[Technik] [SECURITY] [DSA 1356-1] New Linux 2.6.18 packages fix several vulnerabilities

Noèl Köthe noel at debian.org
Mon Aug 20 17:46:15 CEST 2007 

Am Mittwoch, den 15.08.2007, 19:00 -0600 schrieb dann frazier:

> Debian Security Advisory DSA 1356-1                    security at debian.org
> http://www.debian.org/security/                               Dann Frazier
> August 15th, 2007                       http://www.debian.org/security/faq
> 
> Package        : linux-2.6
> Vulnerability  : several
> Problem-Type   : local/remote
> Debian-specific: no
> CVE ID         : CVE-2007-1353 CVE-2007-2172 CVE-2007-2453 CVE-2007-2525
>                  CVE-2007-2876 CVE-2007-3513 CVE-2007-3642 CVE-2007-3848
>                  CVE-2007-3851

linux-2.6 auf yuma und cree aktualisiert und entsprechend rebootet.

> These problems have been fixed in the stable distribution in version 
> 2.6.18.dfsg.1-13etch1.

linux-2.6 (2.6.18.dfsg.1-13etch1) stable-security; urgency=high

  * Update abi reference files for ABI 5
  * bugfix/bluetooth-l2cap-hci-info-leaks.patch
    [SECURITY] Fix information leaks in setsockopt() implementations
    See CVE-2007-1353
  * bugfix/usblcd-limit-memory-consumption.patch
    [SECURITY] limit memory consumption during write in the usblcd driver
    See CVE-2007-3513
  * bugfix/pppoe-socket-release-mem-leak.patch
    [SECURITY] fix unpriveleged memory leak when a PPPoE socket is released
    after connect but before PPPIOCGCHAN ioctl is called upon it
    See CVE-2007-2525
  * bugfix/nf_conntrack_h323-bounds-checking.patch
    [SECURITY] nf_conntrack_h323: add checking of out-of-range on choices'
    index values
    See CVE-2007-3642
  * bugfix/dn_fib-out-of-bounds.patch
    [SECURITY] Fix out of bounds condition in dn_fib_props[]
    See CVE-2007-2172
  * bugfix/random-fix-seeding-with-zero-entropy.patch
    bugfix/random-fix-error-in-entropy-extraction.patch
    [SECURITY] Avoid seeding with the same values at boot time when a
    system has no entropy source and fix a casting error in entropy
    extraction that resulted in slightly less random numbers.
    See CVE-2007-2453
  * bugfix/nf_conntrack_sctp-null-deref.patch
    [SECURITY] Fix remotely triggerable NULL pointer dereference
    by sending an unknown chunk type.
    See CVE-2007-2876
  * bugfix/i965-secure-batchbuffer.patch
    [SECURITY] Fix i965 secured batchbuffer usage
    See CVE-2007-3851
  * bugfix/reset-pdeathsig-on-suid.patch
    [SECURITY] Fix potential privilege escalation caused by improper
    clearing of the child process' pdeath signal.
    Thanks to Marcel Holtmann for the patch.
    See CVE-2007-3848

 -- dann frazier <dannf at debian.org>  Sat, 11 Aug 2007 08:46:25 -0600

-- 
Noèl Köthe <noel debian.org>
Debian GNU/Linux, www.debian.org
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: Dies ist ein digital signierter Nachrichtenteil
Url : /archiv/technik/attachments/20070820/1c191657/attachment-0001.pgp

More information about the Technik mailing list