[ddh-sys] apt-listchanges: changelogs for less

root root op ddh.nl
Zo Feb 14 13:35:33 CET 2010


linux-2.6 (2.6.26-21lenny3) stable-security; urgency=high

  * Additional fixes for CVE-2010-0307
  * Build fix for CVE-2010-0291 change on powerpc64
  * KVM: PIT: control word is write-only (CVE-2010-0309)
  * connector: Delete buggy notification code. (CVE-2010-0410)
  * Fix potential crash with sys_move_pages (CVE-2010-0415)
  * KVM: emulator privilege escalation (CVE-2010-0298)
  * KVM: emulator privilege escalation IOPL/CPL level check (CVE-2010-0306)

 -- dann frazier <dannf op debian.org>  Tue, 09 Feb 2010 22:28:22 -0700

linux-2.6 (2.6.26-21lenny2) stable-security; urgency=high

  [ dann frazier ]
  * Fix build failure on hppa & mipsen due to missing #include
  * Port CVE-2010-0291 fix to xen featureset
  
  [ Ben Hutchings ]
  * cdc_ether: Do not set link down initially; not all devices send link
    change interrupts (Closes: #567689)

  [ dann frazier ]
  * Split 'flush_old_exec' into two functions (CVE-2010-0307)

 -- dann frazier <dannf op debian.org>  Mon, 01 Feb 2010 23:47:42 -0700

linux-2.6 (2.6.26-21lenny1) stable-security; urgency=high

  [ dann frazier ]
  * mac80211: fix spurious delBA handling (CVE-2009-4027)
  * e1000: enhance frame fragment detection (CVE-2009-4536)
  * e1000e: enhance frame fragment detection (CVE-2009-4538)
  * Fix several issues with mmap/mremap (CVE-2010-0291)
  * [SCSI] megaraid_sas: remove sysfs poll_mode_io world writeable
    permissions (CVE-2009-3939)
 
  [ Ben Hutchings ]
  * kernel/signal.c: fix kernel information leak with print-fatal-signals=1
    (CVE-2010-0003)
  * netfilter: ebtables: enforce CAP_NET_ADMIN (CVE-2010-0007)

 -- dann frazier <dannf op debian.org>  Fri, 29 Jan 2010 17:20:16 -0700

mysql-dfsg-5.0 (5.0.51a-24+lenny3) stable-security; urgency=high

  * Non-maintainer upload by the Security Team.
  * Backport upstream fix for CVE-2009-4019: does not properly handle errors
    during execution of certain SELECT statements with subqueries, and does not
    preserve certain null_value flags during execution of statements that use
    the GeomFromWKB function.
  * Backport upstream fix for CVE-2009-4030: bypass certain privilege checks
    by calling CREATE TABLE on a MyISAM table with modified DATA DIRECTORY
    or INDEX DIRECTORY arguments that are originally associated with pathnames
    without symlinks, and that can point to tables created at a future time at
    which a pathname is modified to contain a symlink to a subdirectory of the
    MySQL data home directory.
  * Backport upstream fix for CVE-2009-4484: Multiple stack-based buffer
    overflows in the CertDecoder::GetName function in yaSSL
  * Update SSL certificates in the test suite.

 -- Giuseppe Iuculano <iuculano op debian.org>  Sat, 13 Feb 2010 00:14:52 +0100




More information about the ddh-sys mailing list