Unannounced kernel update today? (etch)
My systems informed me of a kernel update today, but
I can't find any indication either on the security web site
or the security-announce list that there has been one recently.
The changelog for the package says:
linux-2.6 (2.6.18.dfsg.1-22etch2) stable-security; urgency=high
* bugfix/x86-wrong-register-was-used-in-align-macro.patch
Fix regression introduced upstream by the fix for CVE-2008-0598
* bugfix/cifs-fix-compiler-warning.patch,
bugfix/netfilter-nf_nat_snmp_basic-fix-range-check.patch
Fix regressions introduced upstream by the fixes for CVE-2008-1673
*
bugfix/sound-ensure-device-number-is-valid-in-snd_seq_oss_synth_make_info.patch
Fix possible information leak in seq_oss_synth.c
See CVE-2008-3272
* bugfix/vfs-fix-lookup-on-deleted-directory.patch
Fix potential memory leak in lookup path
See CVE-2008-3275
-- dann frazier <dannf@debian.org> Mon, 18 Aug 2008 01:43:55 -0600
The last security kernel I see announced is from June 9th.
I run my own local repositories, mirrored using rsync(sync once
a day) -
debmirror -v --nosource --method=rsync -r :debian -h mirrors.kernel.org
--dist=etch /storage/debian/mirror/base
debmirror -v --nosource --method=rsync -r :debian-security -h
security.debian.org --dist=etch
--section="updates/main,updates/contrib,updates/non-free"
--ignore-missing-release --ignore-release-gpg
/storage/debian/mirror/security
rsync -av
rsync://security.debian.org/debian-security/dists/etch/updates/Release*
/storage/debian/mirror/security/dists/etch/updates/
Maybe I'm just being overly paranoid ?
thanks
nate
(been a few years since I've been on the list, still waiting
for the list confirmation message that I'm subscribed)
Reply to: