[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: [SECURITY] [DSA 1681-1] New Linux 2.6.24 packages fix several vulnerabilities

On Thu, Dec 04, 2008 at 10:59:11AM -0700, dann frazier wrote:

> Package        : linux-2.6.24
> Vulnerability  : denial of service/privilege escalation
> Problem type   : local/remote
> Debian-specific: no
> CVE Id(s)      : CVE-2008-3528 CVE-2008-4554 CVE-2008-4576 CVE-2008-4618
>                  CVE-2008-4933 CVE-2008-4934 CVE-2008-5025 CVE-2008-5029
>                  CVE-2008-5134 CVE-2008-5182 CVE-2008-5300
> Several vulnerabilities have been discovered in the Linux kernel that
> may lead to a denial of service or privilege escalation. The Common
> Vulnerabilities and Exposures project identifies the following
> problems:

[snip details]

> For the stable distribution (etch), these problems have been fixed in
> version 2.6.24-6~etchnhalf.7.

All these issues are also listed as affecting 2.6.18 on
<http://security-tracker.debian.net/tracker/>. Are there plans to
release fixed packages?


Dominic Hargreaves | http://www.larted.org.uk/~dom/
PGP key 5178E2A5 from the.earth.li (keyserver,web,email)

Reply to: