[Technik] [SECURITY] [DSA 1378-1] New Linux 2.6.18 packages fix several vulnerabilities

Noèl Köthe noel at debian.org
Sat Sep 29 19:17:48 CEST 2007 

Am Donnerstag, den 27.09.2007, 15:33 -0600 schrieb dann frazier:

> Debian Security Advisory DSA 1378-1                    security at debian.org
> http://www.debian.org/security/                               Dann Frazier
> September 27th, 2007                    http://www.debian.org/security/faq
> 
> Package        : linux-2.6
> Vulnerability  : several
> Problem-Type   : local
> Debian-specific: no
> CVE ID         : CVE-2007-3731 CVE-2007-3739 CVE-2007-3740 CVE-2007-4573
>                  CVE-2007-4849

linux-2.6 auf unseren Debian etch Rechnern cree und yuma aktualisiert
und neugestartet. wasco läuft auch unter Debian etch, aber der Kernel
wird vom Provider gepflegt (virtueller Rechner).

> These problems have been fixed in the stable distribution in version 
> 2.6.18.dfsg.1-13etch3.

changelog:
linux-2.6 (2.6.18.dfsg.1-13etch3) stable-security; urgency=high

  * bugfix/ptrace-handle-bogus-selector.patch,
    bugfix/fixup-trace_irq-breakage.patch
    [SECURITY] Handle an invalid LDT segment selector %cs (the xcs field)
    during ptrace single-step operations that can be used to trigger a
    NULL-pointer dereference causing an Oops.
    See CVE-2007-3731
  * bugfix/prevent-stack-growth-into-hugetlb-region.patch
    [SECURITY] Prevent OOPS during stack expansion when the VMA crosses
    into address space reserved for hugetlb pages.
    See CVE-2007-3739
  * bugfix/cifs-honor-umask.patch
    [SECURITY] Make CIFS honor a process' umask
    See CVE-2007-3740
  * bugfix/amd64-zero-extend-32bit-ptrace.patch
    [SECURITY] Zero extend all registers after ptrace in 32-bit entry path.
    See CVE-2007-4573
  * bugfix/jffs2-ACL-vs-mode-handling.patch
    [SECURITY] Write correct legacy modes to the medium on inode creation to
    prevent incorrect permissions upon remount.
    See CVE-2007-4849

 -- dann frazier <dannf at debian.org>  Tue, 25 Sep 2007 22:33:15 -0600

-- 
Noèl Köthe <noel debian.org>
Debian GNU/Linux, www.debian.org
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: Dies ist ein digital signierter Nachrichtenteil
Url : /archiv/technik/attachments/20070929/83b9d328/attachment.pgp

More information about the Technik mailing list