blob: 64a5853403a9f8b1e1e6655fb757984bac766d59 (
plain) (
blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
|
<define-tag description>LTS security update</define-tag>
<define-tag moreinfo>
<p>This security upload has been prepared in cooperation of the Debian Kernel,
Security and LTS Teams and features the upstream stable release 2.6.32.64 (see
<a href="https://lkml.org/lkml/2014/11/23/181">https://lkml.org/lkml/2014/11/23/181</a> for more information for that). It fixes
the CVEs described below.
<p><b>Note</b>: if you are using the openvz flavors, please consider three things: a.)
we haven't got any feedback on them (while we have for all other flavors) b.)
so do your test before deploying them and c.) once you have done so, please
give feedback to debian-lts@lists.debian.org.</p>
<p>If you are not using openvz flavors, please still consider b+c :-)</p>
<ul>
<li><a href="https://security-tracker.debian.org/tracker/CVE-2012-6657">CVE-2012-6657</a>
<p>Fix the sock_setsockopt function to prevent local users from being able to
cause a denial of service (system crash) attack.</p></li>
<li><a href="https://security-tracker.debian.org/tracker/CVE-2013-0228">CVE-2013-0228</a>
<p>Fix a XEN priviledge escalation, which allowed guest OS users to gain guest OS
priviledges.</p></li>
<li><a href="https://security-tracker.debian.org/tracker/CVE-2013-7266">CVE-2013-7266</a>
<p>Fix the mISDN_sock_recvmsg function to prevent local users from obtaining
sensitive information from kernel memory.</p></li>
<li><a href="https://security-tracker.debian.org/tracker/CVE-2014-4157">CVE-2014-4157</a>
<p>MIPS platform: prevent local users from bypassing intended PR_SET_SECCOMP
restrictions.</p></li>
<li><a href="https://security-tracker.debian.org/tracker/CVE-2014-4508">CVE-2014-4508</a>
<p>Prevent local users from causing a denial of service (OOPS and system crash)
when syscall auditing is enabled .</p></li>
<li><a href="https://security-tracker.debian.org/tracker/CVE-2014-4653">CVE-2014-4653</a>
<p><a href="https://security-tracker.debian.org/tracker/CVE-2014-4654">CVE-2014-4654</a>
<a href="https://security-tracker.debian.org/tracker/CVE-2014-4655">CVE-2014-4655</a></p>
<p>Fix the ALSA control implementation to prevent local users from causing a
denial of service attack and from obtaining sensitive information from kernel
memory.</p></li>
<li><a href="https://security-tracker.debian.org/tracker/CVE-2014-4943">CVE-2014-4943</a>
<p>Fix PPPoL2TP feature to prevent local users to from gaining privileges.</p></li>
<li><a href="https://security-tracker.debian.org/tracker/CVE-2014-5077">CVE-2014-5077</a>
<p>Prevent remote attackers from causing a denial of service attack involving
SCTP.</p></li>
<li><a href="https://security-tracker.debian.org/tracker/CVE-2014-5471">CVE-2014-5471</a>
<p><a href="https://security-tracker.debian.org/tracker/CVE-2014-5472">CVE-2014-5472</a></p>
<p>Fix the parse_rock_ridge_inode_internal function to prevent local users from
causing a denial of service attack via a crafted iso9660 images.</p></li>
<li><a href="https://security-tracker.debian.org/tracker/CVE-2014-9090">CVE-2014-9090</a>
<p>Fix the do_double_fault function to prevent local users from causing a denial
of service (panic) attack.</p></li>
</ul>
<p>For Debian 6 <q>Squeeze</q>, these issues have been fixed in linux-2.6 version 2.6.32-48squeeze9</p>
</define-tag>
# do not modify the following line
#include "$(ENGLISHDIR)/lts/security/2014/dla-103.data"
# $Id$
|
