Protect yourself against future threats.
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
===========================================================================
AUSCERT External Security Bulletin Redistribution
ESB-2009.0431 -- [Debian]
linux-2.6.24: Multiple Vulnerabilities
4 May 2009
===========================================================================
AusCERT Security Bulletin Summary
---------------------------------
Product: linux-2.6.24
Publisher: Debian
Operating System: Debian GNU/Linux 4.0
Impact: Execute Arbitrary Code/Commands
Increased Privileges
Access Privileged Data
Modify Arbitrary Files
Denial of Service
Provide Misleading Information
Reduced Security
Access: Remote/Unauthenticated
CVE Names: CVE-2009-1439 CVE-2009-1338 CVE-2009-1337
CVE-2009-1265 CVE-2009-1242 CVE-2009-1192
CVE-2009-1046 CVE-2009-0859 CVE-2009-0834
CVE-2009-0745 CVE-2009-0676 CVE-2009-0675
CVE-2009-0322 CVE-2009-0269 CVE-2009-0065
CVE-2009-0031 CVE-2009-0029 CVE-2009-0028
CVE-2008-5702 CVE-2008-5701 CVE-2008-5700
CVE-2008-5395 CVE-2008-5079 CVE-2008-4307
Ref: AA-2009.0004
AA-2009.0030
AA-2009.0071
AA-2009.0085
ESB-2008.1128
ESB-2009.0049
ESB-2009.0074
ESB-2009.0113
ESB-2009.0131
ESB-2009.0139
ESB-2009.0168
ESB-2009.0228
ESB-2009.0239
ESB-2009.0263
ESB-2009.0294
ESB-2009.0309
ESB-2009.0321
ESB-2009.0375
ESB-2009.0415
ESB-2009.0426
Original Bulletin: http://www.debian.org/security/2009/dsa-1787
- --------------------------BEGIN INCLUDED TEXT--------------------
- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
- - ----------------------------------------------------------------------
Debian Security Advisory DSA-1787-1 security@debian.org
http://www.debian.org/security/ Dann Frazier
May 2, 2009 http://www.debian.org/security/faq
- - ----------------------------------------------------------------------
Package : linux-2.6.24
Vulnerability : denial of service/privilege escalation/information leak
Problem type : local/remote
Debian-specific: no
CVE Id(s) : CVE-2008-4307 CVE-2008-5079 CVE-2008-5395 CVE-2008-5700
CVE-2008-5701 CVE-2008-5702 CVE-2009-0028 CVE-2009-0029
CVE-2009-0031 CVE-2009-0065 CVE-2009-0269 CVE-2009-0322
CVE-2009-0675 CVE-2009-0676 CVE-2009-0745 CVE-2009-0834
CVE-2009-0859 CVE-2009-1046 CVE-2009-1192 CVE-2009-1242
CVE-2009-1265 CVE-2009-1337 CVE-2009-1338 CVE-2009-1439
Several vulnerabilities have been discovered in the Linux kernel that
may lead to a denial of service or privilege escalation. The Common
Vulnerabilities and Exposures project identifies the following
problems:
CVE-2008-4307
Bryn M. Reeves reported a denial of service in the NFS filesystem.
Local users can trigger a kernel BUG() due to a race condition in
the do_setlk function.
CVE-2008-5079
Hugo Dias reported a DoS condition in the ATM subsystem that can
be triggered by a local user by calling the svc_listen function
twice on the same socket and reading /proc/net/atm/*vc.
CVE-2008-5395
Helge Deller discovered a denial of service condition that allows
local users on PA-RISC systems to crash a system by attempting to
unwind a stack contiaining userspace addresses.
CVE-2008-5700
Alan Cox discovered a lack of minimum timeouts on SG_IO requests,
which allows local users of systems using ATA to cause a denial of
service by forcing drives into PIO mode.
CVE-2008-5701
Vlad Malov reported an issue on 64-bit MIPS systems where a local
user could cause a system crash by crafing a malicious binary
which makes o32 syscalls with a number less than 4000.
CVE-2008-5702
Zvonimir Rakamaric reported an off-by-one error in the ib700wdt
watchdog driver which allows local users to cause a buffer
underflow by making a specially crafted WDIOC_SETTIMEOUT ioctl
call.
CVE-2009-0028
Chris Evans discovered a situation in which a child process can
send an arbitrary signal to its parent.
CVE-2009-0029
Christian Borntraeger discovered an issue effecting the alpha,
mips, powerpc, s390 and sparc64 architectures that allows local
users to cause a denial of service or potentially gain elevated
privileges.
CVE-2009-0031
Vegard Nossum discovered a memory leak in the keyctl subsystem
that allows local users to cause a denial of service by consuming
all of kernel memory.
CVE-2009-0065
Wei Yongjun discovered a memory overflow in the SCTP
implementation that can be triggered by remote users, permitting
remote code execution.
CVE-2009-0269
Duane Griffin provided a fix for an issue in the eCryptfs
subsystem which allows local users to cause a denial of service
(fault or memory corruption).
CVE-2009-0322
Pavel Roskin provided a fix for an issue in the dell_rbu driver
that allows a local user to cause a denial of service (oops) by
reading 0 byts from a sysfs entry.
CVE-2009-0675
Roel Kluin discovered inverted logic in the skfddi driver that
permits local, unprivileged users to reset the driver statistics.
CVE-2009-0676
Clement LECIGNE discovered a bug in the sock_getsockopt function
that may result in leaking sensitive kernel memory.
CVE-2009-0745
Peter Kerwien discovered an issue in the ext4 filesystem that
allows local users to cause a denial of service (kernel oops)
during a resize operation.
CVE-2009-0834
Roland McGrath discovered an issue on amd64 kernels that allows
local users to circumvent system call audit configurations which
filter based on the syscall numbers or argument details.
CVE-2009-0859
Jiri Olsa discovered that a local user can cause a denial of
service (system hang) using a SHM_INFO shmctl call on kernels
compiled with CONFIG_SHMEM disabled. This issue does not affect
prebuilt Debian kernels.
CVE-2009-1046
Mikulas Patocka reported an issue in the console subsystem that
allows a local user to cause memory corruption by selecting a
small number of 3-byte UTF-8 characters.
CVE-2009-1192
Shaohua Li reported an issue in the AGP subsystem they may allow
local users to read sensitive kernel memory due to a leak of
uninitialized memory.
CVE-2009-1242
Benjamin Gilbert reported a local denial of service vulnerability
in the KVM VMX implementation that allows local users to trigger
an oops.
CVE-2009-1265
Thomas Pollet reported an overflow in the af_rose implementation
that allows remote attackers to retrieve uninitialized kernel
memory that may contain sensitive data.
CVE-2009-1337
Oleg Nesterov discovered an issue in the exit_notify function that
allows local users to send an arbitrary signal to a process by
running a program that modifies the exit_signal field and then
uses an exec system call to launch a setuid application.
CVE-2009-1338
Daniel Hokka Zakrisson discovered that a kill(-1) is permitted to
reach processes outside of the current process namespace.
CVE-2009-1439
Pavan Naregundi reported an issue in the CIFS filesystem code that
allows remote users to overwrite memory via a long
nativeFileSystem field in a Tree Connect response during mount.
For the stable distribution (etch), these problems have been fixed in
version 2.6.24-6~etchnhalf.8etch1.
We recommend that you upgrade your linux-2.6.24 packages.
Note: Debian 'etch' includes linux kernel packages based upon both the
2.6.18 and 2.6.24 linux releases. All known security issues are
carefully tracked against both packages and both packages will receive
security updates until security support for Debian 'etch'
concludes. However, given the high frequency at which low-severity
security issues are discovered in the kernel and the resource
requirements of doing an update, lower severity 2.6.18 and 2.6.24
updates will typically release in a staggered or "leap-frog" fashion.
Upgrade instructions
- - --------------------
wget url
will fetch the file for you
dpkg -i file.deb
will install the referenced file.
If you are using the apt-get package manager, use the line for
sources.list as given below:
apt-get update
will update the internal database
apt-get upgrade
will install corrected packages
You may use an automated update by adding the resources from the
footer to the proper configuration.
Debian GNU/Linux 4.0 alias etch
- - -------------------------------
Oldstable updates are available for alpha, amd64, arm, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc.
Source archives:
http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-2.6.24_2.6.24-6~etchnhalf.8etch1.diff.gz
Size/MD5 checksum: 4033829 ff5f9342fbd061dcab316080057bf9ac
http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-2.6.24_2.6.24-6~etchnhalf.8etch1.dsc
Size/MD5 checksum: 5117 c71acfa6a187429a702d368e5974d082
http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-2.6.24_2.6.24.orig.tar.gz
Size/MD5 checksum: 59630522 6b8751d1eb8e71498ba74bbd346343af
Architecture independent packages:
http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-tree-2.6.24_2.6.24-6~etchnhalf.8etch1_all.deb
Size/MD5 checksum: 82422 f39c24b3acf13eee80ab07421e120bc7
http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-doc-2.6.24_2.6.24-6~etchnhalf.8etch1_all.deb
Size/MD5 checksum: 4260850 8b0891fa602714572b2ea8be13d4b2eb
http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-support-2.6.24-etchnhalf.1_2.6.24-6~etchnhalf.8etch1_all.deb
Size/MD5 checksum: 96802 317936645be453126afab54705999059
http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-manual-2.6.24_2.6.24-6~etchnhalf.8etch1_all.deb
Size/MD5 checksum: 1542086 460bc638a040b2674f4da6e30fc975f1
http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-source-2.6.24_2.6.24-6~etchnhalf.8etch1_all.deb
Size/MD5 checksum: 46865722 b3afc19906294f1990ab97e6c8943285
http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-patch-debian-2.6.24_2.6.24-6~etchnhalf.8etch1_all.deb
Size/MD5 checksum: 917482 dc533207197184a44dcc931372534b0b
alpha architecture (DEC Alpha)
http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-all-alpha_2.6.24-6~etchnhalf.8etch1_alpha.deb
Size/MD5 checksum: 82038 12269f5ccc3251bed6544c82ace6bab8
http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-image-2.6.24-etchnhalf.1-alpha-legacy_2.6.24-6~etchnhalf.8etch1_alpha.deb
Size/MD5 checksum: 26736698 8714134f74ad24d4a761d9e1b18c84dc
http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-alpha-smp_2.6.24-6~etchnhalf.8etch1_alpha.deb
Size/MD5 checksum: 332080 2632341b6c0d98b6798103d4e03a4980
http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-image-2.6.24-etchnhalf.1-alpha-generic_2.6.24-6~etchnhalf.8etch1_alpha.deb
Size/MD5 checksum: 26757530 c00a3280cf8bc9d18e52c64202af9e34
http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-image-2.6.24-etchnhalf.1-alpha-smp_2.6.24-6~etchnhalf.8etch1_alpha.deb
Size/MD5 checksum: 27341904 ee355aab70b9061c511e7152929c150a
http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-alpha-generic_2.6.24-6~etchnhalf.8etch1_alpha.deb
Size/MD5 checksum: 331054 7d30fb320e409180de47bdf7be8430c2
http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-common_2.6.24-6~etchnhalf.8etch1_alpha.deb
Size/MD5 checksum: 3454072 01417e58c71bb9515a4011c390be0580
http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-all_2.6.24-6~etchnhalf.8etch1_alpha.deb
Size/MD5 checksum: 82010 cff77bfb7491d357acc7d9d50dc0217e
http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-alpha-legacy_2.6.24-6~etchnhalf.8etch1_alpha.deb
Size/MD5 checksum: 330926 1b2c38a3628e25cc62b7e555800d48e5
amd64 architecture (AMD x86_64 (AMD64))
http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-image-2.6.24-etchnhalf.1-amd64_2.6.24-6~etchnhalf.8etch1_amd64.deb
Size/MD5 checksum: 19480638 9f9f06adb37a611ed3f24000859beb03
http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-common_2.6.24-6~etchnhalf.8etch1_amd64.deb
Size/MD5 checksum: 3654580 aac989a8eee05d7adaf9731dfdda062f
http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-amd64_2.6.24-6~etchnhalf.8etch1_amd64.deb
Size/MD5 checksum: 344960 4a6f4ac493086ec243734b3b6968a2bd
http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-all-amd64_2.6.24-6~etchnhalf.8etch1_amd64.deb
Size/MD5 checksum: 82010 f7713fceebf11933dd20c7db1c636df0
http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-all_2.6.24-6~etchnhalf.8etch1_amd64.deb
Size/MD5 checksum: 81998 7f2d31a9d80ae34c397d90912dbbb46f
arm architecture (ARM)
http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-ixp4xx_2.6.24-6~etchnhalf.8etch1_arm.deb
Size/MD5 checksum: 308926 05539199c8e837c4fccc75172a9c82be
http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-all_2.6.24-6~etchnhalf.8etch1_arm.deb
Size/MD5 checksum: 82136 39e67aa9c8617379a54c9f36d0d72572
http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-common_2.6.24-6~etchnhalf.8etch1_arm.deb
Size/MD5 checksum: 3939598 804e621a444954f2045f27a9282ae77a
http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-iop32x_2.6.24-6~etchnhalf.8etch1_arm.deb
Size/MD5 checksum: 306808 3086d994c254c2481c6610729c6ee182
http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-footbridge_2.6.24-6~etchnhalf.8etch1_arm.deb
Size/MD5 checksum: 296510 23d73ccad75398f169ad602db513b908
http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-image-2.6.24-etchnhalf.1-footbridge_2.6.24-6~etchnhalf.8etch1_arm.deb
Size/MD5 checksum: 9351566 c0326566806f5c7ed8de2342f4de857a
http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-image-2.6.24-etchnhalf.1-ixp4xx_2.6.24-6~etchnhalf.8etch1_arm.deb
Size/MD5 checksum: 10775966 6661bd851503d953c4ca43b6f8e85deb
http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-image-2.6.24-etchnhalf.1-iop32x_2.6.24-6~etchnhalf.8etch1_arm.deb
Size/MD5 checksum: 10768304 daca396e0f5decdfe92a7724069daa50
http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-all-arm_2.6.24-6~etchnhalf.8etch1_arm.deb
Size/MD5 checksum: 82166 8bb034ce3157aeefe7c3c692ebe14df4
hppa architecture (HP PA RISC)
http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-parisc64-smp_2.6.24-6~etchnhalf.8etch1_hppa.deb
Size/MD5 checksum: 261644 7c1852bbe840ac3d90c12d452e2681cf
http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-all_2.6.24-6~etchnhalf.8etch1_hppa.deb
Size/MD5 checksum: 82016 293d2bba2cb8563e700377ada35f2ba2
http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-parisc-smp_2.6.24-6~etchnhalf.8etch1_hppa.deb
Size/MD5 checksum: 259304 f3db74269efbac5501598e35a462bf20
http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-all-hppa_2.6.24-6~etchnhalf.8etch1_hppa.deb
Size/MD5 checksum: 82038 bdae604446c924296cd1aac5b9be7e95
http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-image-2.6.24-etchnhalf.1-parisc_2.6.24-6~etchnhalf.8etch1_hppa.deb
Size/MD5 checksum: 13332816 5d9819ffa069392df46ad94e193cbdf1
http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-parisc_2.6.24-6~etchnhalf.8etch1_hppa.deb
Size/MD5 checksum: 258452 c1a9dde9f1c92b4563126d1937d4eec2
http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-image-2.6.24-etchnhalf.1-parisc64_2.6.24-6~etchnhalf.8etch1_hppa.deb
Size/MD5 checksum: 14385162 6cbd8dc0702e5cb15237d246883dd2c0
http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-parisc64_2.6.24-6~etchnhalf.8etch1_hppa.deb
Size/MD5 checksum: 258378 4a864d5f74cd4f1e05362aa00e94236a
http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-image-2.6.24-etchnhalf.1-parisc64-smp_2.6.24-6~etchnhalf.8etch1_hppa.deb
Size/MD5 checksum: 14847618 ab5989ffb84c1780ba7a8d06ac501f67
http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-common_2.6.24-6~etchnhalf.8etch1_hppa.deb
Size/MD5 checksum: 3439250 22ebf43e46ee15c1240d6881c2554248
http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-image-2.6.24-etchnhalf.1-parisc-smp_2.6.24-6~etchnhalf.8etch1_hppa.deb
Size/MD5 checksum: 13845394 731ba27a151e94071c8f64ceb0da9e92
i386 architecture (Intel ia32)
http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-686_2.6.24-6~etchnhalf.8etch1_i386.deb
Size/MD5 checksum: 360908 aef486d9faf9aca0e61ea01e16d0cbc8
http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-image-2.6.24-etchnhalf.1-486_2.6.24-6~etchnhalf.8etch1_i386.deb
Size/MD5 checksum: 19348860 15a2e2dc1fa2b3b423d3010272f7f3f6
http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-all_2.6.24-6~etchnhalf.8etch1_i386.deb
Size/MD5 checksum: 82124 ee99a97dc91f3c2e205bce0b901904c0
http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-686-bigmem_2.6.24-6~etchnhalf.8etch1_i386.deb
Size/MD5 checksum: 359834 d80f275632e07acaaa02679eee976bb6
http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-all-i386_2.6.24-6~etchnhalf.8etch1_i386.deb
Size/MD5 checksum: 82160 07df09b3f1af03cd0f20d2b0cf2b679a
http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-amd64_2.6.24-6~etchnhalf.8etch1_i386.deb
Size/MD5 checksum: 347518 a3530c65c732ef54f207a3551c85ec9f
http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-image-2.6.24-etchnhalf.1-686-bigmem_2.6.24-6~etchnhalf.8etch1_i386.deb
Size/MD5 checksum: 19344944 28d8879c242e0698ee8524d006970445
http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-486_2.6.24-6~etchnhalf.8etch1_i386.deb
Size/MD5 checksum: 361402 3bad41e46bd717ebe8d15e0473f130eb
http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-image-2.6.24-etchnhalf.1-amd64_2.6.24-6~etchnhalf.8etch1_i386.deb
Size/MD5 checksum: 19589084 a8319258d3194cd59fa263a1b66a5626
http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-image-2.6.24-etchnhalf.1-686_2.6.24-6~etchnhalf.8etch1_i386.deb
Size/MD5 checksum: 19278254 608362b1503eb3ec838bd01152d7aa93
http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-common_2.6.24-6~etchnhalf.8etch1_i386.deb
Size/MD5 checksum: 3647296 a6ce4748c3fefd49a40ebbfed1e004f9
ia64 architecture (Intel ia64)
http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-mckinley_2.6.24-6~etchnhalf.8etch1_ia64.deb
Size/MD5 checksum: 318210 76ad07637a2fac8a32d827c23f893ffa
http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-image-2.6.24-etchnhalf.1-itanium_2.6.24-6~etchnhalf.8etch1_ia64.deb
Size/MD5 checksum: 32025152 eb4eec0df149a61e18ae22ef8c50eb43
http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-itanium_2.6.24-6~etchnhalf.8etch1_ia64.deb
Size/MD5 checksum: 318482 a155708aa4e74d90e54a4f107221c995
http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-common_2.6.24-6~etchnhalf.8etch1_ia64.deb
Size/MD5 checksum: 3567324 0e1d20a7ecbf444ad6aba30cc169963d
http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-all_2.6.24-6~etchnhalf.8etch1_ia64.deb
Size/MD5 checksum: 82000 f66623c2c53891b0d92055fb032d0592
http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-image-2.6.24-etchnhalf.1-mckinley_2.6.24-6~etchnhalf.8etch1_ia64.deb
Size/MD5 checksum: 32206190 62738a79d48dffcad324124d2b73f3d4
http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-all-ia64_2.6.24-6~etchnhalf.8etch1_ia64.deb
Size/MD5 checksum: 82028 6aa864922de84ad84cfff13eb9ce71ee
mips architecture (MIPS (Big Endian))
http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-5kc-malta_2.6.24-6~etchnhalf.8etch1_mips.deb
Size/MD5 checksum: 308452 f5d33880c20e98b12a9ad5ef53743910
http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-r4k-ip22_2.6.24-6~etchnhalf.8etch1_mips.deb
Size/MD5 checksum: 214502 a39b0ecffd3a215979f8e5bcdcd78bfe
http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-image-2.6.24-etchnhalf.1-sb1-bcm91250a_2.6.24-6~etchnhalf.8etch1_mips.deb
Size/MD5 checksum: 17166576 38a62721888bbb2f0fc4d7fbdba70c9e
http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-all-mips_2.6.24-6~etchnhalf.8etch1_mips.deb
Size/MD5 checksum: 82062 3aa3ea6a854d046759d5824257e47bf3
http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-image-2.6.24-etchnhalf.1-sb1a-bcm91480b_2.6.24-6~etchnhalf.8etch1_mips.deb
Size/MD5 checksum: 17151594 603b866be5168c042bbef832eb253c9d
http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-image-2.6.24-etchnhalf.1-r4k-ip22_2.6.24-6~etchnhalf.8etch1_mips.deb
Size/MD5 checksum: 10522386 725913ed966df3029d3f72332af590fd
http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-r5k-ip32_2.6.24-6~etchnhalf.8etch1_mips.deb
Size/MD5 checksum: 225228 e8ad107d20c67c798cdb093ae150592c
http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-sb1-bcm91250a_2.6.24-6~etchnhalf.8etch1_mips.deb
Size/MD5 checksum: 246218 69eee0d55e37c414da07e70b90c190a9
http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-image-2.6.24-etchnhalf.1-r5k-ip32_2.6.24-6~etchnhalf.8etch1_mips.deb
Size/MD5 checksum: 11957416 9d75b25a0668735d4bfb1fac77788723
http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-image-2.6.24-etchnhalf.1-5kc-malta_2.6.24-6~etchnhalf.8etch1_mips.deb
Size/MD5 checksum: 27772372 307325283c10af9dd6dc8cb4f0de39a7
http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-sb1a-bcm91480b_2.6.24-6~etchnhalf.8etch1_mips.deb
Size/MD5 checksum: 246310 815dfe8f02f354f03f0d63f8605bedd9
http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-image-2.6.24-etchnhalf.1-4kc-malta_2.6.24-6~etchnhalf.8etch1_mips.deb
Size/MD5 checksum: 22150880 d183f2a93f59d18034573fd7febf5e22
http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-common_2.6.24-6~etchnhalf.8etch1_mips.deb
Size/MD5 checksum: 3803446 4448552a0dd930e3d51a800c1d6deb50
http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-all_2.6.24-6~etchnhalf.8etch1_mips.deb
Size/MD5 checksum: 82008 871aace093a3411d3d01dfcc19e57a7a
http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-4kc-malta_2.6.24-6~etchnhalf.8etch1_mips.deb
Size/MD5 checksum: 309908 ebc141db56c3f149eaf265af89054e03
mipsel architecture (MIPS (Little Endian))
http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-common_2.6.24-6~etchnhalf.8etch1_mipsel.deb
Size/MD5 checksum: 3803432 926f0974edf97ded8ef4bd4f99847b35
http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-r5k-cobalt_2.6.24-6~etchnhalf.8etch1_mipsel.deb
Size/MD5 checksum: 245716 9a62f6221f1b1e36c8b397e5afcb966a
http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-all-mipsel_2.6.24-6~etchnhalf.8etch1_mipsel.deb
Size/MD5 checksum: 82060 401c4c5fb02f54a0deacef21bf630b0e
http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-image-2.6.24-etchnhalf.1-5kc-malta_2.6.24-6~etchnhalf.8etch1_mipsel.deb
Size/MD5 checksum: 26982892 39032aaca4b2a6cecc7091022a42e2b7
http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-image-2.6.24-etchnhalf.1-sb1a-bcm91480b_2.6.24-6~etchnhalf.8etch1_mipsel.deb
Size/MD5 checksum: 16629962 874a967e72aa10398626267cb2d5ba54
http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-image-2.6.24-etchnhalf.1-4kc-malta_2.6.24-6~etchnhalf.8etch1_mipsel.deb
Size/MD5 checksum: 21732318 7819062b50720a60a098d086978298ea
http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-all_2.6.24-6~etchnhalf.8etch1_mipsel.deb
Size/MD5 checksum: 82012 06886337047db3ad1df77cc919c4cff6
http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-sb1a-bcm91480b_2.6.24-6~etchnhalf.8etch1_mipsel.deb
Size/MD5 checksum: 246190 ec4b8f66e8a0065d694f990745049e7e
http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-image-2.6.24-etchnhalf.1-sb1-bcm91250a_2.6.24-6~etchnhalf.8etch1_mipsel.deb
Size/MD5 checksum: 16566324 d778d8f7f199e49cb087fafaef7eb551
http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-image-2.6.24-etchnhalf.1-r5k-cobalt_2.6.24-6~etchnhalf.8etch1_mipsel.deb
Size/MD5 checksum: 13316760 aadc4a462ca185163c902551556c92f6
http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-4kc-malta_2.6.24-6~etchnhalf.8etch1_mipsel.deb
Size/MD5 checksum: 309226 44e7866afb834db0bf71a9d034d729ba
http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-5kc-malta_2.6.24-6~etchnhalf.8etch1_mipsel.deb
Size/MD5 checksum: 308360 e53f7681e10aa6b07d1ea3e3b58622da
http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-sb1-bcm91250a_2.6.24-6~etchnhalf.8etch1_mipsel.deb
Size/MD5 checksum: 245984 a572ee84ea19bb4bb908e6c20a56ca37
powerpc architecture (PowerPC)
http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-image-2.6.24-etchnhalf.1-powerpc_2.6.24-6~etchnhalf.8etch1_powerpc.deb
Size/MD5 checksum: 19194974 99103ae37f6001139ea44dd31f84183f
http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-powerpc-smp_2.6.24-6~etchnhalf.8etch1_powerpc.deb
Size/MD5 checksum: 320916 0ba37f3d80f38b92b9097ea7e90fb3e7
http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-powerpc_2.6.24-6~etchnhalf.8etch1_powerpc.deb
Size/MD5 checksum: 320840 0ab836295bc998d5b54f9d54bb2bd23c
http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-image-2.6.24-etchnhalf.1-powerpc-smp_2.6.24-6~etchnhalf.8etch1_powerpc.deb
Size/MD5 checksum: 19485870 bbee80ba2e47827a9f8ac2360ccf9e68
http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-common_2.6.24-6~etchnhalf.8etch1_powerpc.deb
Size/MD5 checksum: 3672412 4ff49fe861ab4f49eec95d425114c349
http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-all_2.6.24-6~etchnhalf.8etch1_powerpc.deb
Size/MD5 checksum: 82012 03d29f46bdcab8bab20d237a294fc242
http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-powerpc-miboot_2.6.24-6~etchnhalf.8etch1_powerpc.deb
Size/MD5 checksum: 295058 7718f3ba536f4af7252961bbbbab24be
http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-image-2.6.24-etchnhalf.1-powerpc64_2.6.24-6~etchnhalf.8etch1_powerpc.deb
Size/MD5 checksum: 21169748 db5e60f6e3ba1fcd12a793fd30f75c14
http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-image-2.6.24-etchnhalf.1-powerpc-miboot_2.6.24-6~etchnhalf.8etch1_powerpc.deb
Size/MD5 checksum: 17459470 60369530c57a669b6c9bcd441f757417
http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-powerpc64_2.6.24-6~etchnhalf.8etch1_powerpc.deb
Size/MD5 checksum: 322436 779ccace55f22bdcf1ccd9212033b58d
http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-all-powerpc_2.6.24-6~etchnhalf.8etch1_powerpc.deb
Size/MD5 checksum: 82046 39a3cbedcbc4e13f997b7641394e3ad0
s390 architecture (IBM S/390)
http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-image-2.6.24-etchnhalf.1-s390-tape_2.6.24-6~etchnhalf.8etch1_s390.deb
Size/MD5 checksum: 1501738 7bf06e1f51092c18b512045444fba8e9
http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-s390_2.6.24-6~etchnhalf.8etch1_s390.deb
Size/MD5 checksum: 193848 6713da5dfd8696c27718075e6cb3fa03
http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-all-s390_2.6.24-6~etchnhalf.8etch1_s390.deb
Size/MD5 checksum: 82016 1668a7a797859f5d9e0a7af2ba1781b4
http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-image-2.6.24-etchnhalf.1-s390_2.6.24-6~etchnhalf.8etch1_s390.deb
Size/MD5 checksum: 6950110 9f8a8d765c71aaee7e94402626f413a1
http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-all_2.6.24-6~etchnhalf.8etch1_s390.deb
Size/MD5 checksum: 82002 0f37b246336adf27ce4d37776257ff95
http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-image-2.6.24-etchnhalf.1-s390x_2.6.24-6~etchnhalf.8etch1_s390.deb
Size/MD5 checksum: 7200396 de8ace94802f259aef088e9384a4ca6b
http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-s390x_2.6.24-6~etchnhalf.8etch1_s390.deb
Size/MD5 checksum: 194084 ea695f010b1916d50f1bdad2e85dd1f0
http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-common_2.6.24-6~etchnhalf.8etch1_s390.deb
Size/MD5 checksum: 3429706 8a40f944fa6b7c64353d76154bded277
sparc architecture (Sun SPARC/UltraSPARC)
http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-all-sparc_2.6.24-6~etchnhalf.8etch1_sparc.deb
Size/MD5 checksum: 82152 88b0f93df760ac992f30c1927d0144f7
http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-common_2.6.24-6~etchnhalf.8etch1_sparc.deb
Size/MD5 checksum: 3652306 42dda4de967328363df86bee8ba0c53b
http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-image-2.6.24-etchnhalf.1-sparc64_2.6.24-6~etchnhalf.8etch1_sparc.deb
Size/MD5 checksum: 13022916 93538efd19eae1488128df8a3a73b957
http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-sparc64_2.6.24-6~etchnhalf.8etch1_sparc.deb
Size/MD5 checksum: 263066 c796e2fd4e51ff6a66d9eec594c81386
http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-image-2.6.24-etchnhalf.1-sparc64-smp_2.6.24-6~etchnhalf.8etch1_sparc.deb
Size/MD5 checksum: 13317632 e50f9515e67c38d66c58f317bf2c9292
http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-sparc64-smp_2.6.24-6~etchnhalf.8etch1_sparc.deb
Size/MD5 checksum: 264930 a1d0ba75ee8eded18b4d97327ebd0291
http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-all_2.6.24-6~etchnhalf.8etch1_sparc.deb
Size/MD5 checksum: 82128 6c1ebe596b196e25cb0307f78ab1f358
These changes will probably be included in the oldstable distribution on
its next update.
- - ---------------------------------------------------------------------------------
For apt-get: deb http://security.debian.org/ stable/updates main
For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main
Mailing list: debian-security-announce@lists.debian.org
Package info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>
- -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
iD8DBQFJ/JE8huANDBmkLRkRAlzXAJwJvkPuUoKwLYQPFVnF7t2DRIkzjQCgg8zC
w+zXZAH5HPrUZ78bMIHk8Sw=
=KhiR
- -----END PGP SIGNATURE-----
- --------------------------END INCLUDED TEXT--------------------
You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.
NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members. As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.
NOTE: This is only the original release of the security bulletin. It may
not be updated when updates to the original are made. If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.
Contact information for the authors of the original document is included
in the Security Bulletin above. If you have any questions or need further
information, please contact them directly.
Previous advisories and external security bulletins can be retrieved from:
http://www.auscert.org.au/render.html?cid=1980
If you believe that your computer system has been compromised or attacked in
any way, we encourage you to let us know by completing the secure National IT
Incident Reporting Form at:
http://www.auscert.org.au/render.html?it=3192
===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072
Internet Email: auscert@auscert.org.au
Facsimile: (07) 3365 7031
Telephone: (07) 3365 4417 (International: +61 7 3365 4417)
AusCERT personnel answer during Queensland business hours
which are GMT+10:00 (AEST).
On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967
iD8DBQFJ/jzCNVH5XJJInbgRAlCbAJ9ljuu1zfYUecQHCRcToaDUgTYU5gCbBTyZ
7HCbCL6rBZzZ7kjpbuCY4Ys=
=6AAu
-----END PGP SIGNATURE-----