Protect yourself against future threats.
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2007.0431 -- [Debian] New Linux kernel 2.6.8 packages fix several vulnerabilities 18 June 2007 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: kernel-source-2.6.8 Publisher: Debian Operating System: Debian GNU/Linux 3.1 Impact: Denial of Service Access: Remote/Unauthenticated CVE Names: CVE-2007-1592 CVE-2007-1357 CVE-2007-0958 CVE-2006-6535 CVE-2006-6106 CVE-2006-6060 CVE-2006-6056 CVE-2006-6053 CVE-2006-5757 CVE-2006-5754 CVE-2006-5753 CVE-2006-4814 CVE-2006-4623 CVE-2005-4811 CVE-2004-1073 Ref: ESB-2007.0294 Original Bulletin: http://www.debian.org/security/2007/dsa-1304 - --------------------------BEGIN INCLUDED TEXT-------------------- - -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - - -------------------------------------------------------------------------- Debian Security Advisory DSA 1304-1 security@debian.org http://www.debian.org/security/ Dann Frazier June 16th, 2007 http://www.debian.org/security/faq - - -------------------------------------------------------------------------- Package : kernel-source-2.6.8 Vulnerability : several Problem-Type : local/remote Debian-specific: no CVE ID : CVE-2005-4811 CVE-2006-4814 CVE-2006-4623 CVE-2006-5753 CVE-2006-5754 CVE-2006-5757 CVE-2006-6053 CVE-2006-6056 CVE-2006-6060 CVE-2006-6106 CVE-2006-6535 CVE-2007-0958 CVE-2007-1357 CVE-2007-1592 Several local and remote vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service or the execution of arbitrary code. This update also fixes a regression in the smbfs subsystem which was introduced in DSA-1233 which caused symlinks to be interpreted as regular files. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2005-4811 David Gibson reported an issue in the hugepage code which could permit a local DoS (system crash) on appropriately configured systems. CVE-2006-4814 Doug Chapman discovered a potential local DoS (deadlock) in the mincore function caused by improper lock handling. CVE-2006-4623 Ang Way Chuang reported a remote DoS (crash) in the dvb driver which can be triggered by a ULE package with an SNDU length of 0. CVE-2006-5753 Eric Sandeen provided a fix for a local memory corruption vulnerability resulting from a misinterpretation of return values when operating on inodes which have been marked bad. CVE-2006-5754 Darrick Wong discovered a local DoS (crash) vulnerability resulting from the incorrect initialization of "nr_pages" in aio_setup_ring(). CVE-2006-5757 LMH reported a potential local DoS which could be exploited by a malicious user with the privileges to mount and read a corrupted iso9660 filesystem. CVE-2006-6053 LMH reported a potential local DoS which could be exploited by a malicious user with the privileges to mount and read a corrupted ext3 filesystem. CVE-2006-6056 LMH reported a potential local DoS which could be exploited by a malicious user with the privileges to mount and read a corrupted hfs filesystem on systems with SELinux hooks enabled (Debian does not enable SELinux by default). CVE-2006-6060 LMH reported a potential local DoS (infinie loop) which could be exploited by a malicious user with the privileges to mount and read a corrupted NTFS filesystem. CVE-2006-6106 Marcel Holtman discovered multiple buffer overflows in the Bluetooth subsystem which can be used to trigger a remote DoS (crash) and potentially execute arbitray code. CVE-2006-6535 Kostantin Khorenko discovered an invalid error path in dev_queue_xmit() which could be exploited by a local user to cause data corruption. CVE-2007-0958 Santosh Eraniose reported a vulnerability that allows local users to read otherwise unreadable files by triggering a core dump while using PT_INTERP. This is related to CVE-2004-1073. CVE-2007-1357 Jean Delvare reported a vulnerability in the appletalk subsystem. Systems with the appletalk module loaded can be triggered to crash by other systems on the local network via a malformed frame. CVE-2007-1592 Masayuki Nakagawa discovered that flow labels were inadvertently being shared between listening sockets and child sockets. This defect can be exploited by local users to cause a DoS (Oops). The following matrix explains which kernel version for which architecture fix the problems mentioned above: Debian 3.1 (sarge) Source 2.6.8-16sarge7 Alpha architecture 2.6.8-16sarge7 AMD64 architecture 2.6.8-16sarge7 HP Precision architecture 2.6.8-6sarge7 Intel IA-32 architecture 2.6.8-16sarge7 Intel IA-64 architecture 2.6.8-14sarge7 Motorola 680x0 architecture 2.6.8-4sarge7 PowerPC architecture 2.6.8-12sarge7 IBM S/390 architecture 2.6.8-5sarge7 Sun Sparc architecture 2.6.8-15sarge7 We recommend that you upgrade your kernel package immediately and reboot the machine. If you have built a custom kernel from the kernel source package, you will need to rebuild to take advantage of these fixes. Upgrade Instructions - - -------------------- wget url will fetch the file for you dpkg -i file.deb will install the referenced file. If you are using the apt-get package manager, use the line for sources.list as given below: apt-get update will update the internal database apt-get upgrade will install corrected packages You may use an automated update by adding the resources from the footer to the proper configuration. Debian GNU/Linux 3.1 alias sarge - - -------------------------------- Source archives: http://security.debian.org/pool/updates/main/f/fai-kernels/fai-kernels_1.9.1sarge6.dsc Size/MD5 checksum: 621 5549801d7afb55815fdbdab176ca876e http://security.debian.org/pool/updates/main/f/fai-kernels/fai-kernels_1.9.1sarge6.tar.gz Size/MD5 checksum: 30783 ca74ee036a13e209a496d86cfa216a3a http://security.debian.org/pool/updates/main/h/hostap-modules-i386/hostap-modules-i386_0.3.7-1sarge2.dsc Size/MD5 checksum: 1092 5873dba0c647976525db473f74acb9e0 http://security.debian.org/pool/updates/main/h/hostap-modules-i386/hostap-modules-i386_0.3.7-1sarge2.tar.gz Size/MD5 checksum: 2310 77fa2acc4981a8139a83ab5ba38b2496 http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-alpha/kernel-image-2.6.8-alpha_2.6.8-16sarge7.dsc Size/MD5 checksum: 812 31724186421d5e75b4d30bc4c5ac4cfe http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-alpha/kernel-image-2.6.8-alpha_2.6.8-16sarge7.tar.gz Size/MD5 checksum: 41795 5cf6d42b220f46f3dac97d1c04a8f259 http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-amd64/kernel-image-2.6.8-amd64_2.6.8-16sarge7.dsc Size/MD5 checksum: 1103 375e1122fd79645e41edab034be9de0f http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-amd64/kernel-image-2.6.8-amd64_2.6.8-16sarge7.tar.gz Size/MD5 checksum: 79256 ca9f65f94ea59b6d7edaf6b78de20adb http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-hppa/kernel-image-2.6.8-hppa_2.6.8-6sarge7.dsc Size/MD5 checksum: 1013 f815fd7077a24a9bc1639e8965ac8436 http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-hppa/kernel-image-2.6.8-hppa_2.6.8-6sarge7.tar.gz Size/MD5 checksum: 70389 9ebd6b53dfe6592d0783727b994c093e http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-i386/kernel-image-2.6.8-i386_2.6.8-16sarge7.dsc Size/MD5 checksum: 1047 77659b43aa4f6e16200a2fc7c965f38d http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-i386/kernel-image-2.6.8-i386_2.6.8-16sarge7.tar.gz Size/MD5 checksum: 93525 8def6bcf41cc21b34233d64a91fd3711 http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-ia64/kernel-image-2.6.8-ia64_2.6.8-14sarge7.dsc Size/MD5 checksum: 1191 672189ecf8912c0c58dc83dee1db8c43 http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-ia64/kernel-image-2.6.8-ia64_2.6.8-14sarge7.tar.gz Size/MD5 checksum: 67022 d9201644c379a6014c0cc604bfb8e0ab http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-m68k/kernel-image-2.6.8-m68k_2.6.8-4sarge7.dsc Size/MD5 checksum: 874 faf43ca53f82737f123afab17a74f052 http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-m68k/kernel-image-2.6.8-m68k_2.6.8-4sarge7.tar.gz Size/MD5 checksum: 20214 82cb545e2b7abbb013cae38deebf4e08 http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-s390/kernel-image-2.6.8-s390_2.6.8-5sarge7.dsc Size/MD5 checksum: 846 64007a13f7e337cbf008bc2c74b52ea1 http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-s390/kernel-image-2.6.8-s390_2.6.8-5sarge7.tar.gz Size/MD5 checksum: 15750 201c22a6234947a99c468f2779160b33 http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-sparc/kernel-image-2.6.8-sparc_2.6.8-15sarge7.dsc Size/MD5 checksum: 1036 354dca83df1ed4b6fd9eb056aa868a0e http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-sparc/kernel-image-2.6.8-sparc_2.6.8-15sarge7.tar.gz Size/MD5 checksum: 29718 2238b6f81d4b7c64e75d21749a2c9c71 http://security.debian.org/pool/updates/main/k/kernel-patch-powerpc-2.6.8/kernel-patch-powerpc-2.6.8_2.6.8-12sarge7.dsc Size/MD5 checksum: 1071 1bc90c9c9a884ca21de67e47f7f71831 http://security.debian.org/pool/updates/main/k/kernel-patch-powerpc-2.6.8/kernel-patch-powerpc-2.6.8_2.6.8-12sarge7.tar.gz Size/MD5 checksum: 29824 c5af34b00421bbf54f73210fae7da80a http://security.debian.org/pool/updates/main/k/kernel-source-2.6.8/kernel-source-2.6.8_2.6.8-16sarge7.dsc Size/MD5 checksum: 1002 045ef1474c1a353d5aa48dea8c67183b http://security.debian.org/pool/updates/main/k/kernel-source-2.6.8/kernel-source-2.6.8_2.6.8-16sarge7.diff.gz Size/MD5 checksum: 1086810 4d9a1726c26fb571d1b10bc94f4ee102 http://security.debian.org/pool/updates/main/k/kernel-source-2.6.8/kernel-source-2.6.8_2.6.8.orig.tar.gz Size/MD5 checksum: 43929719 0393c05ffa4770c3c5178b74dc7a4282 http://security.debian.org/pool/updates/main/m/mol-modules-2.6.8/mol-modules-2.6.8_0.9.70+2.6.8+12sarge2.dsc Size/MD5 checksum: 703 adb50819acd30f02a8c22f0397675bb5 http://security.debian.org/pool/updates/main/m/mol-modules-2.6.8/mol-modules-2.6.8_0.9.70+2.6.8+12sarge2.tar.gz Size/MD5 checksum: 4358 469b36e05242fb4ce2adfc0d102fa2aa Architecture independent components: http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-s390/kernel-patch-2.6.8-s390_2.6.8-5sarge7_all.deb Size/MD5 checksum: 13864 651d60ecebfed7a105e0263f6fe5478e http://security.debian.org/pool/updates/main/k/kernel-source-2.6.8/kernel-doc-2.6.8_2.6.8-16sarge7_all.deb Size/MD5 checksum: 6185220 661002c3ad09bbd5dcab929d531041b2 http://security.debian.org/pool/updates/main/k/kernel-source-2.6.8/kernel-patch-debian-2.6.8_2.6.8-16sarge7_all.deb Size/MD5 checksum: 1142308 4cbfb30ffaf7e431cf8b162a37c543a3 http://security.debian.org/pool/updates/main/k/kernel-source-2.6.8/kernel-source-2.6.8_2.6.8-16sarge7_all.deb Size/MD5 checksum: 34947952 2487a3846e7143fdfca3ad5664028c88 http://security.debian.org/pool/updates/main/k/kernel-source-2.6.8/kernel-tree-2.6.8_2.6.8-16sarge7_all.deb Size/MD5 checksum: 37742 9d7013f35ef4f2720147f393efa265a4 Alpha architecture: http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-alpha/kernel-headers-2.6.8-4_2.6.8-16sarge7_alpha.deb Size/MD5 checksum: 2762560 84e7e74114738170f4d9f7df9e270b78 http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-alpha/kernel-headers-2.6.8-4-generic_2.6.8-16sarge7_alpha.deb Size/MD5 checksum: 234956 23c852ab91eb4a3ac982c9cbe04eff84 http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-alpha/kernel-headers-2.6.8-4-smp_2.6.8-16sarge7_alpha.deb Size/MD5 checksum: 229566 aa37cc2ff3b38f45f0e83bed8d177b47 http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-alpha/kernel-image-2.6.8-4-generic_2.6.8-16sarge7_alpha.deb Size/MD5 checksum: 20243562 d927ee8555993b8d6fc77790d3b55711 http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-alpha/kernel-image-2.6.8-4-smp_2.6.8-16sarge7_alpha.deb Size/MD5 checksum: 20097284 206b31b2bd3751fcea2607ee351c9889 AMD64 architecture: http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-amd64/kernel-headers-2.6.8-13_2.6.8-16sarge7_amd64.deb Size/MD5 checksum: 2725500 3f3ab58e8870ab61b9e23c23761a4604 http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-amd64/kernel-headers-2.6.8-13-amd64-generic_2.6.8-16sarge7_amd64.deb Size/MD5 checksum: 228840 d16b8661666cdde1b13b566da719f49e http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-amd64/kernel-headers-2.6.8-13-amd64-k8_2.6.8-16sarge7_amd64.deb Size/MD5 checksum: 228024 afcb92db3b32fcef246cfdbaebc7c488 http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-amd64/kernel-headers-2.6.8-13-amd64-k8-smp_2.6.8-16sarge7_amd64.deb Size/MD5 checksum: 224084 d726ad34628dce5f56a292726ef77418 http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-amd64/kernel-headers-2.6.8-13-em64t-p4_2.6.8-16sarge7_amd64.deb Size/MD5 checksum: 225808 d284e53c3827339b685be9c0b2c2bfb0 http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-amd64/kernel-headers-2.6.8-13-em64t-p4-smp_2.6.8-16sarge7_amd64.deb Size/MD5 checksum: 222522 97e162f7245121533a0a20fd6e439b1f http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-amd64/kernel-image-2.6.8-13-amd64-generic_2.6.8-16sarge7_amd64.deb Size/MD5 checksum: 12574610 c65adc755a40692b1351fa778a7ce25b http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-amd64/kernel-image-2.6.8-13-amd64-k8_2.6.8-16sarge7_amd64.deb Size/MD5 checksum: 13273222 e94fdc0178812250ce7beb3cbcb5156d http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-amd64/kernel-image-2.6.8-13-amd64-k8-smp_2.6.8-16sarge7_amd64.deb Size/MD5 checksum: 13229476 87dfdba1729330c694e488fc9bef1bd2 http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-amd64/kernel-image-2.6.8-13-em64t-p4_2.6.8-16sarge7_amd64.deb Size/MD5 checksum: 13077014 02066ed9e51dbd403e4774492a1f1a4c http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-amd64/kernel-image-2.6.8-13-em64t-p4-smp_2.6.8-16sarge7_amd64.deb Size/MD5 checksum: 13058474 9599a93b640a5d5e8da7f23ed7f4ab27 HP Precision architecture: http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-hppa/kernel-headers-2.6.8-4_2.6.8-6sarge7_hppa.deb Size/MD5 checksum: 2803824 0eb5a4184865094e9e835cd6f199b00c http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-hppa/kernel-headers-2.6.8-4-32_2.6.8-6sarge7_hppa.deb Size/MD5 checksum: 214636 3292ec383938984d8131a40f277319a5 http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-hppa/kernel-headers-2.6.8-4-32-smp_2.6.8-6sarge7_hppa.deb Size/MD5 checksum: 213972 61f3fc8bb2046797b43a00c2221e1171 http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-hppa/kernel-headers-2.6.8-4-64_2.6.8-6sarge7_hppa.deb Size/MD5 checksum: 213562 ee18d9c16cc6331dbb298d9262abbc9e http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-hppa/kernel-headers-2.6.8-4-64-smp_2.6.8-6sarge7_hppa.deb Size/MD5 checksum: 212888 698a340ca8a5e1d1609dc6352b0199ae http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-hppa/kernel-image-2.6.8-4-32_2.6.8-6sarge7_hppa.deb Size/MD5 checksum: 16039300 662e50ec503587eeb8745cc5744bfcc1 http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-hppa/kernel-image-2.6.8-4-32-smp_2.6.8-6sarge7_hppa.deb Size/MD5 checksum: 16947726 551b44ab6365f48c3728046f9c625406 http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-hppa/kernel-image-2.6.8-4-64_2.6.8-6sarge7_hppa.deb Size/MD5 checksum: 17493200 d463b06fd140bedf5ff92c922b3cff50 http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-hppa/kernel-image-2.6.8-4-64-smp_2.6.8-6sarge7_hppa.deb Size/MD5 checksum: 18325380 6b79ea34d4e01ee2aea71140b379b380 Intel IA-32 architecture: http://security.debian.org/pool/updates/main/f/fai-kernels/fai-kernels_1.9.1sarge6_i386.deb Size/MD5 checksum: 12007024 966cfd1adb7d4eb8b14eff257ad90576 http://security.debian.org/pool/updates/main/h/hostap-modules-i386/hostap-modules-2.4.27-3-386_0.3.7-1sarge2_i386.deb Size/MD5 checksum: 140588 4d3d9c96e4566ea0ae5b8ce33892b9f5 http://security.debian.org/pool/updates/main/h/hostap-modules-i386/hostap-modules-2.4.27-3-586tsc_0.3.7-1sarge2_i386.deb Size/MD5 checksum: 153216 ec1de04dfe524ed566c9168317c7f96d http://security.debian.org/pool/updates/main/h/hostap-modules-i386/hostap-modules-2.4.27-3-686_0.3.7-1sarge2_i386.deb Size/MD5 checksum: 156142 d3d7ccde57a411d1e57fd606dac627fb http://security.debian.org/pool/updates/main/h/hostap-modules-i386/hostap-modules-2.4.27-3-686-smp_0.3.7-1sarge2_i386.deb Size/MD5 checksum: 160348 3f0273700f3be9fa5430046ba227dd91 http://security.debian.org/pool/updates/main/h/hostap-modules-i386/hostap-modules-2.4.27-3-k6_0.3.7-1sarge2_i386.deb Size/MD5 checksum: 149216 69c40d1ebb04a5ceca0374d28ff6faa2 http://security.debian.org/pool/updates/main/h/hostap-modules-i386/hostap-modules-2.4.27-3-k7_0.3.7-1sarge2_i386.deb Size/MD5 checksum: 154834 49bca7c096574c6c0dbfe44db03c2cd0 http://security.debian.org/pool/updates/main/h/hostap-modules-i386/hostap-modules-2.4.27-3-k7-smp_0.3.7-1sarge2_i386.deb Size/MD5 checksum: 158768 d31bb7bcec9ea2d123df2d9d2fc3ccff http://security.debian.org/pool/updates/main/h/hostap-modules-i386/hostap-modules-2.6.8-4-386_0.3.7-1sarge2_i386.deb Size/MD5 checksum: 147778 16e794df6938137a2bd066f4765c5cb2 http://security.debian.org/pool/updates/main/h/hostap-modules-i386/hostap-modules-2.6.8-4-686_0.3.7-1sarge2_i386.deb Size/MD5 checksum: 165352 c92a69dee0c20259819ff4a6e1ce127f http://security.debian.org/pool/updates/main/h/hostap-modules-i386/hostap-modules-2.6.8-4-686-smp_0.3.7-1sarge2_i386.deb Size/MD5 checksum: 169670 fa480aa39abd471188776c526fd168fc http://security.debian.org/pool/updates/main/h/hostap-modules-i386/hostap-modules-2.6.8-4-k7_0.3.7-1sarge2_i386.deb Size/MD5 checksum: 163782 ae0f354c82688de2119cd9ade09e74c7 http://security.debian.org/pool/updates/main/h/hostap-modules-i386/hostap-modules-2.6.8-4-k7-smp_0.3.7-1sarge2_i386.deb Size/MD5 checksum: 168098 bf6e5340a8f9c1484ee5ec72def36707 http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-i386/kernel-headers-2.6.8-4_2.6.8-16sarge7_i386.deb Size/MD5 checksum: 2782142 060404a3576c79845753ca1d7fd32a20 http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-i386/kernel-headers-2.6.8-4-386_2.6.8-16sarge7_i386.deb Size/MD5 checksum: 260950 875fa8dd31aa4ec2cd60789028b8998a http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-i386/kernel-headers-2.6.8-4-686_2.6.8-16sarge7_i386.deb Size/MD5 checksum: 259062 0aec026194b11813344b17bfcce1f891 http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-i386/kernel-headers-2.6.8-4-686-smp_2.6.8-16sarge7_i386.deb Size/MD5 checksum: 256060 8bb21af70c57b6dce4f6e21e1681e1f9 http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-i386/kernel-headers-2.6.8-4-k7_2.6.8-16sarge7_i386.deb Size/MD5 checksum: 259116 d894737b2d3bd873362fe8df8ec413b2 http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-i386/kernel-headers-2.6.8-4-k7-smp_2.6.8-16sarge7_i386.deb Size/MD5 checksum: 256212 7bbbee51dae99f8a71d85284311bef37 http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-i386/kernel-image-2.6.8-4-386_2.6.8-16sarge7_i386.deb Size/MD5 checksum: 14068328 6086f827005699f3ce18e8e38a4e6fff http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-i386/kernel-image-2.6.8-4-686_2.6.8-16sarge7_i386.deb Size/MD5 checksum: 15553736 91c0c8cf6f38ff8b13c33ff8eb76914f http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-i386/kernel-image-2.6.8-4-686-smp_2.6.8-16sarge7_i386.deb Size/MD5 checksum: 15391134 41f0635a9278030173cb9a949111e14e http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-i386/kernel-image-2.6.8-4-k7_2.6.8-16sarge7_i386.deb Size/MD5 checksum: 15275512 9e089adef128031a8f2115243ee03bd2 http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-i386/kernel-image-2.6.8-4-k7-smp_2.6.8-16sarge7_i386.deb Size/MD5 checksum: 15168590 2d54f3727c4d608a21400408b2c9d493 http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-amd64/kernel-headers-2.6.8-13_2.6.8-16sarge7_i386.deb Size/MD5 checksum: 2725464 90eeb0a9f5709f84c3c938616b1fccb5 http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-amd64/kernel-headers-2.6.8-13-amd64-generic_2.6.8-16sarge7_i386.deb Size/MD5 checksum: 228766 ffbb8044767a4e03782e14941b72f96d http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-amd64/kernel-headers-2.6.8-13-amd64-k8_2.6.8-16sarge7_i386.deb Size/MD5 checksum: 227862 5a0d244abec1d92b8405c2d55f8d8ccc http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-amd64/kernel-headers-2.6.8-13-amd64-k8-smp_2.6.8-16sarge7_i386.deb Size/MD5 checksum: 224060 bbd653fcc567ce1c4c39af98e4e14f5c http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-amd64/kernel-headers-2.6.8-13-em64t-p4_2.6.8-16sarge7_i386.deb Size/MD5 checksum: 225776 52376bf8dc98cbd4729ca25461efb079 http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-amd64/kernel-headers-2.6.8-13-em64t-p4-smp_2.6.8-16sarge7_i386.deb Size/MD5 checksum: 222518 39139014fc8b44bbc87db457a49ac084 http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-amd64/kernel-image-2.6.8-13-amd64-generic_2.6.8-16sarge7_i386.deb Size/MD5 checksum: 12574442 d17f627e1d88d8bb3c57d10b108ce4d0 http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-amd64/kernel-image-2.6.8-13-amd64-k8_2.6.8-16sarge7_i386.deb Size/MD5 checksum: 13273306 fd8193f685bc9ea4f76b39f00bba8f50 http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-amd64/kernel-image-2.6.8-13-amd64-k8-smp_2.6.8-16sarge7_i386.deb Size/MD5 checksum: 13229824 5989357674d3f4e12bc2fc89a86ba549 http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-amd64/kernel-image-2.6.8-13-em64t-p4_2.6.8-16sarge7_i386.deb Size/MD5 checksum: 13226862 dc2ebac9133fcd8c1b85fb539d779683 http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-amd64/kernel-image-2.6.8-13-em64t-p4-smp_2.6.8-16sarge7_i386.deb Size/MD5 checksum: 13205066 6daa6858e61b1843e038f9e2a04df41c Intel IA-64 architecture: http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-ia64/kernel-headers-2.6-itanium_2.6.8-14sarge7_ia64.deb Size/MD5 checksum: 9496 bd1b20781c0a0261864cb25bfd65d9a4 http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-ia64/kernel-headers-2.6-itanium-smp_2.6.8-14sarge7_ia64.deb Size/MD5 checksum: 9560 7e3ff1e6eee69c81f42dd9912dce7baf http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-ia64/kernel-headers-2.6-mckinley_2.6.8-14sarge7_ia64.deb Size/MD5 checksum: 9526 4d29c68fcde4f1164f310a8071783953 http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-ia64/kernel-headers-2.6-mckinley-smp_2.6.8-14sarge7_ia64.deb Size/MD5 checksum: 9586 4b0c7ca8651f9c785eccce8b356f766b http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-ia64/kernel-headers-2.6.8-4_2.6.8-14sarge7_ia64.deb Size/MD5 checksum: 3101574 b38d525273063519f869b8025e586bf5 http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-ia64/kernel-headers-2.6.8-4-itanium_2.6.8-14sarge7_ia64.deb Size/MD5 checksum: 203348 25239d213c84ee50c68884e6285a95c4 http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-ia64/kernel-headers-2.6.8-4-itanium-smp_2.6.8-14sarge7_ia64.deb Size/MD5 checksum: 202850 8dc59012398a37e508bb33ed5088addd http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-ia64/kernel-headers-2.6.8-4-mckinley_2.6.8-14sarge7_ia64.deb Size/MD5 checksum: 202972 4370ad87aa8f711509fec39878608621 http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-ia64/kernel-headers-2.6.8-4-mckinley-smp_2.6.8-14sarge7_ia64.deb Size/MD5 checksum: 202650 804b0b5408cf7d67187f620bf7c0c6c1 http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-ia64/kernel-image-2.6-itanium_2.6.8-14sarge7_ia64.deb Size/MD5 checksum: 9486 f2391dc971232c3c8a8ab0de5b551fe6 http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-ia64/kernel-image-2.6-itanium-smp_2.6.8-14sarge7_ia64.deb Size/MD5 checksum: 9556 3cae8e8cdf69ec485d731937ff6f0c30 http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-ia64/kernel-image-2.6-mckinley_2.6.8-14sarge7_ia64.deb Size/MD5 checksum: 9516 1febb236a0987f6a4be151e3923a7ed5 http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-ia64/kernel-image-2.6-mckinley-smp_2.6.8-14sarge7_ia64.deb Size/MD5 checksum: 9582 275b6170b6857bd1af929448dc54436c http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-ia64/kernel-image-2.6.8-4-itanium_2.6.8-14sarge7_ia64.deb Size/MD5 checksum: 21496480 8ba69f1e15994cfe843718d7b46e069f http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-ia64/kernel-image-2.6.8-4-itanium-smp_2.6.8-14sarge7_ia64.deb Size/MD5 checksum: 22145752 8ac7fa1bf92bf1c4c0205c182e70c0e9 http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-ia64/kernel-image-2.6.8-4-mckinley_2.6.8-14sarge7_ia64.deb Size/MD5 checksum: 21409290 211383f4405c60f9dcd6f4abd63a863a http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-ia64/kernel-image-2.6.8-4-mckinley-smp_2.6.8-14sarge7_ia64.deb Size/MD5 checksum: 22161834 89aa6c21852a1dd897de9ee9c6686d31 Motorola 680x0 architecture: http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-m68k/kernel-image-2.6.8-amiga_2.6.8-4sarge7_m68k.deb Size/MD5 checksum: 3308982 e5231d0f463e8cfad8a2b0affc640639 http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-m68k/kernel-image-2.6.8-atari_2.6.8-4sarge7_m68k.deb Size/MD5 checksum: 3106740 4cb685cf5ba010c1af6c345b72bf9a09 http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-m68k/kernel-image-2.6.8-bvme6000_2.6.8-4sarge7_m68k.deb Size/MD5 checksum: 3019810 daedbf476546953537e8b2fd0947bac4 http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-m68k/kernel-image-2.6.8-hp_2.6.8-4sarge7_m68k.deb Size/MD5 checksum: 2991960 7f83fcf87edd48606c27e6e539c5e8ab http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-m68k/kernel-image-2.6.8-mac_2.6.8-4sarge7_m68k.deb Size/MD5 checksum: 3180758 479afd4614662b56a7f877a16c5733a8 http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-m68k/kernel-image-2.6.8-mvme147_2.6.8-4sarge7_m68k.deb Size/MD5 checksum: 2984108 246b0da97b814115941b6b367a5a6d69 http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-m68k/kernel-image-2.6.8-mvme16x_2.6.8-4sarge7_m68k.deb Size/MD5 checksum: 3052328 2a85ffeca76f8a87c09aab9da0365b35 http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-m68k/kernel-image-2.6.8-q40_2.6.8-4sarge7_m68k.deb Size/MD5 checksum: 3113210 f6f561b65d33a58a0b4a2ba3b5d4eb37 http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-m68k/kernel-image-2.6.8-sun3_2.6.8-4sarge7_m68k.deb Size/MD5 checksum: 2998472 665ea6e94f3e3215bdddde333a8e9109 PowerPC architecture: http://security.debian.org/pool/updates/main/k/kernel-patch-powerpc-2.6.8/kernel-build-2.6.8-4-power3_2.6.8-12sarge7_powerpc.deb Size/MD5 checksum: 409476 5e7a4e3b2ed13f34b1e2677a497ee1e9 http://security.debian.org/pool/updates/main/k/kernel-patch-powerpc-2.6.8/kernel-build-2.6.8-4-power3-smp_2.6.8-12sarge7_powerpc.deb Size/MD5 checksum: 409404 20c20aa48f210bda7407c38b025aa55e http://security.debian.org/pool/updates/main/k/kernel-patch-powerpc-2.6.8/kernel-build-2.6.8-4-power4_2.6.8-12sarge7_powerpc.deb Size/MD5 checksum: 409410 f334dac64177c488d67f466ebcf3e169 http://security.debian.org/pool/updates/main/k/kernel-patch-powerpc-2.6.8/kernel-build-2.6.8-4-power4-smp_2.6.8-12sarge7_powerpc.deb Size/MD5 checksum: 409324 de89552c4f4a5b12c56653cd50fc7f95 http://security.debian.org/pool/updates/main/k/kernel-patch-powerpc-2.6.8/kernel-build-2.6.8-4-powerpc_2.6.8-12sarge7_powerpc.deb Size/MD5 checksum: 409688 fcafa2cd922a131165ab0595375426ab http://security.debian.org/pool/updates/main/k/kernel-patch-powerpc-2.6.8/kernel-build-2.6.8-4-powerpc-smp_2.6.8-12sarge7_powerpc.deb Size/MD5 checksum: 409482 034ca72a697bfaaaf3f2594a5403f59c http://security.debian.org/pool/updates/main/k/kernel-patch-powerpc-2.6.8/kernel-headers-2.6.8-4_2.6.8-12sarge7_powerpc.deb Size/MD5 checksum: 5150300 70cca6665a0fc4f994c5ce7fda3a59e6 http://security.debian.org/pool/updates/main/k/kernel-patch-powerpc-2.6.8/kernel-image-2.6.8-4-power3_2.6.8-12sarge7_powerpc.deb Size/MD5 checksum: 13587026 458c7359fbbc76bc02eb8ef2b55cc0b9 http://security.debian.org/pool/updates/main/k/kernel-patch-powerpc-2.6.8/kernel-image-2.6.8-4-power3-smp_2.6.8-12sarge7_powerpc.deb Size/MD5 checksum: 13948056 a720aaf5f4b6ce53847e96435676842d http://security.debian.org/pool/updates/main/k/kernel-patch-powerpc-2.6.8/kernel-image-2.6.8-4-power4_2.6.8-12sarge7_powerpc.deb Size/MD5 checksum: 13579066 36f3e22d4d878a5733272019c5b3f25e http://security.debian.org/pool/updates/main/k/kernel-patch-powerpc-2.6.8/kernel-image-2.6.8-4-power4-smp_2.6.8-12sarge7_powerpc.deb Size/MD5 checksum: 13934448 689456442e9921f8f5f724b82c1a4388 http://security.debian.org/pool/updates/main/k/kernel-patch-powerpc-2.6.8/kernel-image-2.6.8-4-powerpc_2.6.8-12sarge7_powerpc.deb Size/MD5 checksum: 13605826 589790a4236615c0b2e7ad508edfbe7c http://security.debian.org/pool/updates/main/k/kernel-patch-powerpc-2.6.8/kernel-image-2.6.8-4-powerpc-smp_2.6.8-12sarge7_powerpc.deb Size/MD5 checksum: 13864916 50a87b0529f598e4d4684ee6221e3cef http://security.debian.org/pool/updates/main/m/mol-modules-2.6.8/mol-modules-2.6.8-4-powerpc_0.9.70+2.6.8+12sarge2_powerpc.deb Size/MD5 checksum: 38440 5dd90d5f03bfe8457c5c2ecadc9c2d1c http://security.debian.org/pool/updates/main/m/mol-modules-2.6.8/mol-modules-2.6.8-4-powerpc-smp_0.9.70+2.6.8+12sarge2_powerpc.deb Size/MD5 checksum: 39372 4edd33511d47ff9e6cf971b0e930374e IBM S/390 architecture: http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-s390/kernel-headers-2.6.8-4_2.6.8-5sarge7_s390.deb Size/MD5 checksum: 5089222 1df72a6dadb3d4c860e7fb98b8059055 http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-s390/kernel-image-2.6.8-4-s390_2.6.8-5sarge7_s390.deb Size/MD5 checksum: 2987292 c1defc5cabc10eaaf039513911ef0bb1 http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-s390/kernel-image-2.6.8-4-s390-tape_2.6.8-5sarge7_s390.deb Size/MD5 checksum: 1147294 d2b7b3d5780fca7a4c02f26c2d13c0ba http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-s390/kernel-image-2.6.8-4-s390x_2.6.8-5sarge7_s390.deb Size/MD5 checksum: 3194032 d8e5e1f978e0342345190501e22bce49 Sun Sparc architecture: http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-sparc/kernel-build-2.6.8-4_2.6.8-15sarge7_sparc.deb Size/MD5 checksum: 8128 2c3760c5ad3d06d389c33f5fc4cb0bca http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-sparc/kernel-headers-2.6.8-4_2.6.8-15sarge7_sparc.deb Size/MD5 checksum: 2893516 02e8eca22069fc8d5ccaf3fb20ac3c52 http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-sparc/kernel-headers-2.6.8-4-sparc32_2.6.8-15sarge7_sparc.deb Size/MD5 checksum: 113334 ed0eb1de3b97b909c45dffeed89d40fb http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-sparc/kernel-headers-2.6.8-4-sparc64_2.6.8-15sarge7_sparc.deb Size/MD5 checksum: 148128 bafc5bf78fae912f73a38d927a2cbd47 http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-sparc/kernel-headers-2.6.8-4-sparc64-smp_2.6.8-15sarge7_sparc.deb Size/MD5 checksum: 148594 2d01718f8cd038942004778a23ce91b4 http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-sparc/kernel-image-2.6.8-4-sparc32_2.6.8-15sarge7_sparc.deb Size/MD5 checksum: 4556924 0061d182061c7b821fb208f348ed870f http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-sparc/kernel-image-2.6.8-4-sparc64_2.6.8-15sarge7_sparc.deb Size/MD5 checksum: 7440258 ce79e30d9a4807a8bf565b9045b47f9c http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-sparc/kernel-image-2.6.8-4-sparc64-smp_2.6.8-15sarge7_sparc.deb Size/MD5 checksum: 7638478 306f0c1fc183597513943c030c06505a These files will probably be moved into the stable distribution on its next update. - - --------------------------------------------------------------------------------- For apt-get: deb http://security.debian.org/ stable/updates main For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main Mailing list: debian-security-announce@lists.debian.org Package info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg> - -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (GNU/Linux) iD8DBQFGc8ELhuANDBmkLRkRAoAeAJ9DhVYUpgbEz0vyzcAIgB1R1mh6TwCfVe9J Xpx/hYZXDzSFh1rTiB8U7jQ= =tX8W - -----END PGP SIGNATURE----- - --------------------------END INCLUDED TEXT-------------------- You have received this e-mail bulletin as a result of your organisation's registration with AusCERT. The mailing list you are subscribed to is maintained within your organisation, so if you do not wish to continue receiving these bulletins you should contact your local IT manager. If you do not know who that is, please send an email to auscert@auscert.org.au and we will forward your request to the appropriate person. NOTE: Third Party Rights This security bulletin is provided as a service to AusCERT's members. As AusCERT did not write the document quoted above, AusCERT has had no control over its content. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. NOTE: This is only the original release of the security bulletin. It may not be updated when updates to the original are made. If downloading at a later date, it is recommended that the bulletin is retrieved directly from the author's website to ensure that the information is still current. Contact information for the authors of the original document is included in the Security Bulletin above. If you have any questions or need further information, please contact them directly. Previous advisories and external security bulletins can be retrieved from: http://www.auscert.org.au/render.html?cid=1980 If you believe that your computer system has been compromised or attacked in any way, we encourage you to let us know by completing the secure National IT Incident Reporting Form at: http://www.auscert.org.au/render.html?it=3192 =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: http://www.auscert.org.au/render.html?it=1967 iQCVAwUBRnYNTSh9+71yA2DNAQKFYQP/VeTD03UnkH5nLCPoJAmLr8JWeYFhQ9XO 0G+U+iHLrACjQA4tuNFol3Raae7Apwi6dk4v0ImMszfQfmlQI6K3VFe2h9j9+hAt M8QW1yo8sqYNKjnVgGEUcv3s3YlBpzgcQaOWBRNI+eGTIUtboyNETGm32dyyM2j+ k3mRZDDZNjM= =9j7u -----END PGP SIGNATURE-----