Author: horms Date: Thu Jan 5 08:21:49 2006 New Revision: 5267 Added: dists/sarge-security/kernel-2.4/source/kernel-source-2.4.27-2.4.27/debian/patches/199_net-ipv6-flowlabel-refcnt.diff - copied unchanged from r5250, dists/trunk/kernel-2.4/source/kernel-source-2.4.27-2.4.27/debian/patches/199_net-ipv6-flowlabel-refcnt.diff dists/sarge-security/kernel-2.4/source/kernel-source-2.4.27-2.4.27/debian/patches/200_net_sdla_xfer_leak.diff - copied unchanged from r5264, dists/trunk/kernel-2.4/source/kernel-source-2.4.27-2.4.27/debian/patches/200_net_sdla_xfer_leak.diff Modified: dists/sarge-security/kernel-2.4/source/kernel-source-2.4.27-2.4.27/debian/changelog dists/sarge-security/kernel-2.4/source/kernel-source-2.4.27-2.4.27/debian/patches/series/2.4.27-10sarge2 Log: * [SECURITY] Fix refcnt of struct ip6_flowlabel; Local DoS From 2.6.14 See CVE-2005-3806 net-ipv6-flowlabel-refcnt.dpatch * [SECURITY] Information leak in sdla From 2.6.6 See CVE-2004-2607 200_net_sdla_xfer_leak.diff
Modified: dists/sarge-security/kernel-2.4/source/kernel-source-2.4.27-2.4.27/debian/changelog ============================================================================== --- dists/sarge-security/kernel-2.4/source/kernel-source-2.4.27-2.4.27/debian/changelog (original) +++ dists/sarge-security/kernel-2.4/source/kernel-source-2.4.27-2.4.27/debian/changelog Thu Jan 5 08:21:49 2006 @@ -7,7 +7,7 @@ 178_fs_ext2_ext3_xattr-sharing.diff, included in 2.4.27-10sarge1 - [SECURITY] Fixes remote DoS when using ipt_recent on a 64 bit machine. See CAN-2005-2872 (See: #322237) - 179_net-ipv4-netfilter-ip_recent-last_pkts.diff, included in + 179_net-ipv4-netfilter-ip_recent-last_pkts.diff, included in 2.4.27-10sarge1 - [SECURITY] x86_64: 32 bit ltrace oops when tracing 64 bit executable http://lkml.org/lkml/2005/1/5/245 @@ -51,6 +51,16 @@ * [SECURITY] VFS: local denial-of-service with file leases. See CVE-2005-3857 198_fs-lock-lease-log-spam.diff + * [SECURITY] Fix refcnt of struct ip6_flowlabel; Local DoS + From 2.6.14 + See CVE-2005-3806 + net-ipv6-flowlabel-refcnt.dpatch + + * [SECURITY] Information leak in sdla + From 2.6.6 + See CVE-2004-2607 + 200_net_sdla_xfer_leak.diff + [ dann frazier ] * [SECURITY] Fix infinite loop in udp_v6_get_port(). See CVE-2005-2973 195_net-ipv6-udp_v6_get_port-loop.diff Modified: dists/sarge-security/kernel-2.4/source/kernel-source-2.4.27-2.4.27/debian/patches/series/2.4.27-10sarge2 ============================================================================== --- dists/sarge-security/kernel-2.4/source/kernel-source-2.4.27-2.4.27/debian/patches/series/2.4.27-10sarge2 (original) +++ dists/sarge-security/kernel-2.4/source/kernel-source-2.4.27-2.4.27/debian/patches/series/2.4.27-10sarge2 Thu Jan 5 08:21:49 2006 @@ -12,3 +12,5 @@ + 198_fs-lock-lease-log-spam.diff + 150_private_fragment_queues-1.diff + 150_private_fragment_queues-2.diff ++ 199_net-ipv6-flowlabel-refcnt.diff ++ 200_net_sdla_xfer_leak.diff _______________________________________________ Kernel-svn-changes mailing list Kernel-svn-changes@lists.alioth.debian.org http://lists.alioth.debian.org/mailman/listinfo/kernel-svn-changes