[Technik] [SECURITY] [DSA 1111-1] New Linux kernel 2.6.8
packages fix privilege escalation
Noèl Köthe
noel at debian.org
Wed Jul 19 19:43:53 CEST 2006
Am Sonntag, den 16.07.2006, 18:48 +0200 schrieb Moritz Muehlenhoff:
> Debian Security Advisory DSA 1111-1 security at debian.org
> http://www.debian.org/security/ Dann Frazier
> Jul 16th, 2006 http://www.debian.org/security/faq
>
> Package : kernel-source-2.6.8 et. al.
> Vulnerability : race condition
> Problem-Type : local
> Debian-specific: no
> CVE ID : CVE-2006-3625
> Debian 3.1 (sarge)
> Source 2.6.8-16sarge4
> Alpha architecture 2.6.8-16sarge4
> AMD64 architecture 2.6.8-16sarge4
> Intel IA-32 architecture 2.6.8-16sarge4
kernel-image 2.6.8 auf cupa, cree und crow aktualisiert und entsprechend
rebootet und entsprechend rebootet.
Die anderen Systeme haben selbst gebaute kernel und werden noch
aktualisert.
changelog:
kernel-image-2.6.8-i386 (2.6.8-16sarge4) stable-security; urgency=high
* Build against kernel-tree-2.6.8-16sarge4:
* proc-environ-race-1.dpatch, proc-environ-race-2.dpatch
[SECURITY] Fix local root vulnerability caused by a race in proc
See CVE-2006-3626
-- dann frazier <dannf at debian.org> Sat, 15 Jul 2006 02:23:36 -0600
--
Noèl Köthe <noel debian.org>
Debian GNU/Linux, www.debian.org
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: Dies ist ein digital signierter Nachrichtenteil
Url : http://hostsharing.net/pipermail/technik/attachments/20060719/fae56b42/attachment.pgp
More information about the Technik
mailing list