[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

is 2.6.26-19lenny1 legit?

I don't seen any annoucement on security-announce or on security.debian.org!
Are these packages legit?



Here's the last two changelog entries I found in the amd64 deb
(linux-image-2.6.26-2-amd64_2.6.26-19lenny1_amd64.deb). I couldn't find the
changelog on packages.debian.org.

linux-2.6 (2.6.26-19lenny1) stable-security; urgency=high

  * appletalk: Fix skb leak when ipddp interface is not loaded
  * KVM: x86: Disallow hypercalls for guest callers in rings > 0
  * selinux: prevent local users from bypassing mmap_min_addr
    in unconfined domains (CVE-2009-2695)                    
  * fix information leak in llc_ui_getname (CVE-2009-3001)
  * net: fix information leak due to uninitialized structures in
    getname functions (CVE-2009-3002)                           
  * eCryptfs: Prevent lower dentry from going negative during unlink
  * net ax25: Fix signed comparison in the sockopt handler (CVE-2009-2909)
  * x86: Don't leak 64-bit kernel register values to 32-bit processes
  * NFSv4: move iattr & verf attributes of struct nfsd4_open out of the
    union (CVE-2009-3286)                                              
  * r8169: use hardware auto padding (CVE-2009-3613)

 -- dann frazier <dannf@debian.org>  Sat, 17 Oct 2009 10:52:13 -0600

linux-2.6 (2.6.26-19) stable; urgency=high

  [ Moritz Muehlenhoff ]
  * Input: ALPS - add signature for Toshiba Satellite Pro M10
    (Closes: #434722)                                        

  [ dann frazier ]
  * aacraid: Fix regression w/ bigmem kernel (Closes: #537771)
  * [parisc] isa-eeprom - Fix loff_t usage (CVE-2009-2846)
  * do_sigaltstack: avoid copying 'stack_t' as a structure to user space
  * execve: must clear current->clear_child_tid (CVE-2009-2848)
  * md: avoid dereferencing NULL pointer when accessing suspend_* sysfs
    attributes (CVE-2009-2849)                                         

 -- dann frazier <dannf@debian.org>  Tue, 18 Aug 2009 22:45:27 -0600

Tom Vier <nester@gmail.com>
DSA Key ID 0x15741ECE

Reply to: