-patch-debian-2.6.8 - Debian patches to Linux 2.6.8
kernel-source-2.6.8 - Linux kernel source for version 2.6.8 with Debian patches
kernel-tree-2.6.8 - Linux kernel source tree for building Debian kernel images
Closes: 272683 295725 300163 301372 301488 301528 301799 301799 301799 301799 302352 303140 303498 304548 307552 308034 308634 308724 308855 309429
Changes:
kernel-source-2.6.8 (2.6.8-16) unstable; urgency=low
.
* smbfs-overrun.dpatch:
Reinstated smbfs-overrun.dpatch to complete fix for CAN-2004-1191
(Simon Horman) (closes: #300163)
.
* radeon-race-2.dpatch:
Symbol fix for radeon race fix in 2.6.8-15.
(Simon Horman) (closes: #301488, #301528, #308034)
.
* drivers-input-serio-nmouse.dpatch:
[Security] fix N_MOUSE TTY privelage problem. See CAN-2005-0839
(Simon Horman) (closes: #301372)
.
* net-bluetooth-signdness-fix.dpatch:
[Security] Fix signedness problem at socket creation in bluetooth
which can lead to local root exploit. See CAN-2005-0750
(Simon Horman) (closes: #301799)
.
* fs-ext2-info-leak.dpatch:
[Security] Fix information leak in ext2 which leads to
a local information leak. See CAN-2005-0400
(Simon Horman) (closes: #301799)
.
* fs-isofs-range-check-1.dpatch, fs-isofs-range-check-2.dpatch,
fs-isofs-range-check-3.dpatch:
[Security] Fix range checking in isofs which leads to a local crash
and arbitary code execution. See CAN-2005-0815
(Simon Horman) (closes: #301799)
.
* mm-shmem-truncate.dpatch
[Security] tmpfs caused truncate bug which leads to a local dos.
CVE yet to be assigned.
(Simon Horman)
.
* fs-binfmt_elf-dos.dpatch:
Potential DOS in load_elf_library. See CAN-2005-0749
(Simon Horman) (closes: #301799, #303498)
.
* arch-ppc64-hugepage-aio-panic.dpatch:
fix AIO panic on PPC64 caused by is_hugepage_only_range().
See CAN-2005-0916. (Simon Horman) (closes: #302352)
.
* kernel-futex-deadlock.dpatch:
Fix possible deadlog in fitex mmap_sem. See CAN-2005-0937
(closes: #303140) (Simon Horman)
.
* net-ipv4-bic-binary-search.patch:
Fix BIC congestion avoidance algorithm error
(Simon Horman)
.
* net-ipv4-ipsec-icmp-deadlock.patch:
Fix IPSEC ICMP deadlock
(Simon Horman)
.
* drivers-media-video-saa7110-oops.patch:
Fix saa7110 driver to handle I2C_FUNC_I2C support correctly,
prefiously it would oops.
(Simon Horman)
.
* fs-cramfs-stat.dpatch:
Fix bogus blocks field for devices in cramfs.
(Simon Horman)
.
* drivers-media-video-i2c-msg.dpatch:
Fix i2c message flags in video drivers
(Simon Horman)
.
* drivers-net-sis900-oops.dpatch:
Fix oops in sis900 driver caused by it being preemted
before it has finished setting sis_priv->mii
(Simon Horman)
.
* drivers-net-via-rhine-wol-oops.dpatch:
Fix oops in VIA Rhine driver caused by assuming all cards have WOL support.
(Simon Horman)
.
* net-netrom-double-lock.dpatch:
Fix dealock in netrom caused by double locking.
(Simon Horman)
.
* drivers-net-amd811e-irq.dpatch:
Fix bug in AMD8111e driver where it neglects to release an
irq on some error conditions.
(Simon Horman)
.
* net-xfrm-find_acq_byseq.dpatch:
Fix __xfrm_find_acq_byseq() so it only returns objects
in the XFRM_STATE_ACQ state.
(Simon Horman)
.
* drivers-net-via-rhine-irq.dpatch:
VIA Rhine driver was releasing an irq in some error situations
(Simon Horman)
.
* sound-core-timer-oops.dpatch:
Fix ALSA timer notification.
o Ooops in read()
o wake-up polls and signals with new events
(Simon Horman)
.
* fs-jdb-race.dpatch:
Fix race in JDB
(Simon Horman)
.
* arch-ia64-syscall-audit.dpatch:
Fix ia64 syscall auditing
(Simon Horman)
.
* drivers-i2c-chips-eprom.dpatch:
Fix oops in eprom driver that occrs when data is read from sysfs
(Simon Horman)
.
* lib-rwsem-spinlock.dpatch:
Fix dealock that occurs dio_complete() does up_read() from IRQ context
by using interupd disabling spin locks.
(Simon Horman)
.
* fs-jdb-slow-leak.dpatch:
Fix longstanding jdb commit leak - since 2.6.6. (Maximilian Attems)
.
* sparc64-sigpoll-2.6.8.dpatch:
Separate __SI_FAULT and __SI_POLL branches in copy_siginfo_to_user32()
to resolve fcntl() bug. (Jurij Smakov, Simon Horman) (closes: #272683)
.
* net-ipv4-icmp-quench.diff:
[CAN-2004-0790] Just silently ignore ICMP Source Quench messages.
(Simon Horman) (See: #305655)
.
* sparc64-sunsu-init.dpatch:
[sparc64] Patch by David Miller to fix the initialization of the
sunsu serial driver. Mouse connected to the serial port is now
detected properly. Thanks to Frans Pop for testing. (Jurij Smakov)
(closes: #295725)
Ref: http://lists.debian.org/debian-sparc/2005/04/msg00203.html
.
* drivers-i2c-sysfs-permisions.dpatch:
I2C: Fix incorrect sysfs file permissions in it87 and via686a drivers.
See CAN-2005-1369. (closes: #307552) (Simon Horman)
.
* arch-sparc64-kernel-ptrace-cont-bogosity.dpatch:
SPARC: Fix PTRACE_CONT bogosity. (Simon Horman)
.
* net-ipv4-fib_hash-crash.dpatch:
DoS vulnerability in fib_seq_start()
See CAN-2005-1041. (closes: #304548). (Simon Horman)
.
* fs-binfmt_elf-dump-privelage.dpatch:
Linux kernel ELF core dump privilege elevation
See CAN-2005-1263. (closes: #308634, #308724, #308855). (Simon Horman)
.
* drivers-block-raw-ioctl.dpatch:
[SECURITY] Fix root hole in raw device. See CAN-2005-1264.
(closes: #309429) (Simon Horman)
.
* net-ipv4-ipvs-icmp-leak.dpatch:
Fix leak in LVS ICMP handler that manifests under heavy traffic situations.
(Simon Horman)
.
* Add myself as an uploader (Simon Horman)
Files:
639732a50dc3105cc1ccfb2a848d109f 989 devel optional kernel-source-2.6.8_2.6.8-16.dsc
0bc5e87dffd47078dcd7f01793576843 911998 devel optional kernel-source-2.6.8_2.6.8-16.diff.gz
78776b39100d55bc04e87069aa94576c 930508 devel optional kernel-patch-debian-2.6.8_2.6.8-16_all.deb
aa9d24c8aa7c10270625032ad45e208e 34924214 devel optional kernel-source-2.6.8_2.6.8-16_all.deb
e1979374bcaf53de9c13d5855c58fd49 29284 devel optional kernel-tree-2.6.8_2.6.8-16_all.deb
fd2e4e8f57268058aa1e9eb982ef6611 6175240 doc optional kernel-doc-2.6.8_2.6.8-16_all.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.0 (GNU/Linux)
iD8DBQFCjHI3du+M6Iexz7URAq/zAKDTAZe8lyhnOIFcKkev6kc5tTGxpwCfVq+J
F3wXWBaIkWSeK3n/ystmga0=
=fqDP
-----END PGP SIGNATURE-----
Reply to: