Debian
user-mode-linux package

user-mode-linux 2.6.26-1um-2+26lenny1 source package in Debian

Changelog

user-mode-linux (2.6.26-1um-2+26lenny1) stable-security; urgency=high
  * Rebuild against linux-source-2.6.26 (2.6.26-26lenny1):    * net sched: fix kernel leak in act_police (CVE-2010-3477)    * aio: check for multiplication overflow in do_io_submit (CVE-2010-3067)    * cxgb3: prevent reading uninitialized stack memory (CVE-2010-3296)    * eql: prevent reading uninitialized stack memory (CVE-2010-3297)    * rose: Fix signedness issues wrt. digi count (CVE-2010-3310)    * sctp: Do not reset the packet during sctp_packet_config() (CVE-2010-3432)    * Fix pktcdvd ioctl dev_minor range check (CVE-2010-3437)    * ALSA: prevent heap corruption in snd_ctl_new() (CVE-2010-3442)    * thinkpad-acpi: lock down video output state access (CVE-2010-3448)    * sctp: Fix out-of-bounds reading in sctp_asoc_get_hmac() (CVE-2010-3705)    * setup_arg_pages: diagnose excessive argument size (CVE-2010-3858)    * X.25: memory corruption in X.25 facilities parsing (CVE-2010-3873)    * sys_semctl: fix kernel stack leakage (CVE-2010-4083)    * ALSA: rme9652: prevent reading uninitialized stack memory    (CVE-2010-4080, CVE-2010-4081)    * V4L/DVB: ivtvfb: prevent reading uninitialized stack memory    (CVE-2010-4079)    * video/sis: prevent reading uninitialized stack memory (CVE-2010-4078)    * X.25: Prevent crashing when parsing bad X.25 facilities (CVE-2010-4164)    * v4l1: fix 32-bit compat microcode loading translation (CVE-2010-2963)    * net: Mitigate overflow issues     - Truncate recvfrom and sendto length to INT_MAX.     - Limit socket I/O iovec total length to INT_MAX.     - Resolves kernel heap overflow in the TIPC protcol (CVE-2010-3859)    * net: ax25: fix information leak to userland (CVE-2010-3875)    * can-bcm: fix minor heap overflow (CVE-2010-3874)    * net: packet: fix information leak to userland (CVE-2010-3876)    * net: tipc: fix information leak to userland (CVE-2010-3877)    * inet_diag: Make sure we actually run the same bytecode we audited    (CVE-2010-3880)    * ipc: shm: fix information leak to userland (CVE-2010-4072)    * ipc: initialize structure memory to zero for compat functions    (CVE-2010-4073)    * USB: serial/mos*: prevent reading uninitialized stack memory    (CVE-2010-4074)    * [SCSI] gdth: integer overflow in ioctl (CVE-2010-4157)    * econet: Avoid stack overflow w/ large msgiovlen (CVE-2010-3848)    * econet: disallow NULL remote addr for sendmsg() (CVE-2010-3849)    * econet: Add mising CAP_NET_ADMIN check in SIOCSIFADDR (CVE-2010-3850) -- dann frazier <email address hidden>  Sat, 27 Nov 2010 10:02:00 -0700

Upload details

Uploaded by:
User Mode Linux Developers
Uploaded to:
Lenny
Original maintainer:
User Mode Linux Developers
Architectures:
i386 amd64
Section:
misc
Urgency:
Very Urgent

See full publishing history Publishing

Series Pocket Published Component Section

Builds

Downloads

File Size SHA-256 Checksum
user-mode-linux_2.6.26-1um-2+26lenny1.dsc 1.9 KiB d59146eaf020e25f0638622225e4c30fea7bfc27b1337f30ffe2b76819cfb10c
user-mode-linux_2.6.26-1um.orig.tar.gz 12.3 KiB a2e7e688c59d507db1ce341c9996adea36a40d4a0d12114e14094e5df05e1d17
user-mode-linux_2.6.26-1um-2+26lenny1.diff.gz 19.9 KiB 3f36e034573fb5ffd3ad72ea9dd656fa6a38b7f578da4db85c1b18177df579f2

No changes file available.

Binary packages built by this source