[Technik] [SECURITY] [DSA 1565-1] New Linux 2.6.18 packages fix several vulnerabilities

Noèl Köthe noel at debian.org
Fri May 2 09:28:01 CEST 2008 

Am Donnerstag, den 01.05.2008, 12:25 -0600 schrieb dann frazier:

> Debian Security Advisory DSA-1565-1                security at debian.org
> http://www.debian.org/security/                           dann frazier
> May 1, 2008                         http://www.debian.org/security/faq
> 
> Package        : linux-2.6
> Vulnerability  : several vulnerabilities
> Problem type   : local
> Debian-specific: no
> CVE Id(s)      : CVE-2007-6694 CVE-2008-0007 CVE-2008-1294 CVE-2008-1375

linux-2.6 auf cree, yuma und yuki aktualisiert. Die anderen Rechner
haben keine Debian Kernel bzw. bei wasco kümmert sich der Provider um
den kernel, weil es ein virtueller Rechner ist.

> For the stable distribution (etch), this problem has been fixed in version
> 2.6.18.dfsg.1-18etch3.

linux-2.6 (2.6.18.dfsg.1-18etch3) stable-security; urgency=high

  * Wrap added code in bugfix/dnotify-race-avoid-abi-change.patch in
    #ifndef __GENKSYMS__ to avoid ABI change
  * Revert ABI change introduced in 2.6.18.dfsg.1-18etch2

 -- dann frazier <dannf at debian.org>  Wed, 23 Apr 2008 21:34:26 -0600

linux-2.6 (2.6.18.dfsg.1-18etch2) stable-security; urgency=high

  * bugfix/powerpc-chrp-null-deref.patch
    [SECURITY][powerpc] Fix NULL pointer dereference if get_property
    fails on the subarchitecture
    See CVE-2007-6694
  * bugfix/mmap-VM_DONTEXPAND.patch
    [SECURITY] Add VM_DONTEXPAND to vm_flags in drivers that register
    a fault handler but do not bounds check the offset argument
    See CVE-2008-0007
  * bugfix/RLIMIT_CPU-earlier-checking.patch
    [SECURITY] Move check for an RLIMIT_CPU with a value of 0 earlier
    to prevent a user escape (closes: #419706)
    See CVE-2008-1294
  * bugfix/dnotify-race.patch
    [SECURITY] Fix a race in the directory notify
    See CVE-2008-1375
    This patch changes the ABI
  * Bump ABI to 7.

 -- dann frazier <dannf at debian.org>  Fri, 11 Apr 2008 23:51:42 -0600

-- 
Noèl Köthe <noel debian.org>
Debian GNU/Linux, www.debian.org
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: Dies ist ein digital signierter Nachrichtenteil
Url : /archiv/technik/attachments/20080502/fa4e9fba/attachment.pgp

More information about the Technik mailing list