Hash: SHA1
- --------------------------------------------------------------------------
Debian Security Advisory DSA 1378-2 security@debian.org
http://www.debian.org/security/
Dann Frazier
September 28th, 2007
http://www.debian.org/security/faq
- --------------------------------------------------------------------------
Package : linux-2.6
Vulnerability : several
Problem-Type : local
Debian-specific: no
CVE ID : CVE-2007-3731 CVE-2007-3739 CVE-2007-3740 CVE-2007-4573
CVE-2007-4849
Several local and remote vulnerabilities have been discovered in the Linux
kernel that may lead to a denial of service or the execution of arbitrary
code. The Common Vulnerabilities and Exposures project identifies the
following problems:
CVE-2007-3731
Evan Teran discovered a potential local denial of service (oops) in
the handling of PTRACE_SETREGS and PTRACE_SINGLESTEP requests.
CVE-2007-3739
Adam Litke reported a potential local denial of service (oops) on
powerpc platforms resulting from unchecked VMA expansion into address
space reserved for hugetlb pages.
CVE-2007-3740
Steve French reported that CIFS filesystems with CAP_UNIX enabled
were not honoring a process' umask which may lead to unintentinally
relaxed permissions.
CVE-2007-4573
Wojciech Purczynski discovered a vulnerability that can be exploitd
by a local user to obtain superuser privileges on x86_64 systems.
This resulted from improper clearing of the high bits of registers
during ia32 system call emulation. This vulnerability is relevant
to the Debian amd64 port as well as users of the i386 port who run
the amd64 linux-image flavour.
CVE-2007-4849
Michael Stone reported an issue with the JFFS2 filesystem. Legacy
modes for inodes that were created with POSIX ACL support enabled
were not being written out to the medium, resulting in incorrect
permissions upon remount.
These problems have been fixed in the stable distribution in version
2.6.18.dfsg.1-13etch3.
This advisory has been updated to include a build for the arm architecture,
which was not yet available at the time of DSA-1378-1.
The following matrix lists additional packages that were rebuilt for
compatibility with or to take advantage of this update:
Debian 4.0 (etch)
fai-kernels 1.17+etch.13etch3
user-mode-linux 2.6.18-1um-2etch.13etch3
We recommend that you upgrade your kernel package immediately and reboot
the machine. If you have built a custom kernel from the kernel source
package, you will need to rebuild to take advantage of these fixes.
Upgrade Instructions
- --------------------
wget url
will fetch the file for you
dpkg -i file.deb
will install the referenced file.
If you are using the apt-get package manager, use the line for
sources.list as given below:
apt-get update
will update the internal database
apt-get upgrade
will install corrected packages
You may use an automated update by adding the resources from the
footer to the proper configuration.
Debian GNU/Linux 4.0 alias etch
- --------------------------------
Source archives:
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-2.6_2.6.18.dfsg.1-13etch3.dsc
Size/MD5 checksum: 5672 c1bd844f7cda4fbe195633ca2f10e1ed
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-2.6_2.6.18.dfsg.1-13etch3.diff.gz
Size/MD5 checksum: 5318081 24ff4c8f5d53eb3b7c9fe8a080827045
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-2.6_2.6.18.dfsg.1.orig.tar.gz
Size/MD5 checksum: 52225460 6a1ab0948d6b5b453ea0fce0fcc29060
http://security.debian.org/pool/updates/main/f/fai-kernels/fai-kernels_1.17+etch.13etch3.dsc
Size/MD5 checksum: 740 ae1bf8aadf49ec47235774fac7f5cb06
http://security.debian.org/pool/updates/main/f/fai-kernels/fai-kernels_1.17+etch.13etch3.tar.gz
Size/MD5 checksum: 54342 9c94bc12cef25ab30b5a66035c7588a2
Size/MD5 checksum: 892 76ffc1795c64ab756e04659d71b448f7
Size/MD5 checksum: 14307 80979b335d9db66a3994b5c0f9f6136b
Size/MD5 checksum: 14435 4d10c30313e11a24621f7218c31f3582
Architecture independent components:
Size/MD5 checksum: 3586464 642f8635f26aa477585eede9fb3e3a8e
Size/MD5 checksum: 1084976 f7012142b8ecde3b20e859ffdbafa76a
Size/MD5 checksum: 1493922 79ef3fd2042d76d90ffc8ea77317b4a4
Size/MD5 checksum: 41419430 9bf2852f380c1a29b0068654960e6e01
Size/MD5 checksum: 3738764 f072fb67d41664c4e57df70a8ac22fdb
Size/MD5 checksum: 51772 a46496ef69dfef51a10a7a9368eb7c37
Alpha architecture:
Size/MD5 checksum: 3024850 7261d6636358ad82a5f6610d115b887c
Size/MD5 checksum: 51154 5467b5cce245c40150a4cec4ad593f2d
Size/MD5 checksum: 51198 4101e258cd154eee62224b9b4ecd7b6c
Size/MD5 checksum: 264108 1bb481319062774290337f72846e158d
Size/MD5 checksum: 264510 61a762950becbdd713f90a85f0a7a8f9
Size/MD5 checksum: 263466 40b0e2b1e295c75c08d2b0e2778837bc
Size/MD5 checksum: 3048826 8e25666c1b25a816d1b0d606ed4ca4b5
Size/MD5 checksum: 264818 226e6f277f37252d140cc7d47ebb77a9
Size/MD5 checksum: 23486594 c8c9cb18e436da5c33546e9b6543320f
Size/MD5 checksum: 23465590 515cf24ccbb4b54138e8cc7574d70099
Size/MD5 checksum: 23839570 689c36aff6df07819fa51b1ad38b903e
Size/MD5 checksum: 23530136 2e19973862f5af549a5e66e0747990a6
AMD64 architecture:
Size/MD5 checksum: 3165060 754cc08cae8f216999d0024c93750e82
Size/MD5 checksum: 51312 cde8270f1364c37ad549636895712ecb
Size/MD5 checksum: 51336 ef87759d8919c48dcfe3c736d5efbc2d
Size/MD5 checksum: 268844 d8a38476b009df23ebab04cb3610fe9d
Size/MD5 checksum: 3188360 6d1ed40c08af5f1585593019d50631d4
Size/MD5 checksum: 269232 32d28994c896ad6ad4091233552ce30f
Size/MD5 checksum: 3331540 03b13b7957bc0ccd11de8c3510af2d27
Size/MD5 checksum: 269588 ec44153ca4019201034b3ab662c7744c
Size/MD5 checksum: 3354302 0c0382fb2e1a33cf2799b302eccf41a9
Size/MD5 checksum: 269900 19eaf721177cdee26c5b5d9a70bda756
Size/MD5 checksum: 16801104 8da4f4152b3e8a9d450407562b219dc5
Size/MD5 checksum: 16839902 5a5a2cbc2cf4ac581b3fb75c45097195
Size/MD5 checksum: 1648332 3aad8384129443377f2704f64c6b1223
Size/MD5 checksum: 1679452 acc0edb1dff87dfae6cfbeeea37db2ef
Size/MD5 checksum: 15239962 fd6afef74b1a3d1b7bbe47a5ed748d2d
Size/MD5 checksum: 15255752 352e7a342954778582a43f1922378f1b
Size/MD5 checksum: 51290 b583c1ae3ac4ace3202e9ccce0fdd2f7
Size/MD5 checksum: 51304 a28abd544c1c1bc0f433ba8d1dac5352
http://security.debian.org/pool/updates/main/f/fai-kernels/fai-kernels_1.17+etch.13etch3_amd64.deb
Size/MD5 checksum: 5953464 df6352225b4e5f2c833deb50af41f90e
ARM architecture:
Size/MD5 checksum: 3407574 711316bd4ba0784184ef5ee55b0c1383
Size/MD5 checksum: 51166 a4a3eb02834826052e3f687ea907b8fc
Size/MD5 checksum: 51210 05a58fc0b3914fc4ac37347292e134f5
Size/MD5 checksum: 230124 2fb1526102d6164ba732d823f8f492f3
Size/MD5 checksum: 231056 3fc42c5be86aa153e8523dab37fe16ff
Size/MD5 checksum: 237110 5a3fa1deb02fbc2497fea19001a006bd
Size/MD5 checksum: 195222 ba8efd3ef9e8eba5db1507480333ab49
Size/MD5 checksum: 200386 4e0ee223692b1079c65b932e5504c46d
Size/MD5 checksum: 7560672 4152bfddc6fbe71d9889cf2dfba4a7ae
Size/MD5 checksum: 7921808 fae8c36efae0e833c3d7360018c7c6eb
Size/MD5 checksum: 8865606 735b2fce4087371f261bc5a5706d5129
Size/MD5 checksum: 4584206 d1a80fac47136d852d2b00087e5bee44
Size/MD5 checksum: 5006262 a0670890b07db68bf3775883a9c8e745
HP Precision architecture:
Size/MD5 checksum: 2964790 3c233b78beb82854ad8f8c59631a7e6c
Size/MD5 checksum: 51316 2c392828bd8ebc0cc5b0b6353be03cce
Size/MD5 checksum: 51344 e029ac492fff7f773b6fb90ab107886b
Size/MD5 checksum: 188994 c53efd1e9dc852119c038df966b81c8f
Size/MD5 checksum: 189850 a3680826df708c323be55c5cc27df7be
Size/MD5 checksum: 189656 b94053ce54fa8684ecf8f02daedf993b
Size/MD5 checksum: 190270 af48e06dc0fa96a42c0666ff69b80e97
Size/MD5 checksum: 10499010 f7f84f9e3f5e66939e252decd4f29ef5
Size/MD5 checksum: 10940878 315807a60264d4a1dc21e44facd1020d
Size/MD5 checksum: 11346866 bf53c4333bb56091a023d164783ecc3c
Size/MD5 checksum: 11752870 ef592928a2b7f091ecbc6faa99ffd285
Intel IA-32 architecture:
Size/MD5 checksum: 3165112 b2d2cb3335fe4e2403a98c5cd63b2eba
Size/MD5 checksum: 281794 126092eb229e71eaad3e7d7a36d17754
Size/MD5 checksum: 275890 46cfd21b443148ec6b98e3d87a12d1b4
Size/MD5 checksum: 278048 4516ed33a3cf4c6459a33b8afc19eb4e
Size/MD5 checksum: 51314 7caae89649c7f1ea095b47c5ee769009
Size/MD5 checksum: 51368 f755bac5a16c119df79fbe0ba3426b8d
Size/MD5 checksum: 268892 b4e0de1ef417c81185bb5a6c5fb8cbf5
Size/MD5 checksum: 276022 7aad97d5809e61fc834c8d5f558a6641
Size/MD5 checksum: 3051414 291ffaf42d16086bb6dfdece985ebfc8
Size/MD5 checksum: 274608 15661c5661d068fc690093e33e0cbc0a
Size/MD5 checksum: 274806 47961f1c9ed5b8688e684eb24a97d412
Size/MD5 checksum: 3145706 0bc912cea0cfc3d9253fa2603b70a3ee
Size/MD5 checksum: 270306 8737b4e07e69c342829a27f07efc2b92
Size/MD5 checksum: 3167860 30b0868030123e876d2de289d4aafce7
Size/MD5 checksum: 271424 476e6173c42cecfafbd8eabdb10bf2c4
Size/MD5 checksum: 16171498 2fc3cc92b2684189e70ec1f95e698249
Size/MD5 checksum: 16320492 afa8ee6475d66ff43fa198957b2a195f
Size/MD5 checksum: 16385944 c1b6026c6f2c9308653a17c13970f296
Size/MD5 checksum: 16816648 3d67f492a56ebb2ae1fb772c34c56d3b
Size/MD5 checksum: 16451748 5f1b94073a38edded3317d970e0ee1e7
Size/MD5 checksum: 16360874 ba55829047abc6a8b0193e81a3924f2f
Size/MD5 checksum: 16489572 9a805b2b9a65809bfe69f242dcabb876
Size/MD5 checksum: 1296892 b06fe054abbcb6c4d4da61b98c740fd8
Size/MD5 checksum: 1324034 4980e4399abb7b8ee972c188805bfa97
Size/MD5 checksum: 14259144 d4a68bc1ad72f7e01f700f5debfad105
Size/MD5 checksum: 14272858 7321f4ff1569565ef56e00b895b74d00
Size/MD5 checksum: 51298 6b55500ea040ffb7952fdfcf39718d9a
Size/MD5 checksum: 51306 3717938af3a89530021e346ed00e7b89
http://security.debian.org/pool/updates/main/f/fai-kernels/fai-kernels_1.17+etch.13etch3_i386.deb
Size/MD5 checksum: 5500914 83786305ce1b91a606159a664067ada0
Size/MD5 checksum: 25581668 52cae7bf537d4606dd2c81ad2fecdab2
Intel IA-64 architecture:
Size/MD5 checksum: 3079074 d0b1d1fc8febf7fa3a20a0d13d54c033
Size/MD5 checksum: 51314 22f7787904f28607e9a92865c2db987f
Size/MD5 checksum: 51334 cbbda564c0228bd81fca91313ef2dcc6
Size/MD5 checksum: 252332 c3462831353568373f9ed3aad28edd9a
Size/MD5 checksum: 252270 f99300b25f3c641b044cc4001c745f4e
Size/MD5 checksum: 28008066 e20321da89e84839dbc9b34105142f73
Size/MD5 checksum: 28178386 de6dff8f8bd0af1fa13d0e5922ba9fc5
Big endian MIPS architecture:
Size/MD5 checksum: 3347004 661503f72c812d3d5bbdce79f8026156
Size/MD5 checksum: 51318 65d73a0b42f5028fecc0aee106056e5f
Size/MD5 checksum: 51366 7ec7830eed092088ee0307666438a9cc
Size/MD5 checksum: 146740 17804bdcbf7b24325c71eb11bed03473
Size/MD5 checksum: 157206 722bc60f3e95d4a5eba81c5f6d8a91c9
Size/MD5 checksum: 161534 09f5d89241bf3ffc01be091d82f6c838
Size/MD5 checksum: 180138 8db782b13039068245f06b219215b626
Size/MD5 checksum: 179874 01b1283374f39236fa30b1a279f968fb
Size/MD5 checksum: 6091102 611be0ed59451669af3b2f49a00931d5
Size/MD5 checksum: 8271796 58827e1bff9c67019873476dde52e599
Size/MD5 checksum: 9039394 87ea04759e6eedf59af41e5ef58f101a
Size/MD5 checksum: 15637290 4356a27d94e6f671b5b89a8d6e7c3bd2
Size/MD5 checksum: 15608044 65fac0e4b0fd097ad53133a22d785338
Little endian MIPS architecture:
Size/MD5 checksum: 3347160 ab1a9801444fab092b4a72b38f6e1191
Size/MD5 checksum: 51318 1c71ae4a0ac07c18629daa8126daf2e2
Size/MD5 checksum: 51374 239a15a27b9c091476e325526be0c1c8
Size/MD5 checksum: 146794 04e2de28cff60d105919037d2766eba4
Size/MD5 checksum: 152996 1c2714318d0a1f85248584ef1a0aa30f
Size/MD5 checksum: 153022 32eb281559632426cc5d3ed4953eb502
Size/MD5 checksum: 175682 a0778a6edb9125096d82947f3a34df5e
Size/MD5 checksum: 180020 a8c8c8ad8a61359b309574fb7161b1af
Size/MD5 checksum: 179814 3e0264b16eddbb14717c9206b398c347
Size/MD5 checksum: 6025496 1922a6c7b016a25976a9281386e38bcc
Size/MD5 checksum: 5937918 995be142fcc6b13a8cba108926ff4afe
Size/MD5 checksum: 5922386 c1576f9427a7d229099248836f89dfc1
Size/MD5 checksum: 9858332 117f438f7776686f7c957e437e2682b6
Size/MD5 checksum: 15053214 2e0e0eb5ec63f2e3f9d6913014b8406f
Size/MD5 checksum: 15021190 eef8c748cbf274ed01c7f33e33fa3561
PowerPC architecture:
Size/MD5 checksum: 3389468 b0a4e7b558e710635227fb995a42071b
Size/MD5 checksum: 51326 910bfa327d7d11edc8a16f7d2d002266
Size/MD5 checksum: 51370 bfbae6c08efb7a806bac110df89471d1
Size/MD5 checksum: 248408 d77337459f8d18cd894aff3f8a955b1d
Size/MD5 checksum: 226044 219668bc358fd6c33b01f0b4b7956928
Size/MD5 checksum: 249032 d355d451e754245ea360739f2d9adf89
Size/MD5 checksum: 248976 1729ca9adba3ef6df3745fca0581cbf2
Size/MD5 checksum: 244222 651d856ad6d3130861e14bb418aa2d5e
Size/MD5 checksum: 3411748 d8ced91b10eb1b26afd0f020d7e19e38
Size/MD5 checksum: 248818 43e808366f043639a1f038b3fd5d3e5b
Size/MD5 checksum: 249624 df1e63f8426e685cc7e5c4a5338055bb
Size/MD5 checksum: 16624106 375b897f7945c4ec018616ddc23f73e5
Size/MD5 checksum: 15150978 8bc90791256b41fdd2178cc82f6d1f31
Size/MD5 checksum: 16961086 78ed10e9534d9a613aa5cfa164cb0a48
Size/MD5 checksum: 18291760 96113bb560c56e60b68fd610953068ce
Size/MD5 checksum: 16397436 313dc264e19ab541810e4d16a7aa9bdc
Size/MD5 checksum: 17009336 72a8d965ee8309fe30a3a4b386fb83fb
Size/MD5 checksum: 18341888 a5a85b8e5aaa0856679ff5e931d1a745
http://security.debian.org/pool/updates/main/f/fai-kernels/fai-kernels_1.17+etch.13etch3_powerpc.deb
Size/MD5 checksum: 3363958 271639310c0473d23a036895b11f8238
IBM S/390 architecture:
Size/MD5 checksum: 2940262 5a079420d24314727e5cc4679ce7ee4e
Size/MD5 checksum: 51312 23b5979839026f27172b8081da2fb258
Size/MD5 checksum: 51334 c1976ee681e5ded52041bf0309196522
Size/MD5 checksum: 139726 a91901c63afdfeb36e36fae64b7ccb8d
Size/MD5 checksum: 140218 00835fe3d6fa44b48df914029f4c8af9
Size/MD5 checksum: 2963274 2f664783dad1619383a160f55218e18d
Size/MD5 checksum: 141182 fbea8082ab79eae9a8d8e28f1724fb74
Size/MD5 checksum: 5399074 e1d1777b81019b22d984403b783c8152
Size/MD5 checksum: 1435770 244464ce9a421a430356e8879f8c07c7
Size/MD5 checksum: 5614696 bb6ef7f25a2fc2b5bbcb8e2ec0333fb0
Size/MD5 checksum: 5659740 5b38a2ee19d3e664a27abdd40556cebb
Sun Sparc architecture:
Size/MD5 checksum: 3165234 cac78d535b50cc5acc1716b1ea477897
Size/MD5 checksum: 51314 89a1e842b8e1a6f598f2eec8b5eb0a80
Size/MD5 checksum: 51344 c910cf122c8c8eede0b2a4413169cd4b
Size/MD5 checksum: 162712 3a77b24ed6cc44d0e56b594c662da56c
Size/MD5 checksum: 191704 e4395e6af89fde53b36bf41effa2aa0a
Size/MD5 checksum: 192608 a5d1998511c374713392e3981bc3fa10
Size/MD5 checksum: 3187614 c67dff0e72bd960c4b6042cb8bec397d
Size/MD5 checksum: 192882 8e8a8d09f8a6c07bb6129dab0933f724
Size/MD5 checksum: 6406506 e9be24946f8f44fc71ce2d91b39cc92a
Size/MD5 checksum: 10353392 f63486d1ae8cd01722c5952b3caf89d6
Size/MD5 checksum: 10610920 206d871acd6c7db2f9ec51bd1eef2faa
Size/MD5 checksum: 10656398 013b73fcb610445e707dec4713eb7ff1
These files will probably be moved into the stable distribution on
its next update.
- --------------------------------------------------------------------------------- iD8DBQFG/YlZhuANDBmkLRkRAjY4AJ4o7ih2TfARNZpfZ7LiLlrkJjzp2QCeL9Jh
For apt-get: deb http://security.debian.org/ etch/updates main
For dpkg-ftp: ftp://security.debian.org/debian-security dists/etch/updates/main
Mailing list: debian-security-announce@lists.debian.org
Package info: `apt-cache show <pkg>' and http://packages.debian.org/
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
jCB+buzv7+ZYkWUW2PdVIj0=
=GBI0
-----END PGP SIGNATURE-----
--
To UNSUBSCRIBE, email to debian-security-announce-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
No comments:
Post a Comment