Hash: SHA1
- --------------------------------------------------------------------------
Debian Security Advisory DSA 1428-2 security@debian.org
http://www.debian.org/security/
dann frazier
December 11th, 2007
http://www.debian.org/security/faq
- --------------------------------------------------------------------------
Package : linux-2.6
Vulnerability : several
Problem-Type : local/remote
Debian-specific: no
CVE ID : CVE-2007-3104 CVE-2007-4997 CVE-2007-5500 CVE-2007-5904
Several local and remote vulnerabilities have been discovered in the Linux
kernel that may lead to a denial of service or the execution of arbitrary
code. The Common Vulnerabilities and Exposures project identifies the
following problems:
This is an update to DSA 1428-1 which omitted a reference to CVE-2007-5904.
CVE-2007-3104
Eric Sandeen provided a backport of Tejun Heo's fix for a local denial
of service vulnerability in sysfs. Under memory pressure, a dentry
structure maybe reclaimed resulting in a bad pointer dereference causing
an oops during a readdir.
CVE-2007-4997
Chris Evans discovered an issue with certain drivers that make use of the
Linux kernel's ieee80211 layer. A remote user could generate a malicious
802.11 frame that could result in a denial of service (crash). The ipw2100
driver is known to be affected by this issue, while the ipw2200 is
believed not to be.
CVE-2007-5500
Scott James Remnant diagnosed a coding error in the implementation of
ptrace which could be used by a local user to cause the kernel to enter
an infinite loop.
CVE-2007-5904
Przemyslaw Wegrzyn discovered an issue in the CIFS filesystem that could
allow a malicious server to cause a denial of service (crash) by overflowing
a buffer.
These problems have been fixed in the stable distribution in version
2.6.18.dfsg.1-13etch5.
The following matrix lists additional packages that were rebuilt for
compatability with or to take advantage of this update:
Debian 4.0 (etch)
fai-kernels 1.17+etch.13etch5
user-mode-linux 2.6.18-1um-2etch.13etch5
We recommend that you upgrade your kernel package immediately and reboot
the machine. If you have built a custom kernel from the kernel source
package, you will need to rebuild to take advantage of these fixes.
Upgrade Instructions
- --------------------
wget url
will fetch the file for you
dpkg -i file.deb
will install the referenced file.
If you are using the apt-get package manager, use the line for
sources.list as given below:
apt-get update
will update the internal database
apt-get upgrade
will install corrected packages
You may use an automated update by adding the resources from the
footer to the proper configuration.
Debian GNU/Linux 4.0 alias etch
- --------------------------------
Source archives:
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-2.6_2.6.18.dfsg.1-13etch5.dsc
Size/MD5 checksum: 5672 390c88b29fe653c12f7018972b1695bc
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-2.6_2.6.18.dfsg.1-13etch5.diff.gz
Size/MD5 checksum: 5346730 d4a7f5af03847fd4bd0fcb3c60d5a4d0
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-2.6_2.6.18.dfsg.1.orig.tar.gz
Size/MD5 checksum: 52225460 6a1ab0948d6b5b453ea0fce0fcc29060
http://security.debian.org/pool/updates/main/f/fai-kernels/fai-kernels_1.17+etch.13etch5.dsc
Size/MD5 checksum: 740 3ae815ccec78eeb526c0c79092b1edfa
http://security.debian.org/pool/updates/main/f/fai-kernels/fai-kernels_1.17+etch.13etch5.tar.gz
Size/MD5 checksum: 54893 693538d4949750917d0ee76900f1161b
Size/MD5 checksum: 892 b51719d9d6aa64d2ab6e393dcfb78a4e
Size/MD5 checksum: 14898 9369f1a12b7fcbba4d34efd07bd42c91
Size/MD5 checksum: 14435 4d10c30313e11a24621f7218c31f3582
Architecture independent components:
Size/MD5 checksum: 3749030 dfe5d1d809db9b0d7fa2e4cfb3994f41
Size/MD5 checksum: 1102996 906d72085e36fb0891075234f5307aef
Size/MD5 checksum: 1517932 02d89435b8513826e56b3d77ba321100
Size/MD5 checksum: 42114292 9fb346134b26571afb1c7097be826d9e
Size/MD5 checksum: 3750318 b1681ce9c1eedf43a3f5e5e23ee11ed6
Size/MD5 checksum: 52238 f4c103e1b7ae34fa2feeb718ea089f15
Alpha architecture:
Size/MD5 checksum: 3025390 8267ff0732893a068ffec5292ef6bd34
Size/MD5 checksum: 51768 758813ebd5884321b1732698aebabdbb
Size/MD5 checksum: 51802 e66949096d5dfb0d98cdbbd7864564cf
Size/MD5 checksum: 264578 897bc541b3b9d2034afe3eb7ceecf96f
Size/MD5 checksum: 264964 f69779de1da9c8ab2359d30f820ada25
Size/MD5 checksum: 263994 ad51eaf9df5c147eafb35938868dbedc
Size/MD5 checksum: 3049350 d5d4037d9c341e22b8d6d1fe8d40dd54
Size/MD5 checksum: 265334 303765135022ae5dba2a3ccb46d02ccc
Size/MD5 checksum: 23488314 3165665e9a84e80d1c0cff87460f3269
Size/MD5 checksum: 23466462 f392cd05c86e438ddb8c5f37315725e1
Size/MD5 checksum: 23842112 4b7c7135a8a482ab124590baf4a347d2
Size/MD5 checksum: 23530430 e34fc382a69738ec412e23c0118164c3
AMD64 architecture:
Size/MD5 checksum: 3165612 32e66f69636075fb358da089fbc57f59
Size/MD5 checksum: 51810 359486e6da8799aa9fcdfe7f1c3ef586
Size/MD5 checksum: 51836 c5c6395c8eb39f53d66524459d8da936
Size/MD5 checksum: 269324 3f7d0b48477a82faf2b4e89bf188f2b3
Size/MD5 checksum: 3188908 3c98b5a3fa170ffadb702dcc9d3871da
Size/MD5 checksum: 269690 5817985af9a7b8735ea85bbee0019b40
Size/MD5 checksum: 3332000 089fc0a53787894f461951c0f3b3d526
Size/MD5 checksum: 270006 b8a4ee56a574b7a0e32efa68af876248
Size/MD5 checksum: 3354816 8431b92a0a12e695ef9f04df46111a79
Size/MD5 checksum: 270308 643e099ebd39c4c137ad06b93c6877e0
Size/MD5 checksum: 16800466 cf192e859728b2ea79176c98648a914e
Size/MD5 checksum: 16841008 81ee1ad5e4abe81a967bc7c9127227c0
Size/MD5 checksum: 1649076 9912567288bf99d00fda3dae0d8b66cd
Size/MD5 checksum: 1680886 b6de58e6a8c3d81be496af3b49a3806b
Size/MD5 checksum: 15240816 bb73359d930df04b9e1b1d8151fa2b8e
Size/MD5 checksum: 15258074 139ee9b6cdb8da6afd67be955d837a0b
Size/MD5 checksum: 51796 7b7cce50312e98863c1edb3f40c88b05
Size/MD5 checksum: 51804 99471d8b1ed6b00ce1a28f658f5d3f78
http://security.debian.org/pool/updates/main/f/fai-kernels/fai-kernels_1.17+etch.13etch5_amd64.deb
Size/MD5 checksum: 5953998 dfbf90f368697fca88389fa13beda5d0
ARM architecture:
Size/MD5 checksum: 3407836 470cf4759b4935790ba12afae543ff3f
Size/MD5 checksum: 51776 27837549ae9d284ecbc78e5026dba436
Size/MD5 checksum: 51824 75180a4e37d5bdd782aa20aaf8cdd860
Size/MD5 checksum: 230886 bec7ba28e90713b6280e562c641886bb
Size/MD5 checksum: 231970 a4ba118313099fe7cb025e2b4aeb6948
Size/MD5 checksum: 236610 f78020bd8b37cd3f07f09bf03d95c14a
Size/MD5 checksum: 196498 2def2e8033a4a7f5b02b13e612d0a3ea
Size/MD5 checksum: 201386 653da7062a5664248cead22b4ea535e1
Size/MD5 checksum: 7556394 79698e47bbfe89e43188f0397513e376
Size/MD5 checksum: 7914686 98ef2e8016c18b3a948b7916bf65e011
Size/MD5 checksum: 8854300 c041bc2475a2b53918f4714da21faa49
Size/MD5 checksum: 4578024 2875854f01f4fdb9ca936b7f1e54b567
Size/MD5 checksum: 5004336 5a80560e77771830fa5233b1ef210d57
HP Precision architecture:
Size/MD5 checksum: 3017636 8319ac1d37bde1bc986c59ce20b78c60
Size/MD5 checksum: 51824 6a8c73326c918e03c759e395e2ddc674
Size/MD5 checksum: 51850 650f12db29933ba9edf1f54e83f0aee7
Size/MD5 checksum: 192884 f2384ef339e19aa9aa56efb729214a43
Size/MD5 checksum: 193670 c035e9cd8902e67b276cd608b6d24ba4
Size/MD5 checksum: 193178 23e73e3cbe12322dfa46eb4f775425ef
Size/MD5 checksum: 194480 69952b096690e68837148157db39a65f
Size/MD5 checksum: 10550224 4c899704bb456fb0c27ae1ef0be48ae8
Size/MD5 checksum: 10993166 e1a3bced39f9d31cb7b37744c68cd047
Size/MD5 checksum: 11395816 9fafdde53b869edd35e0ac17f64f5200
Size/MD5 checksum: 11801548 b0070e52e6863e9fd2a01c55fc9dd062
Intel IA-32 architecture:
Size/MD5 checksum: 3225824 974b0346785fd09c245622b3f2bef116
Size/MD5 checksum: 283294 359808d165750dc606242857c8f108cd
Size/MD5 checksum: 280000 31e1980537c7002b69c2f77cc9497a91
Size/MD5 checksum: 280384 980f6ab88592643559225e267311ebde
Size/MD5 checksum: 51762 34fc01bff69dcece6b23e5cfed60d593
Size/MD5 checksum: 51820 15b50c9817a5efd80fc569f7a67f1879
Size/MD5 checksum: 273888 214a53f3ac994ccc7356ca9d8fb5b587
Size/MD5 checksum: 280038 07cf6da4044c268623926216982af3d9
Size/MD5 checksum: 3112804 50ba2d096e2f62fc0a4e91389ed5bc0d
Size/MD5 checksum: 278810 5b56982b88aa82babbe188073f89ae2a
Size/MD5 checksum: 278968 266161d543454bde2892765bd87deb02
Size/MD5 checksum: 3208740 2a5e70bfe4d583c3ae1c26d2a97fe89e
Size/MD5 checksum: 273570 51b9f061f7f462ad799e83d741aefead
Size/MD5 checksum: 3232018 76af090e456e04d68422715f6274c3d0
Size/MD5 checksum: 273890 8d05bd79d25b0e811992b33c25c25c7c
Size/MD5 checksum: 16292512 2d3610148587293dd3f0397d886dc7a3
Size/MD5 checksum: 16438810 1a8f17b356c1fa533ba4b2865b7f475b
Size/MD5 checksum: 16514204 738b6e8bb294bf85ce633ab525c45825
Size/MD5 checksum: 16903776 b407e8ddfac494849a09c00cf41ef81d
Size/MD5 checksum: 16570508 8b4e916fac7d22522c7802530f9759a0
Size/MD5 checksum: 16480240 cdc7af51ccafea22fc542ee4e7ff5929
Size/MD5 checksum: 16614696 1e0fc7ce1af270903f00cb7f57b55419
Size/MD5 checksum: 1297512 56751550416f81e8f5c43ec88b92ee40
Size/MD5 checksum: 1324772 eb1f4491a2370266dfd7bb8ddf4b56c3
Size/MD5 checksum: 14353704 db62a7a18582efd94ffc28f268c3feda
Size/MD5 checksum: 14370364 9d2c12616369a9aba428238629621d9c
Size/MD5 checksum: 51746 af55f3b5c7adbb8c8cd8b676a274d535
Size/MD5 checksum: 51764 f46142556aaa35ee4776b6ac2e6092e3
http://security.debian.org/pool/updates/main/f/fai-kernels/fai-kernels_1.17+etch.13etch5_i386.deb
Size/MD5 checksum: 5500034 ed04b238a3a6c84e11608956d45b6976
Size/MD5 checksum: 25584950 31d02c7a469a08f773342270020baea5
Intel IA-64 architecture:
Size/MD5 checksum: 3079588 b1cc714e5b2fd392fb4801745911fc1e
Size/MD5 checksum: 51820 2457dc6ba8c06479f3d7509d44aba18f
Size/MD5 checksum: 51842 1938ae6bd829b465bb6493288c614dfc
Size/MD5 checksum: 252954 8c7e9fee2d53eb56f3cea35c55edf390
Size/MD5 checksum: 253816 743b6d095ba54c66f7c667530e2d182c
Size/MD5 checksum: 28008896 ae734f2372ec331ec54f7ff25b81a304
Size/MD5 checksum: 28178694 e64f38a93b775abd6f3424c89b30eceb
Big endian MIPS architecture:
Size/MD5 checksum: 3347512 9c5b00cae057007f825045b2b3209d60
Size/MD5 checksum: 51818 46ef9fe86d6bd07d18e36da8c2d31990
Size/MD5 checksum: 51870 0601d0a8dd9c282778f2954962d83436
Size/MD5 checksum: 147374 d01a56377ba7696745c82255774c917a
Size/MD5 checksum: 157702 f143f1a0e354007d8183de0379ce8d4e
Size/MD5 checksum: 162000 47f62e70e7b3cdf4987c76f10b4cc5d9
Size/MD5 checksum: 181014 52fed1e38470e4daad07e53be769d224
Size/MD5 checksum: 180504 dbf5f312ff5b2d36ce28508a271a30f8
Size/MD5 checksum: 6091866 e88da3849cfb7367a2bdd6d6bc650c98
Size/MD5 checksum: 8271672 299d184bde94bbf5822294a9884e4782
Size/MD5 checksum: 9040372 a133a89d73a749fa5ae66e4a13a0dc68
Size/MD5 checksum: 15638966 2ba61f98db9623d465ea79dfaa999201
Size/MD5 checksum: 15608012 9a02196aede17cf91c89e596b9566cd5
Little endian MIPS architecture:
Size/MD5 checksum: 3347706 1e5cc44606afb886c56e07ae77387358
Size/MD5 checksum: 51824 f4cdf2e43cda6612b810693d8d38fb27
Size/MD5 checksum: 51882 8d8c65906cd2cb2453dcee4aee8f4e47
Size/MD5 checksum: 147962 f928f7bc1943bfd2dfe2f09260fae5f1
Size/MD5 checksum: 154062 fe4be72e5f56f838fd2ed519c1550903
Size/MD5 checksum: 154402 eaa124c2c4a9a0029ce718480a3ca478
Size/MD5 checksum: 176472 b5997e6d5b9e827d83489ff9d587031c
Size/MD5 checksum: 181218 b5b94f8571eab57c9160fabb8d970b90
Size/MD5 checksum: 181048 2ee0fe5fd01aacde01e9c6909c68026b
Size/MD5 checksum: 6025804 66c3b6e956e4b398c95e8431711832bd
Size/MD5 checksum: 5938656 98dcc7c3c1fe7b8355a2d451f58525a0
Size/MD5 checksum: 5923724 84f2890c4cfad24c57c4ea93155c323a
Size/MD5 checksum: 9859198 4554402cb43258c9033efcc6ec92a6d5
Size/MD5 checksum: 15053402 a9ef075ac46f3d31bf3ef555e92b172a
Size/MD5 checksum: 15022684 317bf90ae188d5e5e9ec6a5af52d142c
PowerPC architecture:
Size/MD5 checksum: 3389848 23f0eccb741a4bb98e1018fb7a5b2fb4
Size/MD5 checksum: 51824 d83983e7396a839d1866ba0e905304ef
Size/MD5 checksum: 51870 06d965e57ac1cf24f37e7c585737799a
Size/MD5 checksum: 248678 964d912297b422c09229dee5b5657be8
Size/MD5 checksum: 226650 63f91df2f750863e7eff25377765f829
Size/MD5 checksum: 249162 03d7c11e73bbe33dcc460de5ae27c3d0
Size/MD5 checksum: 249818 5b2dbd717e706f3a91ef72b120cb4e8b
Size/MD5 checksum: 244064 44587af81d3e41130ca3429911dea01c
Size/MD5 checksum: 3412104 a920f8fe1193f2b5931587b377979683
Size/MD5 checksum: 249622 b9fa879bd933f2c59f8cf420d2422098
Size/MD5 checksum: 251000 aa4d9914f7409343780261c6efc7adb2
Size/MD5 checksum: 16624286 ec8a95353f82031a6d3899995808b9a8
Size/MD5 checksum: 15152632 62321a0e80abdd44758f182d2c615d46
Size/MD5 checksum: 16962026 0bd059739376be485a097b3e1a3261e6
Size/MD5 checksum: 18291826 7ab718c13cd46893f0fbe3c4659a70e4
Size/MD5 checksum: 16397250 007b0ae664f3183f53fbadd5397880fa
Size/MD5 checksum: 17011828 c861c839cc9c574d699ec311c972e554
Size/MD5 checksum: 18343530 8577a61b277927f26c6cbed2ec82be68
http://security.debian.org/pool/updates/main/f/fai-kernels/fai-kernels_1.17+etch.13etch5_powerpc.deb
Size/MD5 checksum: 3364884 12b92ef3633988a9c52f51b3aa390da8
IBM S/390 architecture:
Size/MD5 checksum: 2940776 6be245d9e692a9c5b9779a0ebc4501b4
Size/MD5 checksum: 51816 b1af4d8ba34527c2e1025a881696f62c
Size/MD5 checksum: 51838 fb0a2f71ee1f4f98c2908d651ee61afa
Size/MD5 checksum: 140510 581ce3fa207ef7b671ffac0cc5f9abd8
Size/MD5 checksum: 140972 76c4fcf338223ab5d5ddcec2183c59a2
Size/MD5 checksum: 2963788 e417f8455d8af05ac6fce9f5632da311
Size/MD5 checksum: 141880 737ae395d89bcafe475afbc101a123b8
Size/MD5 checksum: 5399606 20fa0b1aaaedd1e69b65436e10d9961c
Size/MD5 checksum: 1436294 2646c584c13499dee672aeac54b8aa4a
Size/MD5 checksum: 5615918 c08a944fa27547afa9b47b03169b6cef
Size/MD5 checksum: 5659774 02152d81208fda522bfb6dd5d8694922
Sun Sparc architecture:
Size/MD5 checksum: 3165704 212b349adc31748fb832e64cfc2c55f2
Size/MD5 checksum: 51814 5383d964f9a11005c4c71b56f27a81b5
Size/MD5 checksum: 51838 5c5d0e67a4b80f69b73903a3087a2a02
Size/MD5 checksum: 163000 8e9dc0148c2298362831ac840ff8f563
Size/MD5 checksum: 192004 62749b115764ab38eea41449751e3ae4
Size/MD5 checksum: 192648 58c3eb83ba7790322f0c151ab5e181b4
Size/MD5 checksum: 3188084 dac5db9e012b82330013b80a0e41083c
Size/MD5 checksum: 193082 1577ac1040f5c0e63913633bcc104feb
Size/MD5 checksum: 6406918 c9df6c9489a44a2f198198e6a0bb6b61
Size/MD5 checksum: 10354922 57b022d31fe8d8bcc0c912683323e734
Size/MD5 checksum: 10611204 4797ba4d4efd69174c435d104e2835bb
Size/MD5 checksum: 10656112 b9a6492b27812a3a1938b48d644d1959
These files will probably be moved into the stable distribution on
its next update.
- --------------------------------------------------------------------------------- iD8DBQFHXiyqhuANDBmkLRkRAppfAJkB1I4ecsbThwc6GIMUoWf5gQguhQCfXgQ5
For apt-get: deb http://security.debian.org/ etch/updates main
For dpkg-ftp: ftp://security.debian.org/debian-security dists/etch/updates/main
Mailing list: debian-security-announce@lists.debian.org
Package info: `apt-cache show <pkg>' and http://packages.debian.org/
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
tj/wHrh7em2ybtMWoQ6BYUU=
=BwSs
-----END PGP SIGNATURE-----
--
To UNSUBSCRIBE, email to debian-security-announce-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
No comments:
Post a Comment