Re: [SECURITY] [DSA 1681-1] New Linux 2.6.24 packages fix several vulnerabilities

To: debian-security@lists.debian.org
Subject: Re: [SECURITY] [DSA 1681-1] New Linux 2.6.24 packages fix several vulnerabilities
From: Dominic Hargreaves <dom@earth.li>
Date: Thu, 11 Dec 2008 17:06:52 +0000
Message-id: <[🔎] 20081211170652.GG1531@urchin.earth.li>
In-reply-to: <20081204175911.GG14564@ldl.fc.hp.com>
References: <20081204175911.GG14564@ldl.fc.hp.com>

On Thu, Dec 04, 2008 at 10:59:11AM -0700, dann frazier wrote:

> Package        : linux-2.6.24
> Vulnerability  : denial of service/privilege escalation
> Problem type   : local/remote
> Debian-specific: no
> CVE Id(s)      : CVE-2008-3528 CVE-2008-4554 CVE-2008-4576 CVE-2008-4618
>                  CVE-2008-4933 CVE-2008-4934 CVE-2008-5025 CVE-2008-5029
>                  CVE-2008-5134 CVE-2008-5182 CVE-2008-5300
> 
> Several vulnerabilities have been discovered in the Linux kernel that
> may lead to a denial of service or privilege escalation. The Common
> Vulnerabilities and Exposures project identifies the following
> problems:

[snip details]

> For the stable distribution (etch), these problems have been fixed in
> version 2.6.24-6~etchnhalf.7.

All these issues are also listed as affecting 2.6.18 on
<http://security-tracker.debian.net/tracker/>. Are there plans to
release fixed packages?

Cheers,
Dominic.

-- 
Dominic Hargreaves | http://www.larted.org.uk/~dom/
PGP key 5178E2A5 from the.earth.li (keyserver,web,email)

Reply to:

Follow-Ups:
- Re: [SECURITY] [DSA 1681-1] New Linux 2.6.24 packages fix several vulnerabilities
  - From: dann frazier <dannf@dannf.org>

Prev by Date: Re: [VUA 51-1] Updated clamav version
Next by Date: Re: [SECURITY] [DSA 1681-1] New Linux 2.6.24 packages fix several vulnerabilities
Previous by thread: Re: [VUA 51-1] Updated clamav version
Next by thread: Re: [SECURITY] [DSA 1681-1] New Linux 2.6.24 packages fix several vulnerabilities
Index(es):
- Date
- Thread