Hosting Provided By

Accepted fai-kernels 1.17+etch4 (source i386)

From: dann frazier <dannf(at)debian.org>
Date: Fri Aug 17 2007 - 03:56:18 EDT

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.7
Date: Wed, 15 Aug 2007 17:06:20 -0600
Source: fai-kernels
Binary: fai-kernels
Architecture: source i386
Version: 1.17+etch4
Distribution: stable-security
Urgency: high
Maintainer: Holger Levsen <holger@debian.org> Changed-By: dann frazier <dannf@debian.org> Description:
fai-kernels - special kernels for FAI (Fully Automatic Installation) Changes:
fai-kernels (1.17+etch4) stable-security; urgency=high .

NMU by the Security Team
- Rebuild against linux-source-2.6.18 (2.6.18.dfsg.1-13etch1):
- Update abi reference files for ABI 5
- bugfix/bluetooth-l2cap-hci-info-leaks.patch [SECURITY] Fix information leaks in setsockopt() implementations See CVE-2007-1353
- bugfix/usblcd-limit-memory-consumption.patch [SECURITY] limit memory consumption during write in the usblcd driver See CVE-2007-3513
- bugfix/pppoe-socket-release-mem-leak.patch [SECURITY] fix unpriveleged memory leak when a PPPoE socket is released after connect but before PPPIOCGCHAN ioctl is called upon it See CVE-2007-2525
- bugfix/nf_conntrack_h323-bounds-checking.patch [SECURITY] nf_conntrack_h323: add checking of out-of-range on choices' index values See CVE-2007-3642
- bugfix/dn_fib-out-of-bounds.patch [SECURITY] Fix out of bounds condition in dn_fib_props[] See CVE-2007-2172
- bugfix/random-fix-seeding-with-zero-entropy.patch bugfix/random-fix-error-in-entropy-extraction.patch [SECURITY] Avoid seeding with the same values at boot time when a system has no entropy source and fix a casting error in entropy extraction that resulted in slightly less random numbers. See CVE-2007-2453
- bugfix/nf_conntrack_sctp-null-deref.patch [SECURITY] Fix remotely triggerable NULL pointer dereference by sending an unknown chunk type. See CVE-2007-2876
- bugfix/i965-secure-batchbuffer.patch [SECURITY] Fix i965 secured batchbuffer usage See CVE-2007-3851
- bugfix/reset-pdeathsig-on-suid.patch [SECURITY] Fix potential privilege escalation caused by improper clearing of the child process' pdeath signal. Thanks to Marcel Holtmann for the patch. See CVE-2007-3848 Files: 9a52e923d40532efcaf60f0048cb8bae 711 admin extra fai-kernels_1.17+etch4.dsc 83214996352214796bbf6c54042b7b0b 53600 admin extra fai-kernels_1.17+etch4.tar.gz 6f5d247feb6ecd8a1e8c8f76c0a54708 5500032 admin extra fai-kernels_1.17+etch4_i386.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)

iD8DBQFGw5H0huANDBmkLRkRAut3AJsFcoKHTNi3Jx7MkE6StkUOK5qUJwCaAhO6 yplkE7mAspK1NzEFlfhE9k0=
=dM5b
-----END PGP SIGNATURE----- Accepted:
fai-kernels_1.17+etch4.dsc
  to pool/main/f/fai-kernels/fai-kernels_1.17+etch4.dsc fai-kernels_1.17+etch4.tar.gz
  to pool/main/f/fai-kernels/fai-kernels_1.17+etch4.tar.gz fai-kernels_1.17+etch4_i386.deb
  to pool/main/f/fai-kernels/fai-kernels_1.17+etch4_i386.deb

-- 
To UNSUBSCRIBE, email to debian-changes-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org

Received on Fri Aug 17 03:59:39 2007

This message: [ Message body ]
Next message: GCS: "Accepted rdesktop 1.4.0-2sarge1 (source i386)"
Previous message: Moritz Muehlenhoff: "Accepted pdfkit.framework 0.8-2sarge4 (source i386)"

Contemporary messages sorted: [ By Date ] [ By Thread ] [ By Subject ] [ By Author ] [ By messages with attachments ]

This archive was generated by hypermail 2.1.8 : Sun Oct 07 2007 - 07:58:38 EDT