Protect yourself against future threats.
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
===========================================================================
AUSCERT External Security Bulletin Redistribution
ESB-2007.0431 -- [Debian]
New Linux kernel 2.6.8 packages fix several vulnerabilities
18 June 2007
===========================================================================
AusCERT Security Bulletin Summary
---------------------------------
Product: kernel-source-2.6.8
Publisher: Debian
Operating System: Debian GNU/Linux 3.1
Impact: Denial of Service
Access: Remote/Unauthenticated
CVE Names: CVE-2007-1592 CVE-2007-1357 CVE-2007-0958
CVE-2006-6535 CVE-2006-6106 CVE-2006-6060
CVE-2006-6056 CVE-2006-6053 CVE-2006-5757
CVE-2006-5754 CVE-2006-5753 CVE-2006-4814
CVE-2006-4623 CVE-2005-4811 CVE-2004-1073
Ref: ESB-2007.0294
Original Bulletin: http://www.debian.org/security/2007/dsa-1304
- --------------------------BEGIN INCLUDED TEXT--------------------
- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
- - --------------------------------------------------------------------------
Debian Security Advisory DSA 1304-1 security@debian.org
http://www.debian.org/security/ Dann Frazier
June 16th, 2007 http://www.debian.org/security/faq
- - --------------------------------------------------------------------------
Package : kernel-source-2.6.8
Vulnerability : several
Problem-Type : local/remote
Debian-specific: no
CVE ID : CVE-2005-4811 CVE-2006-4814 CVE-2006-4623 CVE-2006-5753
CVE-2006-5754 CVE-2006-5757 CVE-2006-6053 CVE-2006-6056
CVE-2006-6060 CVE-2006-6106 CVE-2006-6535 CVE-2007-0958
CVE-2007-1357 CVE-2007-1592
Several local and remote vulnerabilities have been discovered in the Linux
kernel that may lead to a denial of service or the execution of arbitrary
code.
This update also fixes a regression in the smbfs subsystem which was introduced
in DSA-1233 which caused symlinks to be interpreted as regular files.
The Common Vulnerabilities and Exposures project identifies the
following problems:
CVE-2005-4811
David Gibson reported an issue in the hugepage code which could permit
a local DoS (system crash) on appropriately configured systems.
CVE-2006-4814
Doug Chapman discovered a potential local DoS (deadlock) in the mincore
function caused by improper lock handling.
CVE-2006-4623
Ang Way Chuang reported a remote DoS (crash) in the dvb driver which
can be triggered by a ULE package with an SNDU length of 0.
CVE-2006-5753
Eric Sandeen provided a fix for a local memory corruption vulnerability
resulting from a misinterpretation of return values when operating on
inodes which have been marked bad.
CVE-2006-5754
Darrick Wong discovered a local DoS (crash) vulnerability resulting from
the incorrect initialization of "nr_pages" in aio_setup_ring().
CVE-2006-5757
LMH reported a potential local DoS which could be exploited by a malicious
user with the privileges to mount and read a corrupted iso9660 filesystem.
CVE-2006-6053
LMH reported a potential local DoS which could be exploited by a malicious
user with the privileges to mount and read a corrupted ext3 filesystem.
CVE-2006-6056
LMH reported a potential local DoS which could be exploited by a malicious
user with the privileges to mount and read a corrupted hfs filesystem on
systems with SELinux hooks enabled (Debian does not enable SELinux by
default).
CVE-2006-6060
LMH reported a potential local DoS (infinie loop) which could be exploited
by a malicious user with the privileges to mount and read a corrupted NTFS
filesystem.
CVE-2006-6106
Marcel Holtman discovered multiple buffer overflows in the Bluetooth
subsystem which can be used to trigger a remote DoS (crash) and potentially
execute arbitray code.
CVE-2006-6535
Kostantin Khorenko discovered an invalid error path in dev_queue_xmit()
which could be exploited by a local user to cause data corruption.
CVE-2007-0958
Santosh Eraniose reported a vulnerability that allows local users to read
otherwise unreadable files by triggering a core dump while using PT_INTERP.
This is related to CVE-2004-1073.
CVE-2007-1357
Jean Delvare reported a vulnerability in the appletalk subsystem.
Systems with the appletalk module loaded can be triggered to crash
by other systems on the local network via a malformed frame.
CVE-2007-1592
Masayuki Nakagawa discovered that flow labels were inadvertently
being shared between listening sockets and child sockets. This defect
can be exploited by local users to cause a DoS (Oops).
The following matrix explains which kernel version for which architecture
fix the problems mentioned above:
Debian 3.1 (sarge)
Source 2.6.8-16sarge7
Alpha architecture 2.6.8-16sarge7
AMD64 architecture 2.6.8-16sarge7
HP Precision architecture 2.6.8-6sarge7
Intel IA-32 architecture 2.6.8-16sarge7
Intel IA-64 architecture 2.6.8-14sarge7
Motorola 680x0 architecture 2.6.8-4sarge7
PowerPC architecture 2.6.8-12sarge7
IBM S/390 architecture 2.6.8-5sarge7
Sun Sparc architecture 2.6.8-15sarge7
We recommend that you upgrade your kernel package immediately and reboot
the machine. If you have built a custom kernel from the kernel source
package, you will need to rebuild to take advantage of these fixes.
Upgrade Instructions
- - --------------------
wget url
will fetch the file for you
dpkg -i file.deb
will install the referenced file.
If you are using the apt-get package manager, use the line for
sources.list as given below:
apt-get update
will update the internal database
apt-get upgrade
will install corrected packages
You may use an automated update by adding the resources from the
footer to the proper configuration.
Debian GNU/Linux 3.1 alias sarge
- - --------------------------------
Source archives:
http://security.debian.org/pool/updates/main/f/fai-kernels/fai-kernels_1.9.1sarge6.dsc
Size/MD5 checksum: 621 5549801d7afb55815fdbdab176ca876e
http://security.debian.org/pool/updates/main/f/fai-kernels/fai-kernels_1.9.1sarge6.tar.gz
Size/MD5 checksum: 30783 ca74ee036a13e209a496d86cfa216a3a
http://security.debian.org/pool/updates/main/h/hostap-modules-i386/hostap-modules-i386_0.3.7-1sarge2.dsc
Size/MD5 checksum: 1092 5873dba0c647976525db473f74acb9e0
http://security.debian.org/pool/updates/main/h/hostap-modules-i386/hostap-modules-i386_0.3.7-1sarge2.tar.gz
Size/MD5 checksum: 2310 77fa2acc4981a8139a83ab5ba38b2496
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-alpha/kernel-image-2.6.8-alpha_2.6.8-16sarge7.dsc
Size/MD5 checksum: 812 31724186421d5e75b4d30bc4c5ac4cfe
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-alpha/kernel-image-2.6.8-alpha_2.6.8-16sarge7.tar.gz
Size/MD5 checksum: 41795 5cf6d42b220f46f3dac97d1c04a8f259
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-amd64/kernel-image-2.6.8-amd64_2.6.8-16sarge7.dsc
Size/MD5 checksum: 1103 375e1122fd79645e41edab034be9de0f
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-amd64/kernel-image-2.6.8-amd64_2.6.8-16sarge7.tar.gz
Size/MD5 checksum: 79256 ca9f65f94ea59b6d7edaf6b78de20adb
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-hppa/kernel-image-2.6.8-hppa_2.6.8-6sarge7.dsc
Size/MD5 checksum: 1013 f815fd7077a24a9bc1639e8965ac8436
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-hppa/kernel-image-2.6.8-hppa_2.6.8-6sarge7.tar.gz
Size/MD5 checksum: 70389 9ebd6b53dfe6592d0783727b994c093e
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-i386/kernel-image-2.6.8-i386_2.6.8-16sarge7.dsc
Size/MD5 checksum: 1047 77659b43aa4f6e16200a2fc7c965f38d
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-i386/kernel-image-2.6.8-i386_2.6.8-16sarge7.tar.gz
Size/MD5 checksum: 93525 8def6bcf41cc21b34233d64a91fd3711
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-ia64/kernel-image-2.6.8-ia64_2.6.8-14sarge7.dsc
Size/MD5 checksum: 1191 672189ecf8912c0c58dc83dee1db8c43
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-ia64/kernel-image-2.6.8-ia64_2.6.8-14sarge7.tar.gz
Size/MD5 checksum: 67022 d9201644c379a6014c0cc604bfb8e0ab
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-m68k/kernel-image-2.6.8-m68k_2.6.8-4sarge7.dsc
Size/MD5 checksum: 874 faf43ca53f82737f123afab17a74f052
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-m68k/kernel-image-2.6.8-m68k_2.6.8-4sarge7.tar.gz
Size/MD5 checksum: 20214 82cb545e2b7abbb013cae38deebf4e08
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-s390/kernel-image-2.6.8-s390_2.6.8-5sarge7.dsc
Size/MD5 checksum: 846 64007a13f7e337cbf008bc2c74b52ea1
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-s390/kernel-image-2.6.8-s390_2.6.8-5sarge7.tar.gz
Size/MD5 checksum: 15750 201c22a6234947a99c468f2779160b33
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-sparc/kernel-image-2.6.8-sparc_2.6.8-15sarge7.dsc
Size/MD5 checksum: 1036 354dca83df1ed4b6fd9eb056aa868a0e
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-sparc/kernel-image-2.6.8-sparc_2.6.8-15sarge7.tar.gz
Size/MD5 checksum: 29718 2238b6f81d4b7c64e75d21749a2c9c71
http://security.debian.org/pool/updates/main/k/kernel-patch-powerpc-2.6.8/kernel-patch-powerpc-2.6.8_2.6.8-12sarge7.dsc
Size/MD5 checksum: 1071 1bc90c9c9a884ca21de67e47f7f71831
http://security.debian.org/pool/updates/main/k/kernel-patch-powerpc-2.6.8/kernel-patch-powerpc-2.6.8_2.6.8-12sarge7.tar.gz
Size/MD5 checksum: 29824 c5af34b00421bbf54f73210fae7da80a
http://security.debian.org/pool/updates/main/k/kernel-source-2.6.8/kernel-source-2.6.8_2.6.8-16sarge7.dsc
Size/MD5 checksum: 1002 045ef1474c1a353d5aa48dea8c67183b
http://security.debian.org/pool/updates/main/k/kernel-source-2.6.8/kernel-source-2.6.8_2.6.8-16sarge7.diff.gz
Size/MD5 checksum: 1086810 4d9a1726c26fb571d1b10bc94f4ee102
http://security.debian.org/pool/updates/main/k/kernel-source-2.6.8/kernel-source-2.6.8_2.6.8.orig.tar.gz
Size/MD5 checksum: 43929719 0393c05ffa4770c3c5178b74dc7a4282
http://security.debian.org/pool/updates/main/m/mol-modules-2.6.8/mol-modules-2.6.8_0.9.70+2.6.8+12sarge2.dsc
Size/MD5 checksum: 703 adb50819acd30f02a8c22f0397675bb5
http://security.debian.org/pool/updates/main/m/mol-modules-2.6.8/mol-modules-2.6.8_0.9.70+2.6.8+12sarge2.tar.gz
Size/MD5 checksum: 4358 469b36e05242fb4ce2adfc0d102fa2aa
Architecture independent components:
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-s390/kernel-patch-2.6.8-s390_2.6.8-5sarge7_all.deb
Size/MD5 checksum: 13864 651d60ecebfed7a105e0263f6fe5478e
http://security.debian.org/pool/updates/main/k/kernel-source-2.6.8/kernel-doc-2.6.8_2.6.8-16sarge7_all.deb
Size/MD5 checksum: 6185220 661002c3ad09bbd5dcab929d531041b2
http://security.debian.org/pool/updates/main/k/kernel-source-2.6.8/kernel-patch-debian-2.6.8_2.6.8-16sarge7_all.deb
Size/MD5 checksum: 1142308 4cbfb30ffaf7e431cf8b162a37c543a3
http://security.debian.org/pool/updates/main/k/kernel-source-2.6.8/kernel-source-2.6.8_2.6.8-16sarge7_all.deb
Size/MD5 checksum: 34947952 2487a3846e7143fdfca3ad5664028c88
http://security.debian.org/pool/updates/main/k/kernel-source-2.6.8/kernel-tree-2.6.8_2.6.8-16sarge7_all.deb
Size/MD5 checksum: 37742 9d7013f35ef4f2720147f393efa265a4
Alpha architecture:
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-alpha/kernel-headers-2.6.8-4_2.6.8-16sarge7_alpha.deb
Size/MD5 checksum: 2762560 84e7e74114738170f4d9f7df9e270b78
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-alpha/kernel-headers-2.6.8-4-generic_2.6.8-16sarge7_alpha.deb
Size/MD5 checksum: 234956 23c852ab91eb4a3ac982c9cbe04eff84
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-alpha/kernel-headers-2.6.8-4-smp_2.6.8-16sarge7_alpha.deb
Size/MD5 checksum: 229566 aa37cc2ff3b38f45f0e83bed8d177b47
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-alpha/kernel-image-2.6.8-4-generic_2.6.8-16sarge7_alpha.deb
Size/MD5 checksum: 20243562 d927ee8555993b8d6fc77790d3b55711
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-alpha/kernel-image-2.6.8-4-smp_2.6.8-16sarge7_alpha.deb
Size/MD5 checksum: 20097284 206b31b2bd3751fcea2607ee351c9889
AMD64 architecture:
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-amd64/kernel-headers-2.6.8-13_2.6.8-16sarge7_amd64.deb
Size/MD5 checksum: 2725500 3f3ab58e8870ab61b9e23c23761a4604
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-amd64/kernel-headers-2.6.8-13-amd64-generic_2.6.8-16sarge7_amd64.deb
Size/MD5 checksum: 228840 d16b8661666cdde1b13b566da719f49e
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-amd64/kernel-headers-2.6.8-13-amd64-k8_2.6.8-16sarge7_amd64.deb
Size/MD5 checksum: 228024 afcb92db3b32fcef246cfdbaebc7c488
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-amd64/kernel-headers-2.6.8-13-amd64-k8-smp_2.6.8-16sarge7_amd64.deb
Size/MD5 checksum: 224084 d726ad34628dce5f56a292726ef77418
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-amd64/kernel-headers-2.6.8-13-em64t-p4_2.6.8-16sarge7_amd64.deb
Size/MD5 checksum: 225808 d284e53c3827339b685be9c0b2c2bfb0
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-amd64/kernel-headers-2.6.8-13-em64t-p4-smp_2.6.8-16sarge7_amd64.deb
Size/MD5 checksum: 222522 97e162f7245121533a0a20fd6e439b1f
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-amd64/kernel-image-2.6.8-13-amd64-generic_2.6.8-16sarge7_amd64.deb
Size/MD5 checksum: 12574610 c65adc755a40692b1351fa778a7ce25b
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-amd64/kernel-image-2.6.8-13-amd64-k8_2.6.8-16sarge7_amd64.deb
Size/MD5 checksum: 13273222 e94fdc0178812250ce7beb3cbcb5156d
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-amd64/kernel-image-2.6.8-13-amd64-k8-smp_2.6.8-16sarge7_amd64.deb
Size/MD5 checksum: 13229476 87dfdba1729330c694e488fc9bef1bd2
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-amd64/kernel-image-2.6.8-13-em64t-p4_2.6.8-16sarge7_amd64.deb
Size/MD5 checksum: 13077014 02066ed9e51dbd403e4774492a1f1a4c
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-amd64/kernel-image-2.6.8-13-em64t-p4-smp_2.6.8-16sarge7_amd64.deb
Size/MD5 checksum: 13058474 9599a93b640a5d5e8da7f23ed7f4ab27
HP Precision architecture:
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-hppa/kernel-headers-2.6.8-4_2.6.8-6sarge7_hppa.deb
Size/MD5 checksum: 2803824 0eb5a4184865094e9e835cd6f199b00c
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-hppa/kernel-headers-2.6.8-4-32_2.6.8-6sarge7_hppa.deb
Size/MD5 checksum: 214636 3292ec383938984d8131a40f277319a5
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-hppa/kernel-headers-2.6.8-4-32-smp_2.6.8-6sarge7_hppa.deb
Size/MD5 checksum: 213972 61f3fc8bb2046797b43a00c2221e1171
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-hppa/kernel-headers-2.6.8-4-64_2.6.8-6sarge7_hppa.deb
Size/MD5 checksum: 213562 ee18d9c16cc6331dbb298d9262abbc9e
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-hppa/kernel-headers-2.6.8-4-64-smp_2.6.8-6sarge7_hppa.deb
Size/MD5 checksum: 212888 698a340ca8a5e1d1609dc6352b0199ae
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-hppa/kernel-image-2.6.8-4-32_2.6.8-6sarge7_hppa.deb
Size/MD5 checksum: 16039300 662e50ec503587eeb8745cc5744bfcc1
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-hppa/kernel-image-2.6.8-4-32-smp_2.6.8-6sarge7_hppa.deb
Size/MD5 checksum: 16947726 551b44ab6365f48c3728046f9c625406
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-hppa/kernel-image-2.6.8-4-64_2.6.8-6sarge7_hppa.deb
Size/MD5 checksum: 17493200 d463b06fd140bedf5ff92c922b3cff50
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-hppa/kernel-image-2.6.8-4-64-smp_2.6.8-6sarge7_hppa.deb
Size/MD5 checksum: 18325380 6b79ea34d4e01ee2aea71140b379b380
Intel IA-32 architecture:
http://security.debian.org/pool/updates/main/f/fai-kernels/fai-kernels_1.9.1sarge6_i386.deb
Size/MD5 checksum: 12007024 966cfd1adb7d4eb8b14eff257ad90576
http://security.debian.org/pool/updates/main/h/hostap-modules-i386/hostap-modules-2.4.27-3-386_0.3.7-1sarge2_i386.deb
Size/MD5 checksum: 140588 4d3d9c96e4566ea0ae5b8ce33892b9f5
http://security.debian.org/pool/updates/main/h/hostap-modules-i386/hostap-modules-2.4.27-3-586tsc_0.3.7-1sarge2_i386.deb
Size/MD5 checksum: 153216 ec1de04dfe524ed566c9168317c7f96d
http://security.debian.org/pool/updates/main/h/hostap-modules-i386/hostap-modules-2.4.27-3-686_0.3.7-1sarge2_i386.deb
Size/MD5 checksum: 156142 d3d7ccde57a411d1e57fd606dac627fb
http://security.debian.org/pool/updates/main/h/hostap-modules-i386/hostap-modules-2.4.27-3-686-smp_0.3.7-1sarge2_i386.deb
Size/MD5 checksum: 160348 3f0273700f3be9fa5430046ba227dd91
http://security.debian.org/pool/updates/main/h/hostap-modules-i386/hostap-modules-2.4.27-3-k6_0.3.7-1sarge2_i386.deb
Size/MD5 checksum: 149216 69c40d1ebb04a5ceca0374d28ff6faa2
http://security.debian.org/pool/updates/main/h/hostap-modules-i386/hostap-modules-2.4.27-3-k7_0.3.7-1sarge2_i386.deb
Size/MD5 checksum: 154834 49bca7c096574c6c0dbfe44db03c2cd0
http://security.debian.org/pool/updates/main/h/hostap-modules-i386/hostap-modules-2.4.27-3-k7-smp_0.3.7-1sarge2_i386.deb
Size/MD5 checksum: 158768 d31bb7bcec9ea2d123df2d9d2fc3ccff
http://security.debian.org/pool/updates/main/h/hostap-modules-i386/hostap-modules-2.6.8-4-386_0.3.7-1sarge2_i386.deb
Size/MD5 checksum: 147778 16e794df6938137a2bd066f4765c5cb2
http://security.debian.org/pool/updates/main/h/hostap-modules-i386/hostap-modules-2.6.8-4-686_0.3.7-1sarge2_i386.deb
Size/MD5 checksum: 165352 c92a69dee0c20259819ff4a6e1ce127f
http://security.debian.org/pool/updates/main/h/hostap-modules-i386/hostap-modules-2.6.8-4-686-smp_0.3.7-1sarge2_i386.deb
Size/MD5 checksum: 169670 fa480aa39abd471188776c526fd168fc
http://security.debian.org/pool/updates/main/h/hostap-modules-i386/hostap-modules-2.6.8-4-k7_0.3.7-1sarge2_i386.deb
Size/MD5 checksum: 163782 ae0f354c82688de2119cd9ade09e74c7
http://security.debian.org/pool/updates/main/h/hostap-modules-i386/hostap-modules-2.6.8-4-k7-smp_0.3.7-1sarge2_i386.deb
Size/MD5 checksum: 168098 bf6e5340a8f9c1484ee5ec72def36707
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-i386/kernel-headers-2.6.8-4_2.6.8-16sarge7_i386.deb
Size/MD5 checksum: 2782142 060404a3576c79845753ca1d7fd32a20
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-i386/kernel-headers-2.6.8-4-386_2.6.8-16sarge7_i386.deb
Size/MD5 checksum: 260950 875fa8dd31aa4ec2cd60789028b8998a
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-i386/kernel-headers-2.6.8-4-686_2.6.8-16sarge7_i386.deb
Size/MD5 checksum: 259062 0aec026194b11813344b17bfcce1f891
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-i386/kernel-headers-2.6.8-4-686-smp_2.6.8-16sarge7_i386.deb
Size/MD5 checksum: 256060 8bb21af70c57b6dce4f6e21e1681e1f9
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-i386/kernel-headers-2.6.8-4-k7_2.6.8-16sarge7_i386.deb
Size/MD5 checksum: 259116 d894737b2d3bd873362fe8df8ec413b2
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-i386/kernel-headers-2.6.8-4-k7-smp_2.6.8-16sarge7_i386.deb
Size/MD5 checksum: 256212 7bbbee51dae99f8a71d85284311bef37
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-i386/kernel-image-2.6.8-4-386_2.6.8-16sarge7_i386.deb
Size/MD5 checksum: 14068328 6086f827005699f3ce18e8e38a4e6fff
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-i386/kernel-image-2.6.8-4-686_2.6.8-16sarge7_i386.deb
Size/MD5 checksum: 15553736 91c0c8cf6f38ff8b13c33ff8eb76914f
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-i386/kernel-image-2.6.8-4-686-smp_2.6.8-16sarge7_i386.deb
Size/MD5 checksum: 15391134 41f0635a9278030173cb9a949111e14e
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-i386/kernel-image-2.6.8-4-k7_2.6.8-16sarge7_i386.deb
Size/MD5 checksum: 15275512 9e089adef128031a8f2115243ee03bd2
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-i386/kernel-image-2.6.8-4-k7-smp_2.6.8-16sarge7_i386.deb
Size/MD5 checksum: 15168590 2d54f3727c4d608a21400408b2c9d493
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-amd64/kernel-headers-2.6.8-13_2.6.8-16sarge7_i386.deb
Size/MD5 checksum: 2725464 90eeb0a9f5709f84c3c938616b1fccb5
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-amd64/kernel-headers-2.6.8-13-amd64-generic_2.6.8-16sarge7_i386.deb
Size/MD5 checksum: 228766 ffbb8044767a4e03782e14941b72f96d
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-amd64/kernel-headers-2.6.8-13-amd64-k8_2.6.8-16sarge7_i386.deb
Size/MD5 checksum: 227862 5a0d244abec1d92b8405c2d55f8d8ccc
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-amd64/kernel-headers-2.6.8-13-amd64-k8-smp_2.6.8-16sarge7_i386.deb
Size/MD5 checksum: 224060 bbd653fcc567ce1c4c39af98e4e14f5c
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-amd64/kernel-headers-2.6.8-13-em64t-p4_2.6.8-16sarge7_i386.deb
Size/MD5 checksum: 225776 52376bf8dc98cbd4729ca25461efb079
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-amd64/kernel-headers-2.6.8-13-em64t-p4-smp_2.6.8-16sarge7_i386.deb
Size/MD5 checksum: 222518 39139014fc8b44bbc87db457a49ac084
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-amd64/kernel-image-2.6.8-13-amd64-generic_2.6.8-16sarge7_i386.deb
Size/MD5 checksum: 12574442 d17f627e1d88d8bb3c57d10b108ce4d0
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-amd64/kernel-image-2.6.8-13-amd64-k8_2.6.8-16sarge7_i386.deb
Size/MD5 checksum: 13273306 fd8193f685bc9ea4f76b39f00bba8f50
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-amd64/kernel-image-2.6.8-13-amd64-k8-smp_2.6.8-16sarge7_i386.deb
Size/MD5 checksum: 13229824 5989357674d3f4e12bc2fc89a86ba549
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-amd64/kernel-image-2.6.8-13-em64t-p4_2.6.8-16sarge7_i386.deb
Size/MD5 checksum: 13226862 dc2ebac9133fcd8c1b85fb539d779683
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-amd64/kernel-image-2.6.8-13-em64t-p4-smp_2.6.8-16sarge7_i386.deb
Size/MD5 checksum: 13205066 6daa6858e61b1843e038f9e2a04df41c
Intel IA-64 architecture:
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-ia64/kernel-headers-2.6-itanium_2.6.8-14sarge7_ia64.deb
Size/MD5 checksum: 9496 bd1b20781c0a0261864cb25bfd65d9a4
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-ia64/kernel-headers-2.6-itanium-smp_2.6.8-14sarge7_ia64.deb
Size/MD5 checksum: 9560 7e3ff1e6eee69c81f42dd9912dce7baf
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-ia64/kernel-headers-2.6-mckinley_2.6.8-14sarge7_ia64.deb
Size/MD5 checksum: 9526 4d29c68fcde4f1164f310a8071783953
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-ia64/kernel-headers-2.6-mckinley-smp_2.6.8-14sarge7_ia64.deb
Size/MD5 checksum: 9586 4b0c7ca8651f9c785eccce8b356f766b
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-ia64/kernel-headers-2.6.8-4_2.6.8-14sarge7_ia64.deb
Size/MD5 checksum: 3101574 b38d525273063519f869b8025e586bf5
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-ia64/kernel-headers-2.6.8-4-itanium_2.6.8-14sarge7_ia64.deb
Size/MD5 checksum: 203348 25239d213c84ee50c68884e6285a95c4
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-ia64/kernel-headers-2.6.8-4-itanium-smp_2.6.8-14sarge7_ia64.deb
Size/MD5 checksum: 202850 8dc59012398a37e508bb33ed5088addd
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-ia64/kernel-headers-2.6.8-4-mckinley_2.6.8-14sarge7_ia64.deb
Size/MD5 checksum: 202972 4370ad87aa8f711509fec39878608621
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-ia64/kernel-headers-2.6.8-4-mckinley-smp_2.6.8-14sarge7_ia64.deb
Size/MD5 checksum: 202650 804b0b5408cf7d67187f620bf7c0c6c1
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-ia64/kernel-image-2.6-itanium_2.6.8-14sarge7_ia64.deb
Size/MD5 checksum: 9486 f2391dc971232c3c8a8ab0de5b551fe6
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-ia64/kernel-image-2.6-itanium-smp_2.6.8-14sarge7_ia64.deb
Size/MD5 checksum: 9556 3cae8e8cdf69ec485d731937ff6f0c30
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-ia64/kernel-image-2.6-mckinley_2.6.8-14sarge7_ia64.deb
Size/MD5 checksum: 9516 1febb236a0987f6a4be151e3923a7ed5
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-ia64/kernel-image-2.6-mckinley-smp_2.6.8-14sarge7_ia64.deb
Size/MD5 checksum: 9582 275b6170b6857bd1af929448dc54436c
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-ia64/kernel-image-2.6.8-4-itanium_2.6.8-14sarge7_ia64.deb
Size/MD5 checksum: 21496480 8ba69f1e15994cfe843718d7b46e069f
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-ia64/kernel-image-2.6.8-4-itanium-smp_2.6.8-14sarge7_ia64.deb
Size/MD5 checksum: 22145752 8ac7fa1bf92bf1c4c0205c182e70c0e9
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-ia64/kernel-image-2.6.8-4-mckinley_2.6.8-14sarge7_ia64.deb
Size/MD5 checksum: 21409290 211383f4405c60f9dcd6f4abd63a863a
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-ia64/kernel-image-2.6.8-4-mckinley-smp_2.6.8-14sarge7_ia64.deb
Size/MD5 checksum: 22161834 89aa6c21852a1dd897de9ee9c6686d31
Motorola 680x0 architecture:
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-m68k/kernel-image-2.6.8-amiga_2.6.8-4sarge7_m68k.deb
Size/MD5 checksum: 3308982 e5231d0f463e8cfad8a2b0affc640639
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-m68k/kernel-image-2.6.8-atari_2.6.8-4sarge7_m68k.deb
Size/MD5 checksum: 3106740 4cb685cf5ba010c1af6c345b72bf9a09
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-m68k/kernel-image-2.6.8-bvme6000_2.6.8-4sarge7_m68k.deb
Size/MD5 checksum: 3019810 daedbf476546953537e8b2fd0947bac4
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-m68k/kernel-image-2.6.8-hp_2.6.8-4sarge7_m68k.deb
Size/MD5 checksum: 2991960 7f83fcf87edd48606c27e6e539c5e8ab
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-m68k/kernel-image-2.6.8-mac_2.6.8-4sarge7_m68k.deb
Size/MD5 checksum: 3180758 479afd4614662b56a7f877a16c5733a8
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-m68k/kernel-image-2.6.8-mvme147_2.6.8-4sarge7_m68k.deb
Size/MD5 checksum: 2984108 246b0da97b814115941b6b367a5a6d69
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-m68k/kernel-image-2.6.8-mvme16x_2.6.8-4sarge7_m68k.deb
Size/MD5 checksum: 3052328 2a85ffeca76f8a87c09aab9da0365b35
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-m68k/kernel-image-2.6.8-q40_2.6.8-4sarge7_m68k.deb
Size/MD5 checksum: 3113210 f6f561b65d33a58a0b4a2ba3b5d4eb37
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-m68k/kernel-image-2.6.8-sun3_2.6.8-4sarge7_m68k.deb
Size/MD5 checksum: 2998472 665ea6e94f3e3215bdddde333a8e9109
PowerPC architecture:
http://security.debian.org/pool/updates/main/k/kernel-patch-powerpc-2.6.8/kernel-build-2.6.8-4-power3_2.6.8-12sarge7_powerpc.deb
Size/MD5 checksum: 409476 5e7a4e3b2ed13f34b1e2677a497ee1e9
http://security.debian.org/pool/updates/main/k/kernel-patch-powerpc-2.6.8/kernel-build-2.6.8-4-power3-smp_2.6.8-12sarge7_powerpc.deb
Size/MD5 checksum: 409404 20c20aa48f210bda7407c38b025aa55e
http://security.debian.org/pool/updates/main/k/kernel-patch-powerpc-2.6.8/kernel-build-2.6.8-4-power4_2.6.8-12sarge7_powerpc.deb
Size/MD5 checksum: 409410 f334dac64177c488d67f466ebcf3e169
http://security.debian.org/pool/updates/main/k/kernel-patch-powerpc-2.6.8/kernel-build-2.6.8-4-power4-smp_2.6.8-12sarge7_powerpc.deb
Size/MD5 checksum: 409324 de89552c4f4a5b12c56653cd50fc7f95
http://security.debian.org/pool/updates/main/k/kernel-patch-powerpc-2.6.8/kernel-build-2.6.8-4-powerpc_2.6.8-12sarge7_powerpc.deb
Size/MD5 checksum: 409688 fcafa2cd922a131165ab0595375426ab
http://security.debian.org/pool/updates/main/k/kernel-patch-powerpc-2.6.8/kernel-build-2.6.8-4-powerpc-smp_2.6.8-12sarge7_powerpc.deb
Size/MD5 checksum: 409482 034ca72a697bfaaaf3f2594a5403f59c
http://security.debian.org/pool/updates/main/k/kernel-patch-powerpc-2.6.8/kernel-headers-2.6.8-4_2.6.8-12sarge7_powerpc.deb
Size/MD5 checksum: 5150300 70cca6665a0fc4f994c5ce7fda3a59e6
http://security.debian.org/pool/updates/main/k/kernel-patch-powerpc-2.6.8/kernel-image-2.6.8-4-power3_2.6.8-12sarge7_powerpc.deb
Size/MD5 checksum: 13587026 458c7359fbbc76bc02eb8ef2b55cc0b9
http://security.debian.org/pool/updates/main/k/kernel-patch-powerpc-2.6.8/kernel-image-2.6.8-4-power3-smp_2.6.8-12sarge7_powerpc.deb
Size/MD5 checksum: 13948056 a720aaf5f4b6ce53847e96435676842d
http://security.debian.org/pool/updates/main/k/kernel-patch-powerpc-2.6.8/kernel-image-2.6.8-4-power4_2.6.8-12sarge7_powerpc.deb
Size/MD5 checksum: 13579066 36f3e22d4d878a5733272019c5b3f25e
http://security.debian.org/pool/updates/main/k/kernel-patch-powerpc-2.6.8/kernel-image-2.6.8-4-power4-smp_2.6.8-12sarge7_powerpc.deb
Size/MD5 checksum: 13934448 689456442e9921f8f5f724b82c1a4388
http://security.debian.org/pool/updates/main/k/kernel-patch-powerpc-2.6.8/kernel-image-2.6.8-4-powerpc_2.6.8-12sarge7_powerpc.deb
Size/MD5 checksum: 13605826 589790a4236615c0b2e7ad508edfbe7c
http://security.debian.org/pool/updates/main/k/kernel-patch-powerpc-2.6.8/kernel-image-2.6.8-4-powerpc-smp_2.6.8-12sarge7_powerpc.deb
Size/MD5 checksum: 13864916 50a87b0529f598e4d4684ee6221e3cef
http://security.debian.org/pool/updates/main/m/mol-modules-2.6.8/mol-modules-2.6.8-4-powerpc_0.9.70+2.6.8+12sarge2_powerpc.deb
Size/MD5 checksum: 38440 5dd90d5f03bfe8457c5c2ecadc9c2d1c
http://security.debian.org/pool/updates/main/m/mol-modules-2.6.8/mol-modules-2.6.8-4-powerpc-smp_0.9.70+2.6.8+12sarge2_powerpc.deb
Size/MD5 checksum: 39372 4edd33511d47ff9e6cf971b0e930374e
IBM S/390 architecture:
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-s390/kernel-headers-2.6.8-4_2.6.8-5sarge7_s390.deb
Size/MD5 checksum: 5089222 1df72a6dadb3d4c860e7fb98b8059055
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-s390/kernel-image-2.6.8-4-s390_2.6.8-5sarge7_s390.deb
Size/MD5 checksum: 2987292 c1defc5cabc10eaaf039513911ef0bb1
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-s390/kernel-image-2.6.8-4-s390-tape_2.6.8-5sarge7_s390.deb
Size/MD5 checksum: 1147294 d2b7b3d5780fca7a4c02f26c2d13c0ba
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-s390/kernel-image-2.6.8-4-s390x_2.6.8-5sarge7_s390.deb
Size/MD5 checksum: 3194032 d8e5e1f978e0342345190501e22bce49
Sun Sparc architecture:
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-sparc/kernel-build-2.6.8-4_2.6.8-15sarge7_sparc.deb
Size/MD5 checksum: 8128 2c3760c5ad3d06d389c33f5fc4cb0bca
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-sparc/kernel-headers-2.6.8-4_2.6.8-15sarge7_sparc.deb
Size/MD5 checksum: 2893516 02e8eca22069fc8d5ccaf3fb20ac3c52
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-sparc/kernel-headers-2.6.8-4-sparc32_2.6.8-15sarge7_sparc.deb
Size/MD5 checksum: 113334 ed0eb1de3b97b909c45dffeed89d40fb
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-sparc/kernel-headers-2.6.8-4-sparc64_2.6.8-15sarge7_sparc.deb
Size/MD5 checksum: 148128 bafc5bf78fae912f73a38d927a2cbd47
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-sparc/kernel-headers-2.6.8-4-sparc64-smp_2.6.8-15sarge7_sparc.deb
Size/MD5 checksum: 148594 2d01718f8cd038942004778a23ce91b4
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-sparc/kernel-image-2.6.8-4-sparc32_2.6.8-15sarge7_sparc.deb
Size/MD5 checksum: 4556924 0061d182061c7b821fb208f348ed870f
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-sparc/kernel-image-2.6.8-4-sparc64_2.6.8-15sarge7_sparc.deb
Size/MD5 checksum: 7440258 ce79e30d9a4807a8bf565b9045b47f9c
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-sparc/kernel-image-2.6.8-4-sparc64-smp_2.6.8-15sarge7_sparc.deb
Size/MD5 checksum: 7638478 306f0c1fc183597513943c030c06505a
These files will probably be moved into the stable distribution on
its next update.
- - ---------------------------------------------------------------------------------
For apt-get: deb http://security.debian.org/ stable/updates main
For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main
Mailing list: debian-security-announce@lists.debian.org
Package info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>
- -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
iD8DBQFGc8ELhuANDBmkLRkRAoAeAJ9DhVYUpgbEz0vyzcAIgB1R1mh6TwCfVe9J
Xpx/hYZXDzSFh1rTiB8U7jQ=
=tX8W
- -----END PGP SIGNATURE-----
- --------------------------END INCLUDED TEXT--------------------
You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.
NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members. As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.
NOTE: This is only the original release of the security bulletin. It may
not be updated when updates to the original are made. If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.
Contact information for the authors of the original document is included
in the Security Bulletin above. If you have any questions or need further
information, please contact them directly.
Previous advisories and external security bulletins can be retrieved from:
http://www.auscert.org.au/render.html?cid=1980
If you believe that your computer system has been compromised or attacked in
any way, we encourage you to let us know by completing the secure National IT
Incident Reporting Form at:
http://www.auscert.org.au/render.html?it=3192
===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072
Internet Email: auscert@auscert.org.au
Facsimile: (07) 3365 7031
Telephone: (07) 3365 4417 (International: +61 7 3365 4417)
AusCERT personnel answer during Queensland business hours
which are GMT+10:00 (AEST).
On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967
iQCVAwUBRnYNTSh9+71yA2DNAQKFYQP/VeTD03UnkH5nLCPoJAmLr8JWeYFhQ9XO
0G+U+iHLrACjQA4tuNFol3Raae7Apwi6dk4v0ImMszfQfmlQI6K3VFe2h9j9+hAt
M8QW1yo8sqYNKjnVgGEUcv3s3YlBpzgcQaOWBRNI+eGTIUtboyNETGm32dyyM2j+
k3mRZDDZNjM=
=9j7u
-----END PGP SIGNATURE-----