From:
[email protected]
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
- ----------------------------------------------------------------------
Debian Security Advisory DSA-1809-1
[email protected] http://www.debian.org/security/ dann frazier
Jun 01, 2009
http://www.debian.org/security/faq
- ----------------------------------------------------------------------
Package : linux-2.6
Vulnerability : denial of service, privilege escalation
Problem type : local/remote
Debian-specific: no
CVE Id(s) : CVE-2009-1630 CVE-2009-1633 CVE-2009-1758
Several vulnerabilities have been discovered in the Linux kernel that
may lead to a denial of service, or privilege escalation. The Common Vulnerabilities and Exposures project identifies the following
problems:
CVE-2009-1630
Frank Filz discovered that local users may be able to execute
files without execute permission when accessed via an nfs4 mount.
CVE-2009-1633
Jeff Layton and Suresh Jayaraman fixed several buffer overflows in
the CIFS filesystem which allow remote servers to cause memory
corruption.
CVE-2009-1758
Jan Beulich discovered an issue in Xen where local guest users may
cause a denial of service (oops).
This update also fixes a regression introduced by the fix for
CVE-2009-1184 in 2.6.26-15lenny3. This prevents a boot time panic on
systems with SELinux enabled.
For the stable distribution (lenny), these problems have been fixed in
version 2.6.26-15lenny3.
For the oldstable distribution (etch), these problems, where
applicable, will be fixed in future updates to linux-2.6 and
linux-2.6.24.
We recommend that you upgrade your linux-2.6 and user-mode-linux
packages.
Note: Debian carefully tracks all known security issues across every
linux kernel package in all releases under active security support.
However, given the high frequency at which low-severity security
issues are discovered in the kernel and the resource requirements of
doing an update, updates for lower priority issues will normally not
be released for all kernels at the same time. Rather, they will be
released in a staggered or "leap-frog" fashion.
Upgrade instructions
- --------------------
wget url
will fetch the file for you
dpkg -i file.deb
will install the referenced file.
If you are using the apt-get package manager, use the line for
sources.list as given below:
apt-get update
will update the internal database
apt-get upgrade
will install corrected packages
The following matrix lists additional source packages that were rebuilt for compatibility with or to take advantage of this update:
Debian 5.0 (lenny)
user-mode-linux 2.6.26-1um-2+15lenny3
You may use an automated update by adding the resources from the
footer to the proper configuration.
Debian GNU/Linux 5.0 alias lenny
- --------------------------------
Stable updates are available for alpha, amd64, arm, armel, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc.
Source archives:
http://security.debian.org/pool/updates/main/u/user-mode-linux/user-mode-linux_2.6.26-1um-2+15lenny3.diff.gz
Size/MD5 checksum: 13441 46517a06496e67f876a403f660e4b4eb
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-2.6_2.6.26.orig.tar.gz
Size/MD5 checksum: 61818969 85e039c2588d5bf3cb781d1c9218bbcb
http://security.debian.org/pool/updates/main/u/user-mode-linux/user-mode-linux_2.6.26-1um-2+15lenny3.dsc
Size/MD5 checksum: 1272 70aae2d1f8ec5b7308408ce834de634c
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-2.6_2.6.26-15lenny3.dsc
Size/MD5 checksum: 5777 8cd859a06cd6331d2d9ccdc952b0c597
http://security.debian.org/pool/updates/main/u/user-mode-linux/user-mode-linux_2.6.26-1um.orig.tar.gz
Size/MD5 checksum: 12566 58cd8b7f3a51b2272c9afc10b81551cc
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-2.6_2.6.26-15lenny3.diff.gz
Size/MD5 checksum: 7345643 ff734f4ccc5f35f2523ba2b016505094
Architecture independent packages:
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-doc-2.6.26_2.6.26-15lenny3_all.deb
Size/MD5 checksum: 4624804 b1ed811e84897fed9bd787941049fcac
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-tree-2.6.26_2.6.26-15lenny3_all.deb
Size/MD5 checksum: 104234 9de9e145bfc32ec0991a3f351b51a420
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-support-2.6.26-2_2.6.26-15lenny3_all.deb
Size/MD5 checksum: 119590 e16bd6d918d369c0c03c14125d696671
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-patch-debian-2.6.26_2.6.26-15lenny3_all.deb
Size/MD5 checksum: 2270224 5cf29ebfb992106e057386b0317c041e
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-source-2.6.26_2.6.26-15lenny3_all.deb
Size/MD5 checksum: 48704082 ad86ccd2802ad28120de00d0e0aa12fa
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-manual-2.6.26_2.6.26-15lenny3_all.deb
Size/MD5 checksum: 1757644 60da55b0a7f05a1277d582dd20f9f519
alpha architecture (DEC Alpha)
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-all_2.6.26-15lenny3_alpha.deb
Size/MD5 checksum: 103778 4e9d0df5dc1623eb479feadea60115f9
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-alpha-generic_2.6.26-15lenny3_alpha.deb
Size/MD5 checksum: 28462556 6e5a8121427fc299e9be3ee659da20e9
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-all-alpha_2.6.26-15lenny3_alpha.deb
Size/MD5 checksum: 103798 4c2985aba1796b3fd1fbad6a4715f287
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-alpha-generic_2.6.26-15lenny3_alpha.deb
Size/MD5 checksum: 368002 abf0e23d05562185b071c7ba8212d7d2
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-alpha-smp_2.6.26-15lenny3_alpha.deb
Size/MD5 checksum: 369438 21d85ff94ae08c17318dde37433754fc
[continued in next message]
--- SoupGate-Win32 v1.05
* Origin: you cannot sedate... all the things you hate (1:229/2)