[devel] q: kernel-image-std-smp +/- forcedeth

Dmitry V. Levin =?iso-8859-1?q?ldv_=CE=C1_altlinux=2Eorg?=
Пн Ноя 26 15:33:04 MSK 2007


On Mon, Nov 26, 2007 at 11:55:11AM +0200, Michael Shigorin wrote:
> On Mon, Nov 26, 2007 at 04:21:34AM +0300, QA Team Robot wrote:
> > kernel-image-std-pae - The Linux kernel (the core of the Linux operating system)
> > * Sat Nov 24 2007 Sergey Vlasov <vsu на altlinux> 2.6.18-alt9
> > - Security-related changes:
> >   + CVE-2006-6058: minix: limit printks on corrupted dir i_size
> >   + CVE-2007-2875: cpuset: fix information leak through /dev/cpuset/tasks
> >   + CVE-2007-2878: vfat: fix compat ioctls memory corruption on 64-bit systems
> >   + CVE-2007-3105: random: fix bound check ordering
> >   + CVE-2007-3513: usblcd: limit memory consumption during write
> >   + CVE-2007-3731 [1/2]: ptrace: handle bogus %cs in single-step decoding
> >   + CVE-2007-3731 [2/2]: i386: fix TRACE_IRQS_ON without proper segment setup
> >   + CVE-2007-3740: cifs: respect umask when unix extensions are enabled
> >   + CVE-2007-3843: cifs: fail mount if signing is requested but not supported
> >   + CVE-2007-3848: reset current->pdeath_signal on SUID binary execution
> >   + CVE-2007-4133: don't allow the stack to grow into hugetlb reserved regions
> >   + CVE-2007-4133: hugetlbfs: fix prio_tree unit
> >   + CVE-2007-4308: aacraid: require CAP_SYS_ADMIN for configuration ioctls
> >   + CVE-2007-4997: ieee80211: avoid integer underflow for runt rx frames
> >   + CVE-2007-5500: wait_task_stopped: Check p->exit_state, not TASK_TRACED
> > 
> > - Filesystem fixes:
> >   + locks: fix possible infinite loop in posix deadlock detection
> > 
> > - Updated BuildRequires (kernel-build-tools changed to rpm-build-kernel).
> > - Added BuildRequires(pre): rpm-build-kernel to get clean build in hasher.
> > * Sun Sep 23 2007 Sergey Vlasov <vsu на altlinux> 2.6.18-alt8
> > - CVE-2007-4573 (x86_64 only): Zero extend all registers after ptrace in 32bit
> >   entry path.
> > * Thu Aug 02 2007 Sergey Vlasov <vsu на altlinux> 2.6.18-alt7
> 
> Серёж, а с forcedeth-то что, или всё тот же старый-глючный? :(
> [#12221]

Это чистый secfix, обновление kernel-image-std-smp по forcedeth и др.
будет в следующем релизе пакета.


-- 
ldv
----------- следующая часть -----------
Было удалено вложение не в текстовом формате...
Имя     : =?iso-8859-1?q?=CF=D4=D3=D5=D4=D3=D4=D7=D5=C5=D4?=
Тип     : application/pgp-signature
Размер  : 189 байтов
Описание: =?iso-8859-1?q?=CF=D4=D3=D5=D4=D3=D4=D7=D5=C5=D4?=
Url     : <http://lists.altlinux.org/pipermail/devel/attachments/20071126/7d66f84b/attachment-0002.bin>


Подробная информация о списке рассылки Devel