When 2.6.18-6 kernel image will be updated?
2008/2/11, Debian Bug Tracking System <[EMAIL PROTECTED]>: > > > Your message dated > with message-id <[EMAIL PROTECTED]> > and subject line Bug#464945: fixed in linux-2.6 2.6.24-4 > has caused the Debian Bug report #464945, > regarding linux-image-2.6.18-6-686: Exploit for vmsplice work for > linux-image-2.18-5-686 (CVE-2008-0009/10) > to be marked as done. > > This means that you claim that the problem has been dealt with. > If this is not the case it is now your responsibility to reopen the > Bug report if necessary, and/or fix the problem forthwith. > > (NB: If you are a system administrator and have no idea what this > message is talking about, this may indicate a serious mail system > misconfiguration somewhere. Please contact [EMAIL PROTECTED] > immediately.) > > > -- > 464945: http://bugs.debian.org/cgi-bin//464945 > Debian Bug Tracking System > Contact [EMAIL PROTECTED] with problems > > > ---------- Пересылаемое сообщение ---------- > From: Bastian Blank <[EMAIL PROTECTED]> > To: [EMAIL PROTECTED] > Date: Mon, 11 Feb 2008 13:02:15 +0000 > Subject: Bug#464945: fixed in linux-2.6 2.6.24-4 > Source: linux-2.6 > Source-Version: 2.6.24-4 > > We believe that the bug you reported is fixed in the latest version of > linux-2.6, which is due to be installed in the Debian FTP archive: > > linux-2.6_2.6.24-4.diff.gz > to pool/main/l/linux-2.6/linux-2.6_2.6.24-4.diff.gz > linux-2.6_2.6.24-4.dsc > to pool/main/l/linux-2.6/linux-2.6_2.6.24-4.dsc > linux-doc-2.6.24_2.6.24-4_all.deb > to pool/main/l/linux-2.6/linux-doc-2.6.24_2.6.24-4_all.deb > linux-headers-2.6.24-1-all-powerpc_2.6.24-4_powerpc.deb > to pool/main/l/linux-2.6/linux- > headers-2.6.24-1-all-powerpc_2.6.24-4_powerpc.deb > linux-headers-2.6.24-1-all_2.6.24-4_powerpc.deb > to pool/main/l/linux-2.6/linux-headers-2.6.24-1-all_2.6.24-4_powerpc.deb > linux-headers-2.6.24-1-common_2.6.24-4_powerpc.deb > to pool/main/l/linux-2.6/linux- > headers-2.6.24-1-common_2.6.24-4_powerpc.deb > linux-headers-2.6.24-1-powerpc-miboot_2.6.24-4_powerpc.deb > to pool/main/l/linux-2.6/linux- > headers-2.6.24-1-powerpc-miboot_2.6.24-4_powerpc.deb > linux-headers-2.6.24-1-powerpc-smp_2.6.24-4_powerpc.deb > to pool/main/l/linux-2.6/linux- > headers-2.6.24-1-powerpc-smp_2.6.24-4_powerpc.deb > linux-headers-2.6.24-1-powerpc64_2.6.24-4_powerpc.deb > to pool/main/l/linux-2.6/linux- > headers-2.6.24-1-powerpc64_2.6.24-4_powerpc.deb > linux-headers-2.6.24-1-powerpc_2.6.24-4_powerpc.deb > to pool/main/l/linux-2.6/linux- > headers-2.6.24-1-powerpc_2.6.24-4_powerpc.deb > linux-image-2.6.24-1-powerpc-miboot_2.6.24-4_powerpc.deb > to pool/main/l/linux-2.6/linux- > image-2.6.24-1-powerpc-miboot_2.6.24-4_powerpc.deb > linux-image-2.6.24-1-powerpc-smp_2.6.24-4_powerpc.deb > to pool/main/l/linux-2.6/linux- > image-2.6.24-1-powerpc-smp_2.6.24-4_powerpc.deb > linux-image-2.6.24-1-powerpc64_2.6.24-4_powerpc.deb > to pool/main/l/linux-2.6/linux- > image-2.6.24-1-powerpc64_2.6.24-4_powerpc.deb > linux-image-2.6.24-1-powerpc_2.6.24-4_powerpc.deb > to pool/main/l/linux-2.6/linux- > image-2.6.24-1-powerpc_2.6.24-4_powerpc.deb > linux-libc-dev_2.6.24-4_powerpc.deb > to pool/main/l/linux-2.6/linux-libc-dev_2.6.24-4_powerpc.deb > linux-manual-2.6.24_2.6.24-4_all.deb > to pool/main/l/linux-2.6/linux-manual-2.6.24_2.6.24-4_all.deb > linux-patch-debian-2.6.24_2.6.24-4_all.deb > to pool/main/l/linux-2.6/linux-patch-debian-2.6.24_2.6.24-4_all.deb > linux-source-2.6.24_2.6.24-4_all.deb > to pool/main/l/linux-2.6/linux-source-2.6.24_2.6.24-4_all.deb > linux-support-2.6.24-1_2.6.24-4_all.deb > to pool/main/l/linux-2.6/linux-support-2.6.24-1_2.6.24-4_all.deb > linux-tree-2.6.24_2.6.24-4_all.deb > to pool/main/l/linux-2.6/linux-tree-2.6.24_2.6.24-4_all.deb > > > > A summary of the changes between this version and the previous one is > attached. > > Thank you for reporting the bug, which will now be closed. If you > have further comments please address them to [EMAIL PROTECTED], > and the maintainer will reopen the bug report if appropriate. > > Debian distribution maintenance software > pp. > Bastian Blank <[EMAIL PROTECTED]> (supplier of updated linux-2.6 package) > > (This message was generated automatically at their request; if you > believe that there is a problem with it please contact the archive > administrators by mailing [EMAIL PROTECTED]) > > > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > Format: 1.7 > Date: Mon, 11 Feb 2008 12:29:23 +0100 > Source: linux-2.6 > Binary: linux-source-2.6.24 linux-doc-2.6.24 linux-manual-2.6.24 > linux-patch-debian-2.6.24 linux-tree-2.6.24 > linux-support-2.6.24-1linux-libc-dev > linux-headers-2.6.24-1-all linux-headers-2.6.24-1-all-alpha > linux-headers-2.6.24-1-common linux-image-2.6.24-1-alpha-generic > linux-headers-2.6.24-1-alpha-generic linux-image-2.6.24-1-alpha-smp > linux-headers-2.6.24-1-alpha-smp linux-image-2.6.24-1-alpha-legacy > linux-headers-2.6.24-1-alpha-legacy linux-headers-2.6.24-1-all-amd64 > linux-image-2.6.24-1-amd64 linux-headers-2.6.24-1-amd64 > linux-headers-2.6.24-1-all-arm linux-image-2.6.24-1-footbridge > linux-headers-2.6.24-1-footbridge linux-image-2.6.24-1-iop32x > linux-headers-2.6.24-1-iop32x linux-image-2.6.24-1-ixp4xx > linux-headers-2.6.24-1-ixp4xx linux-headers-2.6.24-1-all-armel > linux-image-2.6.24-1-versatile linux-headers-2.6.24-1-versatile > linux-headers-2.6.24-1-all-hppa linux-image-2.6.24-1-parisc > linux-headers-2.6.24-1-parisc linux-image-2.6.24-1-parisc-smp > linux-headers-2.6.24-1-parisc-smp linux-image-2.6.24-1-parisc64 > linux-headers-2.6.24-1-parisc64 linux-image-2.6.24-1-parisc64-smp > linux-headers-2.6.24-1-parisc64-smp linux-headers-2.6.24-1-all-i386 > linux-image-2.6.24-1-486 linux-headers-2.6.24-1-486 > linux-image-2.6.24-1-686 linux-headers-2.6.24-1-686 > linux-image-2.6.24-1-686-bigmem linux-headers-2.6.24-1-686-bigmem > linux-headers-2.6.24-1-common-xen linux-image-2.6.24-1-xen-686 > linux-modules-2.6.24-1-xen-686 linux-headers-2.6.24-1-xen-686 > linux-headers-2.6.24-1-all-ia64 linux-image-2.6.24-1-itanium > linux-headers-2.6.24-1-itanium linux-image-2.6.24-1-mckinley > linux-headers-2.6.24-1-mckinley linux-headers-2.6.24-1-all-m68k > linux-image-2.6.24-1-amiga linux-headers-2.6.24-1-amiga > linux-image-2.6.24-1-atari linux-headers-2.6.24-1-atari > linux-image-2.6.24-1-bvme6000 linux-headers-2.6.24-1-bvme6000 > linux-image-2.6.24-1-mac linux-headers-2.6.24-1-mac > linux-image-2.6.24-1-mvme147 linux-headers-2.6.24-1-mvme147 > linux-image-2.6.24-1-mvme16x linux-headers-2.6.24-1-mvme16x > linux-headers-2.6.24-1-all-mips linux-image-2.6.24-1-r4k-ip22 > linux-headers-2.6.24-1-r4k-ip22 linux-image-2.6.24-1-r5k-ip32 > linux-headers-2.6.24-1-r5k-ip32 linux-image-2.6.24-1-sb1-bcm91250a > linux-headers-2.6.24-1-sb1-bcm91250a linux-image-2.6.24-1-sb1a-bcm91480b > linux-headers-2.6.24-1-sb1a-bcm91480b linux-image-2.6.24-1-4kc-malta > linux-headers-2.6.24-1-4kc-malta linux-image-2.6.24-1-5kc-malta > linux-headers-2.6.24-1-5kc-malta linux-headers-2.6.24-1-all-mipsel > linux-image-2.6.24-1-r5k-cobalt linux-headers-2.6.24-1-r5k-cobalt > linux-headers-2.6.24-1-all-powerpc linux-image-2.6.24-1-powerpc > linux-headers-2.6.24-1-powerpc linux-image-2.6.24-1-powerpc-smp > linux-headers-2.6.24-1-powerpc-smp linux-image-2.6.24-1-powerpc-miboot > linux-headers-2.6.24-1-powerpc-miboot linux-image-2.6.24-1-powerpc64 > linux-headers-2.6.24-1-powerpc64 linux-headers-2.6.24-1-all-s390 > linux-image-2.6.24-1-s390 linux-headers-2.6.24-1-s390 > linux-image-2.6.24-1-s390-tape linux-image-2.6.24-1-s390x > linux-headers-2.6.24-1-s390x linux-headers-2.6.24-1-all-sparc > linux-image-2.6.24-1-sparc64 linux-headers-2.6.24-1-sparc64 > linux-image-2.6.24-1-sparc64-smp linux-headers-2.6.24-1-sparc64-smp > Architecture: source all powerpc > Version: 2.6.24-4 > Distribution: unstable > Urgency: low > Maintainer: Debian Kernel Team <[EMAIL PROTECTED]> > Changed-By: Bastian Blank <[EMAIL PROTECTED]> > Description: > linux-doc-2.6.24 - Linux kernel specific documentation for version 2.6.24 > linux-headers-2.6.24-1-all - All header files for Linux 2.6.24 > linux-headers-2.6.24-1-all-powerpc - All header files for Linux 2.6.24 > linux-headers-2.6.24-1-common - Common header files for Linux 2.6.24 > linux-headers-2.6.24-1-powerpc - Header files for Linux 2.6.24 on > uniprocessor 32-bit PowerPC > linux-headers-2.6.24-1-powerpc-miboot - Header files for Linux 2.6.24 on > 32-bit PowerPC for miboot floppy > linux-headers-2.6.24-1-powerpc-smp - Header files for Linux 2.6.24 on > multiprocessor 32-bit PowerPC > linux-headers-2.6.24-1-powerpc64 - Header files for Linux 2.6.24 on 64-bit > PowerPC > linux-image-2.6.24-1-powerpc - Linux 2.6.24 image on uniprocessor 32-bit > PowerPC > linux-image-2.6.24-1-powerpc-miboot - Linux 2.6.24 image on 32-bit PowerPC > for miboot floppy > linux-image-2.6.24-1-powerpc-smp - Linux 2.6.24 image on multiprocessor > 32-bit PowerPC > linux-image-2.6.24-1-powerpc64 - Linux 2.6.24 image on 64-bit PowerPC > linux-libc-dev - Linux Kernel Headers for development > linux-manual-2.6.24 - Linux kernel API manual pages for version 2.6.24 > linux-patch-debian-2.6.24 - Debian patches to version 2.6.24 of the Linux > kernel > linux-source-2.6.24 - Linux kernel source for version 2.6.24 with Debian > patches > linux-support-2.6.24-1 - Support files for Linux 2.6.24 > linux-tree-2.6.24 - Linux kernel source tree for building Debian kernel > images > Closes: 464945 > Changes: > linux-2.6 (2.6.24-4) unstable; urgency=low > . > * Add stable release 2.6.24.1: > - splice: missing user pointer access verification (CVE-2008-0009/10) > - drm: the drm really should call pci_set_master.. > - Driver core: Revert "Fix Firmware class name collision" > - fix writev regression: pan hanging unkillable and un-straceable > - sched: fix high wake up latencies with FAIR_USER_SCHED > - sched: let +nice tasks have smaller impact > - b43: Reject new firmware early > - selinux: fix labeling of /proc/net inodes > - b43legacy: fix DMA slot resource leakage > - b43legacy: drop packets we are not able to encrypt > - b43legacy: fix suspend/resume > - b43legacy: fix PIO crash > - b43: Fix dma-slot resource leakage > - b43: Drop packets we are not able to encrypt > - b43: Fix suspend/resume > - sky2: fix for WOL on some devices > - sky2: restore multicast addresses after recovery > - x86: restore correct module name for apm > - ACPI: update ACPI blacklist > - PCI: Fix fakephp deadlock > - sys_remap_file_pages: fix ->vm_file accounting > - lockdep: annotate epoll > - forcedeth: mac address mcp77/79 > - USB: Fix usb_serial_driver structure for Kobil cardreader driver. > - USB: handle idVendor of 0x0000 > - USB: fix usbtest halt check on big endian systems > - USB: storage: Add unusual_dev for HP r707 > - USB: Variant of the Dell Wireless 5520 driver > - USB: use GFP_NOIO in reset path > - USB: ftdi driver - add support for optical probe device > - USB: pl2303: add support for RATOC REX-USB60F > - USB: remove duplicate entry in Option driver and Pl2303 driver for > Huawei modem > - USB: sierra: add support for Onda H600/Zte MF330 datacard to USB > Driver for Sierra Wireless > - USB: ftdi-sio: Patch to add vendor/device id for ATK_16IC CCD > - USB: ftdi_sio - enabling multiple ELV devices, adding EM1010PC > - USB: sierra driver - add devices > - USB: Adding YC Cable USB Serial device to pl2303 > - USB: Sierra - Add support for Aircard 881U > - USB: add support for 4348:5523 WinChipHead USB->RS 232 adapter > - USB: CP2101 New Device IDs > - usb gadget: fix fsl_usb2_udc potential OOPS > - USB: keyspan: Fix oops > - vm audit: add VM_DONTEXPAND to mmap for drivers that need it > (CVE-2008-0007) > - slab: fix bootstrap on memoryless node > - DVB: cx23885: add missing subsystem ID for Hauppauge HVR1800 Retail > . > [ Martin Michlmayr ] > * [arm/ixp4xx] Enble ATA_OVER_ETH, requested by Nicola Fankhauser. > * [arm/iop32x] Enble ATA_OVER_ETH. > . > [ Bastian Blank ] > * Add stable release 2.6.24.2: > - splice: fix user pointer access in get_iovec_page_array() > (CVE-2008-0600, closes: #464945) > Files: > 971296a07704875d7715091e0bb75fa6 4297 devel optional > linux-2.6_2.6.24-4.dsc > 5ca0c43e61b9280c6da7d5459b0b71e7 3631758 devel optional > linux-2.6_2.6.24-4.diff.gz > 27722bc163f7f822db3421a390a31e3f 4276114 doc optional > linux-doc-2.6.24_2.6.24-4_all.deb > 6b6a10398d37a67a27cc298617d7ba97 1551686 doc optional > linux-manual-2.6.24_2.6.24-4_all.deb > b2156c5a8008c08f3bfe2c4e1daccb55 579984 devel optional > linux-patch-debian-2.6.24_2.6.24-4_all.deb > 8cfe0bce60323fe9cf616c251a9e9698 45935430 devel optional > linux-source-2.6.24_2.6.24-4_all.deb > b778e8daf4adcabb87825ee272476f61 89446 devel optional > linux-support-2.6.24-1_2.6.24-4_all.deb > 8f7777e7926044546d99a2b0d53372f0 75042 devel optional > linux-tree-2.6.24_2.6.24-4_all.deb > 37198b9515743c34e09a033f7e565829 19087100 admin optional > linux-image-2.6.24-1-powerpc_2.6.24-4_powerpc.deb > ed4e26cdd8a1a29aa4424d07bad29d5b 310040 devel optional > linux-headers-2.6.24-1-powerpc_2.6.24-4_powerpc.deb > 8bbab6ec1551f35bb810097aa8d06b67 17348568 admin optional > linux-image-2.6.24-1-powerpc-miboot_2.6.24-4_powerpc.deb > a60112ce3490c810b0fcddb273e2cdcc 282226 devel optional > linux-headers-2.6.24-1-powerpc-miboot_2.6.24-4_powerpc.deb > b477b49c49a62f562e4742bd68b06fc0 19377568 admin optional > linux-image-2.6.24-1-powerpc-smp_2.6.24-4_powerpc.deb > 2c59656e83fd96b2a92751be5b3ea76e 309208 devel optional > linux-headers-2.6.24-1-powerpc-smp_2.6.24-4_powerpc.deb > 827ec84b09b0270e4f2f25c11b19e3e8 21017926 admin optional > linux-image-2.6.24-1-powerpc64_2.6.24-4_powerpc.deb > 44b17a3fcc22864616ce26d650b75fbe 310680 devel optional > linux-headers-2.6.24-1-powerpc64_2.6.24-4_powerpc.deb > ca0d043d0c5a9744382e386d36b78589 3594522 devel optional > linux-headers-2.6.24-1-common_2.6.24-4_powerpc.deb > 351478c946bee64fd5c9992d1345a7f2 74678 devel optional > linux-headers-2.6.24-1-all_2.6.24-4_powerpc.deb > 8c83a9794df77eda176d12aae59c6ffa 74710 devel optional > linux-headers-2.6.24-1-all-powerpc_2.6.24-4_powerpc.deb > c21f01619e4dda2a66a5929ea0e7793d 714566 devel optional > linux-libc-dev_2.6.24-4_powerpc.deb > > -----BEGIN PGP SIGNATURE----- > Version: GnuPG v1.4.6 (GNU/Linux) > > iEYEARECAAYFAkewRPgACgkQxWtQqFixGB7T3QCfUPviowvW0LyXZOCMEIznxc0e > OdkAn1Gp0QjWbTjcon3vv/mC893kblkP > =759s > -----END PGP SIGNATURE----- > > > > > ---------- Пересылаемое сообщение ---------- > From: Okulov Vitaliy <[EMAIL PROTECTED]> > To: Debian Bug Tracking System <[EMAIL PROTECTED]> > Date: Sun, 10 Feb 2008 03:19:20 +0300 > Subject: linux-image-2.6.18-6-686: Exploit for vmsplice work for > linux-image-2.18-5-686 (CVE-2008-0009/10) > Package: linux-image-2.6.18-6-686 > Version: 2.6.18.dfsg.1-17etch1 > Severity: critical > Tags: security > Justification: root security hole > > > Just try explot from http://www.milw0rm.com/exploits/5092 at my > linux-image-2.6.18-5-686 kernel. And it works. Please backport patch > from 2.6.24.1 kernel (CVE-2008-0009/10). > > -- System Information: > Debian Release: 4.0 > APT prefers stable > APT policy: (500, 'stable') > Architecture: i386 (i686) > Shell: /bin/sh linked to /bin/bash > Kernel: Linux 2.6.18-5-686 > Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) > > Versions of packages linux-image-2.6.18-6-686 depends on: > ii coreutils 5.97-5.3 The GNU core utilities > ii debconf [debconf-2.0] 1.5.11etch1 Debian configuration > management sy > ii initramfs-tools [linux-initr 0.85h tools for generating an > initramfs > ii module-init-tools 3.3-pre4-2 tools for managing Linux > kernel mo > > Versions of packages linux-image-2.6.18-6-686 recommends: > ii libc6-i686 2.3.6.ds1-13etch4 GNU C Library: Shared > libraries [i > > -- debconf information: > shared/kernel-image/really-run-bootloader: true > linux-image-2.6.18-6-686/preinst/elilo-initrd-2.6.18-6-686: true > linux-image-2.6.18-6-686/preinst/already-running-this-2.6.18-6-686: > linux-image-2.6.18-6-686/postinst/depmod-error-2.6.18-6-686: false > linux-image-2.6.18-6-686/preinst/initrd-2.6.18-6-686: > linux-image-2.6.18-6-686/postinst/old-initrd-link-2.6.18-6-686: true > linux-image-2.6.18-6-686/preinst/bootloader-initrd-2.6.18-6-686: true > linux-image-2.6.18-6-686/preinst/abort-install-2.6.18-6-686: > linux-image-2.6.18-6-686/preinst/lilo-has-ramdisk: > linux-image-2.6.18-6-686/preinst/overwriting-modules-2.6.18-6-686: true > linux-image-2.6.18-6-686/postinst/bootloader-error-2.6.18-6-686: > linux-image-2.6.18-6-686/prerm/would-invalidate-boot-loader-2.6.18-6-686: > true > linux-image-2.6.18-6-686/postinst/bootloader-test-error-2.6.18-6-686: > linux-image-2.6.18-6-686/postinst/create-kimage-link-2.6.18-6-686: true > linux-image-2.6.18-6-686/postinst/depmod-error-initrd-2.6.18-6-686: > false > linux-image-2.6.18-6-686/preinst/lilo-initrd-2.6.18-6-686: true > linux-image-2.6.18-6-686/postinst/old-dir-initrd-link-2.6.18-6-686: true > linux-image-2.6.18-6-686/preinst/failed-to-move-modules-2.6.18-6-686: > linux-image-2.6.18-6-686/preinst/abort-overwrite-2.6.18-6-686: > linux-image-2.6.18-6-686/prerm/removing-running-kernel-2.6.18-6-686: > true > linux-image-2.6.18-6-686/postinst/old-system-map-link-2.6.18-6-686: true > linux-image-2.6.18-6-686/postinst/kimage-is-a-directory: > > > >
