Your message dated Thu, 6 Jan 2005 17:48:27 +0900
with message-id <[EMAIL PROTECTED]>
and subject line Bug#287770: CAN-2004-1137: allow a local user to cause a
denial of service
has caused the attached Bug report to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what I am
talking about this indicates a serious mail system misconfiguration
somewhere. Please contact me immediately.)
Debian bug tracking system administrator
(administrator, Debian Bugs database)
--------------------------------------
Received: (at submit) by bugs.debian.org; 29 Dec 2004 23:01:30 +0000
>From [EMAIL PROTECTED] Wed Dec 29 15:01:30 2004
Return-path: <[EMAIL PROTECTED]>
Received: from gateway.bzzware.org [212.125.240.90]
by spohr.debian.org with esmtp (Exim 3.35 1 (Debian))
id 1Cjmos-00015E-00; Wed, 29 Dec 2004 15:01:30 -0800
Received: from fajx300.home.bzzware.org ([10.54.39.3] helo=fajx300.bzzware.org)
by gateway.bzzware.org with esmtp (Exim 3.35 #1 (Debian))
id 1Cjmny-0002i2-00; Thu, 30 Dec 2004 00:00:34 +0100
Received: from finnarne by fajx300.bzzware.org with local (Exim 4.34)
id 1Cjmo0-0007bv-EF; Thu, 30 Dec 2004 00:00:36 +0100
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
From: Finn-Arne Johansen <[EMAIL PROTECTED]>
To: Debian Bug Tracking System <[EMAIL PROTECTED]>
Subject: CAN-2004-1137: allow a local user to cause a denial of service
X-Mailer: reportbug 3.2
Date: Thu, 30 Dec 2004 00:00:36 +0100
Message-Id: <[EMAIL PROTECTED]>
Sender: Finn-Arne Johansen <[EMAIL PROTECTED]>
X-MailScanner: Found to be clean
Delivered-To: [EMAIL PROTECTED]
X-Spam-Checker-Version: SpamAssassin 2.60-bugs.debian.org_2004_03_25
(1.212-2003-09-23-exp) on spohr.debian.org
X-Spam-Status: No, hits=-8.0 required=4.0 tests=BAYES_00,HAS_PACKAGE
autolearn=no version=2.60-bugs.debian.org_2004_03_25
X-Spam-Level:
Package: kernel-image-2.4.27-i386
Severity: normal
Petter Reinholdsen (pere) forwarded some issues regarding the
RHEL kernels, and I've found that at least 2 of them affects
kernel-image-2.4.27-i386
> ISEC security research discovered multiple vulnerabilities in the IGMP
> functionality which was backported in the Red Hat Enterprise Linux 3
> kernels. These flaws could allow a local user to cause a denial of
> service (crash) or potentially gain privileges. Where multicast
> applications are being used on a system, these flaws may also allow
> remote users to cause a denial of service. The Common Vulnerabilities
> and Exposures project (cve.mitre.org) has assigned the name
> CAN-2004-1137 to this issue.
This one also Hangs one cpu effectivly (I checked CAN-2004-1016 first)
---------------------------------------
Received: (at 287770-done) by bugs.debian.org; 6 Jan 2005 09:38:54 +0000
>From [EMAIL PROTECTED] Thu Jan 06 01:38:54 2005
Return-path: <[EMAIL PROTECTED]>
Received: from koto.vergenet.net [210.128.90.7]
by spohr.debian.org with esmtp (Exim 3.35 1 (Debian))
id 1CmU6Y-0000yJ-00; Thu, 06 Jan 2005 01:38:54 -0800
Received: by koto.vergenet.net (Postfix, from userid 7100)
id 3409F34089; Thu, 6 Jan 2005 18:20:40 +0900 (JST)
Date: Thu, 6 Jan 2005 17:48:27 +0900
From: Horms <[EMAIL PROTECTED]>
To: Finn-Arne Johansen <[EMAIL PROTECTED]>, [EMAIL PROTECTED]
Subject: Re: Bug#287770: CAN-2004-1137: allow a local user to cause a denial of
service
Message-ID: <[EMAIL PROTECTED]>
References: <[EMAIL PROTECTED]>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <[EMAIL PROTECTED]>
X-Cluestick: seven
User-Agent: Mutt/1.5.6+20040907i
Delivered-To: [EMAIL PROTECTED]
X-Spam-Checker-Version: SpamAssassin 2.60-bugs.debian.org_2005_01_02
(1.212-2003-09-23-exp) on spohr.debian.org
X-Spam-Status: No, hits=-6.0 required=4.0 tests=BAYES_00,HAS_BUG_NUMBER
autolearn=no version=2.60-bugs.debian.org_2005_01_02
X-Spam-Level:
On Thu, Dec 30, 2004 at 12:00:36AM +0100, Finn-Arne Johansen wrote:
> Package: kernel-image-2.4.27-i386
> Severity: normal
>
> Petter Reinholdsen (pere) forwarded some issues regarding the
> RHEL kernels, and I've found that at least 2 of them affects
> kernel-image-2.4.27-i386
>
> > ISEC security research discovered multiple vulnerabilities in the IGMP
> > functionality which was backported in the Red Hat Enterprise Linux 3
> > kernels. These flaws could allow a local user to cause a denial of
> > service (crash) or potentially gain privileges. Where multicast
> > applications are being used on a system, these flaws may also allow
> > remote users to cause a denial of service. The Common Vulnerabilities
> > and Exposures project (cve.mitre.org) has assigned the name
> > CAN-2004-1137 to this issue.
>
> This one also Hangs one cpu effectivly (I checked CAN-2004-1016 first)
Thanks, this has been fixed by the upload of kernel-source-2.4.27 2.4.27-7,
and the correspodning kernel-image-2.4.27-i386 2.4.27-7 package.
--
Horms
