[continued from previous message]
serial converter devices. Local users with access to these devices can
obtain the contents of sensitive kernel memory.
CVE-2010-4078
Dan Rosenberg reported an issue in the framebuffer driver for SiS graphics
chipesets (sisfb). Local users with access to the framebuffer device can
obtain the contents of sensitive kernel memory via the FBIOGET_VBLANK ioctl.
CVE-2010-4079
Dan Rosenberg reported an issue in the ivtvfb driver used for the Hauppauge
PVR-350 card. Local users with access to the framebuffer device can obtain
the contents of sensitive kernel memory via the FBIOGET_VBLANK ioctl.
CVE-2010-4080
Dan Rosenberg discovered an issue in the ALSA driver for RME Hammerfall DSP
audio devices. Local users with access to the audio device can obtain the
contents of sensitive kernel memory via the SNDRV_HDSP_IOCTL_GET_CONFIG_INFO
ioctl.
CVE-2010-4081
Dan Rosenberg discovered an issue in the ALSA driver for RME Hammerfall DSP
MADI audio devices. Local users with access to the audio device can obtain
the contents of sensitive kernel memory via the
SNDRV_HDSP_IOCTL_GET_CONFIG_INFO ioctl.
CVE-2010-4083
Dan Rosenberg discovered an issue in the semctl system call. Local users can
obtain the contents of sensitive kernel memory through usage of the semid_ds
structure.
CVE-2010-4164
Dan Rosenberg discovered an issue in the X.25 network protocol. Remote users
can achieve a denial of service (infinite loop) by taking advantage of an
integer underflow in the facility parsing code.
For the stable distribution (lenny), this problem has been fixed in version 2.6.26-26lenny1.
We recommend that you upgrade your linux-2.6 and user-mode-linux packages.
The following matrix lists additional source packages that were rebuilt for compatibility with or to take advantage of this update:
Debian 5.0 (lenny)
user-mode-linux 2.6.26-1um-2+26lenny1
Upgrade instructions
- --------------------
wget url
will fetch the file for you
dpkg -i file.deb
will install the referenced file.
If you are using the apt-get package manager, use the line for
sources.list as given below:
apt-get update
will update the internal database
apt-get upgrade
will install corrected packages
You may use an automated update by adding the resources from the
footer to the proper configuration.
Debian GNU/Linux 5.0 alias lenny
- --------------------------------
Stable updates are available for alpha, amd64, arm, armel, hppa, i386, ia64, mipsel, powerpc, s390 and sparc. The update for mips will be released once it becomes available.
Source archives:
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-2.6_2.6.26-26lenny1.dsc
Size/MD5 checksum: 6426 25d46333cc7f2b28b4312df096d875a8
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-2.6_2.6.26.orig.tar.gz
Size/MD5 checksum: 61818969 85e039c2588d5bf3cb781d1c9218bbcb
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-2.6_2.6.26-26lenny1.diff.gz
Size/MD5 checksum: 8002336 26391b13d5a39afdb2591dc888a568b8
Architecture independent packages:
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-doc-2.6.26_2.6.26-26lenny1_all.deb
Size/MD5 checksum: 4850414 de2ec8da8f7dab48ce65014401ae52e7
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-tree-2.6.26_2.6.26-26lenny1_all.deb
Size/MD5 checksum: 113254 e8f1973916d469640345a1c21421dfdf
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-manual-2.6.26_2.6.26-26lenny1_all.deb
Size/MD5 checksum: 1808942 ee7d18519868ee02f56fef2341c527ea
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-support-2.6.26-2_2.6.26-26lenny1_all.deb
Size/MD5 checksum: 128506 065f966fa5f38283d8c5add43a952d0e
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-patch-debian-2.6.26_2.6.26-26lenny1_all.deb
Size/MD5 checksum: 3006772 e94a5e6a2f144c31d88db997c2db8e1f
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-source-2.6.26_2.6.26-26lenny1_all.deb
Size/MD5 checksum: 49471548 0ec635ad97a262914262a7812e9e2ce6
alpha architecture (DEC Alpha)
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-libc-dev_2.6.26-26lenny1_alpha.deb
Size/MD5 checksum: 747090 97fac497384d4e23463efd91f4cc6e0d
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-alpha-generic_2.6.26-26lenny1_alpha.deb
Size/MD5 checksum: 368956 4f6d2e6c5535f0b64836b094178b259e
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-common_2.6.26-26lenny1_alpha.deb
Size/MD5 checksum: 3551142 ed27877320f4ab66757cad34462b4df1
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-alpha-legacy_2.6.26-26lenny1_alpha.deb
Size/MD5 checksum: 28539060 62095485cb584ea9775c038247c8453e
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-alpha-smp_2.6.26-26lenny1_alpha.deb
Size/MD5 checksum: 29258774 36a1eccda8a1a6f330ad0707a07695b4
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-all_2.6.26-26lenny1_alpha.deb
Size/MD5 checksum: 112660 9eadae84e38579f69ac8415995aff91d
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-alpha-generic_2.6.26-26lenny1_alpha.deb
Size/MD5 checksum: 28560146 6f671d59c6761eb6a91b667d8859ebf4
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-alpha-legacy_2.6.26-26lenny1_alpha.deb
Size/MD5 checksum: 369490 1b21492f700e66406ddf902b4cfd1fff
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-all-alpha_2.6.26-26lenny1_alpha.deb
Size/MD5 checksum: 112682 5669ed2b63dfd7e25f1bed3f3c557e8b
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-alpha-smp_2.6.26-26lenny1_alpha.deb
Size/MD5 checksum: 370732 744a8a3bb0751181a11b909b7f2c8741
amd64 architecture (AMD x86_64 (AMD64))
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-libc-dev_2.6.26-26lenny1_amd64.deb
Size/MD5 checksum: 755464 a76803db0471a09013fcc410e2bd1a7c
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-xen-amd64_2.6.26-26lenny1_amd64.deb
Size/MD5 checksum: 391070 2af9113ceb56dd2a79a448ec1eb74452
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-xen-amd64_2.6.26-26lenny1_amd64.deb
Size/MD5 checksum: 1812222 800310a26af8edc580fc57d8da9b14ae
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-common_2.6.26-26lenny1_amd64.deb
Size/MD5 checksum: 3727512 5cadd7b974521b7c5ccc278968631e57
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-common-xen_2.6.26-26lenny1_amd64.deb
Size/MD5 checksum: 3859380 6fd2da7ef7a274fd0aed9701374533a5
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-all_2.6.26-26lenny1_amd64.deb
Size/MD5 checksum: 112652 ceed8afd8da64b6cb39f4619b7faa310
http://security.debian.org/pool/updates/main/l/linux-2.6/xen-linux-system-2.6.26-2-xen-amd64_2.6.26-26lenny1_amd64.deb
Size/MD5 checksum: 112640 ff01f002d79cc143476afa6d907127a4
[continued in next message]
--- SoupGate-Win32 v1.05
* Origin: you cannot sedate... all the things you hate (1:229/2)