diff options
Diffstat (limited to 'trunk/2.6.18/00000_README')
-rw-r--r-- | trunk/2.6.18/00000_README | 87 |
1 files changed, 87 insertions, 0 deletions
diff --git a/trunk/2.6.18/00000_README b/trunk/2.6.18/00000_README index 3eae5d1..9202654 100644 --- a/trunk/2.6.18/00000_README +++ b/trunk/2.6.18/00000_README @@ -196,9 +196,96 @@ Patches fix for CVE-2007-2242. Thanks to Brian Haley for the patch. (closes: Debian #440127) +/* This is already in Xen 3.2 30042_reset-pdeathsig-on-suid-upstream.patch Update fix for CVE-2007-3848 with the patch accepted upstream (formerly 30013_reset-pdeathsig-on-suid.patch) +*/ + +30043_don-t-leak-nt-bit-into-next-task-xen.patch + [SECURITY] Don't leak NT bit into next task (Xen). + See CVE-2006-5755 + +30044_cifs-better-failed-mount-errors.patch, +30045_cifs-corrupt-server-response-overflow.patch + [SECURITY][CIFS] Fix multiple overflows that can be remotely triggered + by a server sending a corrupt response. + See CVE-2007-5904 + +30046_wait_task_stopped-hang.patch + [SECURITY] wait_task_stopped was incorrectly testing for TASK_TRACED - + check p->exit_state instead avoiding a potential system hang + See CVE-2007-5500 + +30047_ieee80211-underflow.patch + [SECURITY] Fix integer overflow in ieee80211 which makes it possible + for a malicious frame to crash a system using a driver built on top of + the Linux 802.11 wireless code. + See CVE-2007-4997 + +30048_sysfs_readdir-NULL-deref-1.patch, +30049_sysfs_readdir-NULL-deref-2.patch, +30050_sysfs-fix-condition-check.patch + [SECURITY] Fix potential NULL pointer dereference which can lead to + a local DoS (kernel oops) + See CVE-2007-3104 + +30051_tmpfs-restore-clear_highpage.patch + [SECURITY] Fix a theoretical kernel memory leak in the tmpfs filesystem + See CVE-2007-6417 + +30052_minixfs-printk-hang.patch + [SECURITY] Rate-limit printks caused by accessing a corrupted minixfs + filesystem that would otherwise cause a system to hang (printk storm) + See CVE-2006-6058 + +30053_hrtimer-large-relative-timeouts-overflow.patch + [SECURITY] Avoid overflow in hrtimers due to large relative timeouts + See CVE-2007-5966 + +30054_coredump-only-to-same-uid.patch + [SECURITY] Fix an issue where core dumping over a file that + already exists retains the ownership of the original file + See CVE-2007-6206 + +30055_isdn-net-overflow.patch + [SECURITY] Fix potential overflows in the ISDN subsystem + See CVE-2007-6063 + +30056_proc-snd-page-alloc-mem-leak.patch + [SECURITY][ABI Changer] Fix an issue in the alsa subsystem that allows a + local user to read potentially sensitive kernel memory from the proc + filesystem + See CVE-2007-4571 + +30057_fat-move-ioctl-compat-code.patch +30058_bugfix/fat-fix-compat-ioctls.patch + [SECURITY][ABI Changer] Fix kernel_dirent corruption in the compat layer + for fat ioctls + See CVE-2007-2878 + +30059_vfs-use-access-mode-flag.patch + [SECURITY] Use the access mode flag instead of the open flag when + testing access mode for a directory. Modify + features/all/vserver/vs2.0.2.2-rc9.patch to apply on top of this + See CVE-2008-0001 + +30060_i4l-isdn_ioctl-mem-overrun.patch + [SECURITY] Fix potential isdn ioctl memory overrun + See CVE-2007-6151 + +30061_vmsplice-security.patch + [SECURITY] Fix missing access check in vmsplice. + See CVE-2008-0010, CVE-2008-0600 + +30062_clear-spurious-irq.patch + Fix a minor denial of service issue that allows local users to disable + an interrupt by causing an interrupt handler to be quickly inserted/removed. + This has only been shown to happen with certain serial devices so can only + be triggered by a user who already has additional priveleges (dialout + group). (closes: Debian #404815) + + 50009_gentooify-tls-warning.patch Change tls warning instructions to apply directly to Gentoo. |