I've been running the Debian 2.6.8-3-686-smp kernel image happily for a
while. However today I did a update/upgrade which involved updating the
image (attachment has details from apt-listchanges) and, as told during
installation of these, I rebooted as soon as apt-get had completed.
However I can no longer boot my machine. The error I get is:
pivot_root: no such file or directory
/sbin/init:432: cannot open dev/console: No such file
I also note that during boot up the SATA disks now seem to be labelled hda
(etc) - they used to be sda (etc). Despite changing that on the GRUB boot
line I still cannot log in. I do (or did?!) have a nVidia module but I
presume that is not the issue since the boot doesn't get far enough to
load X etc.
Can anybody advise on how to fix this? Thanks, Michael
apache2 (2.0.54-5sarge1) stable-security; urgency=high
* Non-maintainer upload by The Security Team.
* Added 047_rewrite_off_by_one_CVE-2006-3747, fixing an off-by-one
error in mod_rewrite. [CVE-2006-3747]
-- Steve Kemp <[EMAIL PROTECTED]> Fri, 28 Jul 2006 09:50:36 +0000
gimp (2.2.6-1sarge1) stable-security; urgency=high
* Non-maintainer upload by the Security Team:
Fix buffer overflow in XCF parser, discovered by Henning Makholm.
[CVE-2006-3404]
-- Moritz Muehlenhoff <[EMAIL PROTECTED]> Thu, 13 Jul 2006 21:31:08 +0200
kernel-image-2.6.8-i386 (2.6.8-16sarge4) stable-security; urgency=high
* Build against kernel-tree-2.6.8-16sarge4:
* proc-environ-race-1.dpatch, proc-environ-race-2.dpatch
[SECURITY] Fix local root vulnerability caused by a race in proc
See CVE-2006-3626
-- dann frazier <[EMAIL PROTECTED]> Sat, 15 Jul 2006 02:23:36 -0600
kernel-image-2.6.8-i386 (2.6.8-16sarge3) stable-security; urgency=high
* Build against kernel-tree-2.6.8-16sarge3:
* net-protocol-mod-refcounts-pre.dpatch, net-protocol-mod-refcounts.dpatch
[SECURITY] Fix potential DoS (panic) cause by inconsistent reference
counting in network protocol modules.
See CVE-2005-3359
* netfilter-do_replace-overflow.dpatch
[SECURITY] Fix buffer overflow in netfilter do_replace which can could
be triggered by users with CAP_NET_ADMIN rights.
See CVE-2006-0038
* sys_mbind-sanity-checking.dpatch
[SECURITY] Make sure maxnodes is safe size before calculating nlongs in
get_nodes() to prevent a local DoS vulnerability.
See CVE-2006-0557
* smbfs-chroot-escape.dpatch
[SECURITY] Fix directory traversal vulnerability in smbfs that permits
local users to escape chroot restrictions
See CVE-2006-1864
* perfmon-exit-race.dpatch
[SECURITY][ia64] Fix local denial of service vulnerability (oops) in
the ia64 perfmon subsystem
See CVE-2006-0558
* ia64-die_if_kernel-returns.dpatch
[SECURITY][ia64] Fix a potential local DoS on ia64 systems caused by
an incorrect 'noreturn' attribute on die_if_kernel()
See CVE-2006-0742
* smbfs-chroot-escape.dpatch
[SECURITY] Fix directory traversal vulnerability in smbfs that permits
local users to escape chroot restrictions
See CVE-2006-1863
* binfmt-bad-elf-entry-address.dpatch
[SECURITY][amd64] Fix potential local DoS vulnerability in the binfmt_elf
code on em64t processors
See CVE-2006-0741
* em64t-uncanonical-return-addr.dpatch
[SECURITY][amd64] Fix local DoS vulnerability on em64t systems that
arises when returning program control using SYSRET
See CVE-2006-0744
* sctp-discard-unexpected-in-closed.dpatch
[SECURITY] Fix remote DoS in SCTP code by discarding unexpected chunks
received in CLOSED state instead of calling BUG()
See CVE-2006-2271
* ipv4-id-no-increment.dpatch
[SECURITY] Fix vulnerability that allows remote attackers to conduct an
Idle Scan attack, bypassing intended protections against such attacks
See CVE-2006-1242
* usb-gadget-rndis-bufoverflow.dpatch
[SECURITY] Fix buffer overflow in the USB Gadget RNDIS implementation that
allows for a remote DoS attack (kmalloc'd memory corruption)
See CVE-2006-1368
* group_complete_signal-BUG_ON.dpatch
[SECURITY] Fix improper use of BUG_ON in __group_complete_signal()
See CVE-2006-1523
* madvise_remove-restrict.dpatch
[SECURITY] Fix vulnerability that allows local users to bypass IPC
permissions and replace portions of read-only tmpfs files with zeroes.
See CVE-2006-1524
* mcast-ip-route-null-deref.dpatch
[SECURITY] Fix local DoS vulnerability that allows local users to panic
a system by requesting a route for a multicast IP
See CVE-2006-1525
* sctp-fragment-recurse.dpatch
[SECURITY] Fix remote DoS vulnerability that can lead to infinite
recursion when a packet containing two or more DATA fragments is received
See CVE-2006-2274
* sctp-fragmented-receive-fix.dpatch
[SECURITY] Fix remote DoS vulnerability that allows IP fragmented
COOKIE_ECHO and HEARTBEAT SCTP control chunks to cause a kernel panic
See CVE-2006-2272
* amd64-fp-reg-leak-dep[1-3].dpatch, amd64-fp-reg-leak.dpatch
[SECURITY][amd64] Fix an information leak that allows a process to see
a portion of the floating point state of other processes, possibly
exposing sensitive information.
See CVE-2006-1056
* do_add_counters-race.dpatch
[SECURITY] Fix race condition in the do_add_counters() function in
netfilter that allows local users with CAP_NET_ADMIN capabilities to
read kernel memory
See CVE-2006-0039
* s390-strnlen_user-return.dpatch
[SECURITY][s390] Fix local DoS on s390 that may result from strnlen_user
returning a value that is too large
See CVE-2006-0456
* xfs-ftruncate-leak.dpatch
[SECURITY] Fix leak in the ftruncate call in the XFS filesystem that may
permit local users to view sensitive information
See CVE-2006-0554
* nfs-another-O_DIRECT-fix.dpatch
[SECURITY] Fix a potential local DoS vulnerability in the NFS O_DIRECT
code
See CVE-2006-0555
* sctp-hb-ack-overflow.dpatch
[SECURITY] Fix a remote buffer overflow that can result from a badly
formatted HB-ACK chunk
See CVE-2006-1857
* sctp-param-bound-checks.dpatch
[SECURITY] Fix a bound checking error (remote DoS) in the SCTP parameter
checking code
See CVE-2006-1858
-- dann frazier <[EMAIL PROTECTED]> Sat, 20 May 2006 04:05:23 -0500
kernel-image-2.6.8-i386 (2.6.8-16sarge2) stable-security; urgency=high
* Build against kernel-tree-2.6.8-16sarge2
* Increment ABI to -3
-- dann frazier <[EMAIL PROTECTED]> Wed, 1 Feb 2006 00:03:47 -0700
libtunepimp (0.3.0-3sarge2) stable-security; urgency=high
* Non-maintainer upload by the Security Team
* Applied missing bit of the patch by Kevin Kofler to fix buffer
overflows [lib/lookuptools.cpp, CVE-2006-3600]
* Applied patch by Robert Jordens
-- Martin Schulze <[EMAIL PROTECTED]> Mon, 24 Jul 2006 08:28:58 +0200
libtunepimp (0.3.0-3sarge1) stable-security; urgency=high
* Non-maintainer upload by the Security Team
* Applied patch by Kevin Kofler to fix buffer overflows
[lib/lookuptools.cpp, CVE-2006-3600]
-- Martin Schulze <[EMAIL PROTECTED]> Sun, 23 Jul 2006 20:23:48 +0200
openoffice.org (1.1.3-9sarge3) stable-security; urgency=high
* ooo-build/patches/OOO_1_1/sax-xml-2-utf8-converter-extra-1.1.x.diff:
add addiitional patch for the file format patch needed for OOo < 1.1.5
-- Rene Engelhard <[EMAIL PROTECTED]> Fri, 30 Jun 2006 10:04:57 +0000
openoffice.org (1.1.3-9sarge2) stable-security; urgency=high
* ooo-build/patches/OOO_1_1/sax+source+expatwrap+xml2utf.cxx.diff:
security patch again (from upstream); fix memory corruption bug;
it was possible to write values to arbritrary memory when
opening special files. (CVE-2006-3117)
-- Rene Engelhard <[EMAIL PROTECTED]> Thu, 22 Jun 2006 18:17:46 +0000
openoffice.org (1.1.3-9sarge1) stable-security; urgency=high
* ooo-build/patches/OOO_1_1/6438334-macros-so7-sfx2.diff: add patch
from upstream to fix macro handling security bug; it was possible to
embed macros in documents without OOo seeing them and executing them
without any user interaction. (CVE-2006-2198)
* ooo-build/patches/OOO_1_1/6438333-applets-so7-officecfg.diff: add patch
from upstream to disable Java applets feature because it's possible
to write Java applets breaking out of the sandbox (NB: the normal
packages don't build with Java so are not affected, but the
openoffice.org-java addon package is) (CVE-2006-2199)
* debian/scripts/vars.i386: disable mozab on i386, too; uses mozilla
*1.0* code and is a security nightmare. Already done pre-sarge for ppc,
s390 and sparc but forgotten for i386 :/
* debian/MANIFEST.i386: update
-- Rene Engelhard <[EMAIL PROTECTED]> Fri, 16 Jun 2006 09:43:32 +0000
samba (3.0.14a-3sarge2) stable-security; urgency=high
* Non-maintainer upload by the Security Team:
Fix anonymous memory exhaustion DoS. [CVE-2006-3403]
-- Moritz Muehlenhoff <[EMAIL PROTECTED]> Thu, 13 Jul 2006 20:44:12 +0200
ppp (2.4.3-20050321+2sarge1) stable-security; urgency=medium
* Non-maintainer upload by the Security Team
* Applied patch by Marcus Meissner to honor the return value of a
potentially failing setuid() call [pppd/plugins/winbind.c,
debian/patches/zzz-CVE-2006-2194]
-- Martin Schulze <[EMAIL PROTECTED]> Sat, 3 Jun 2006 20:31:13 +0200
