Debian
linux-2.6 package

linux-2.6 2.6.26-26lenny1 source package in Debian

Changelog

linux-2.6 (2.6.26-26lenny1) stable-security; urgency=high
  * net sched: fix kernel leak in act_police (CVE-2010-3477)  * aio: check for multiplication overflow in do_io_submit (CVE-2010-3067)  * cxgb3: prevent reading uninitialized stack memory (CVE-2010-3296)  * eql: prevent reading uninitialized stack memory (CVE-2010-3297)  * rose: Fix signedness issues wrt. digi count (CVE-2010-3310)  * sctp: Do not reset the packet during sctp_packet_config() (CVE-2010-3432)  * Fix pktcdvd ioctl dev_minor range check (CVE-2010-3437)  * ALSA: prevent heap corruption in snd_ctl_new() (CVE-2010-3442)  * thinkpad-acpi: lock down video output state access (CVE-2010-3448)  * sctp: Fix out-of-bounds reading in sctp_asoc_get_hmac() (CVE-2010-3705)  * setup_arg_pages: diagnose excessive argument size (CVE-2010-3858)  * X.25: memory corruption in X.25 facilities parsing (CVE-2010-3873)  * sys_semctl: fix kernel stack leakage (CVE-2010-4083)  * ALSA: rme9652: prevent reading uninitialized stack memory    (CVE-2010-4080, CVE-2010-4081)  * V4L/DVB: ivtvfb: prevent reading uninitialized stack memory (CVE-2010-4079)  * video/sis: prevent reading uninitialized stack memory (CVE-2010-4078)  * X.25: Prevent crashing when parsing bad X.25 facilities (CVE-2010-4164)  * v4l1: fix 32-bit compat microcode loading translation (CVE-2010-2963)  * net: Mitigate overflow issues     - Truncate recvfrom and sendto length to INT_MAX.     - Limit socket I/O iovec total length to INT_MAX.     - Resolves kernel heap overflow in the TIPC protcol (CVE-2010-3859)  * net: ax25: fix information leak to userland (CVE-2010-3875)  * can-bcm: fix minor heap overflow (CVE-2010-3874)  * net: packet: fix information leak to userland (CVE-2010-3876)  * net: tipc: fix information leak to userland (CVE-2010-3877)  * inet_diag: Make sure we actually run the same bytecode we audited    (CVE-2010-3880)  * ipc: shm: fix information leak to userland (CVE-2010-4072)  * ipc: initialize structure memory to zero for compat functions    (CVE-2010-4073)  * USB: serial/mos*: prevent reading uninitialized stack memory (CVE-2010-4074)  * [SCSI] gdth: integer overflow in ioctl (CVE-2010-4157)  * econet: Avoid stack overflow w/ large msgiovlen (CVE-2010-3848)  * econet: disallow NULL remote addr for sendmsg() (CVE-2010-3849)  * econet: Add mising CAP_NET_ADMIN check in SIOCSIFADDR (CVE-2010-3850) -- dann frazier <email address hidden>  Wed, 24 Nov 2010 17:46:00 -0700

Upload details

Uploaded by:
Debian kernel team
Uploaded to:
Lenny
Original maintainer:
Debian kernel team
Architectures:
any
Section:
devel
Urgency:
Very Urgent

See full publishing history Publishing

Series Pocket Published Component Section

Builds

Downloads

File Size SHA-256 Checksum
linux-2.6_2.6.26-26lenny1.dsc 6.3 KiB a0984b468e6c196b7942e23734ddc6553b74d5efabdac98710edb7c26a0a5ebe
linux-2.6_2.6.26.orig.tar.gz 59.0 MiB 98606faeb51896e0c5273a10e37b3a9fa4569b96dc477e40209309a83aac4f5c
linux-2.6_2.6.26-26lenny1.diff.gz 7.6 MiB 4e8f3f7bedaa07a228ca8ca60a264238d96f074889395b4bea559df57e48b86f

No changes file available.

Binary packages built by this source