im reformatting crazy

git-svn-id: svn+ssh://svn.debian.org/svn/kernel-sec@2327 e094ebfe-e918-0410-adfb-c712417f3574

1 files changed, 57 insertions, 60 deletions

diff --git a/dsa-texts/2.6.32-34squeeze1 b/dsa-texts/2.6.32-34squeeze1
index b4a4463b..1676f877 100644
--- a/dsa-texts/2.6.32-34squeeze1
+++ b/dsa-texts/2.6.32-34squeeze1
@@ -19,9 +19,9 @@ CVE Id(s)      : CVE-2010-3875 CVE-2011-0695 CVE-2011-0711 CVE-2011-0726
                  CVE-2011-1776 CVE-2011-2022
 Debian Bug(s)  : 
                  
-Several vulnerabilities have been discovered in the Linux kernel that
-may lead to a denial of service or privilege escalation. The Common
-Vulnerabilities and Exposures project identifies the following problems:
+Several vulnerabilities have been discovered in the Linux kernel that may lead
+to a denial of service or privilege escalation. The Common Vulnerabilities and
+Exposures project identifies the following problems:
 
 CVE-2010-3875
 
@@ -31,8 +31,8 @@ CVE-2010-3875
 
 CVE-2011-0695
 
-    Jens Kuehnel reported an issue in the InfiniBand stack. Remote attackers
-    can exploit a race condition to cause a denial of service (kernel panic).
+    Jens Kuehnel reported an issue in the InfiniBand stack. Remote attackers can
+    exploit a race condition to cause a denial of service (kernel panic).
 
 CVE-2011-0711
 
@@ -50,24 +50,24 @@ CVE-2011-1016
     Marek Olšák discovered an issue in the driver for ATI/AMD Radeon video
     chips. Local users could pass arbitrary values to video memory and the
     graphics translation table, resulting in denial of service or escalated
-    privileges. On default Debian installations, this is exploitable only
-    by members of the 'video' group.
+    privileges. On default Debian installations, this is exploitable only by
+    members of the 'video' group.
 
 CVE-2011-1078
 
-    Vasiliy Kulikov discovered an issue in the Bluetooth subsystem. Local
-    users can obtain access to sensitive kernel memory.
+    Vasiliy Kulikov discovered an issue in the Bluetooth subsystem. Local users
+    can obtain access to sensitive kernel memory.
 
 CVE-2011-1079
 
-    Vasiliy Kulikov discovered an issue in the Bluetooth subsystem. Local
-    users with the CAP_NET_ADMIN capability can cause a denial of service
-    (kernel Oops).
+    Vasiliy Kulikov discovered an issue in the Bluetooth subsystem. Local users
+    with the CAP_NET_ADMIN capability can cause a denial of service (kernel
+    Oops).
     
 CVE-2011-1080
 
-    Vasiliy Kulikov discovered an issue in the Netfilter subsystem. Local
-    users can obtain access to sensitive kernel memory.
+    Vasiliy Kulikov discovered an issue in the Netfilter subsystem. Local users
+    can obtain access to sensitive kernel memory.
 
 CVE-2011-1090
 
@@ -77,16 +77,15 @@ CVE-2011-1090
 
 CVE-2011-1160
 
-    Peter Huewe reported an issue in the Linux kernel's support for TPM
-    security chips. Local users with permission to open the device can
-    gain access to sensitive kernel memory.
+    Peter Huewe reported an issue in the Linux kernel's support for TPM security
+    chips. Local users with permission to open the device can gain access to
+    sensitive kernel memory.
 
 CVE-2011-1163
 
-    Timo Warns reported an issue in the kernel support for Alpha OSF format
-    disk partitions. Users with physical access can gain access to sensitive
-    kernel memory by adding a storage device with a specially crafted
-    OSF partition.
+    Timo Warns reported an issue in the kernel support for Alpha OSF format disk
+    partitions. Users with physical access can gain access to sensitive kernel
+    memory by adding a storage device with a specially crafted OSF partition.
 
 CVE-2011-1170
 
@@ -109,14 +108,14 @@ CVE-2011-1172
 CVE-2011-1173
 
     Vasiliy Kulikov reported an issue in the Acorn Econet protocol
-    implementation. Local users can obtain access to sensitive kernel memory
-    on systems that use this rare hardware.
+    implementation. Local users can obtain access to sensitive kernel memory on
+    systems that use this rare hardware.
 
 CVE-2011-1180
 
     Dan Rosenberg reported a buffer overflow in the Information Access Service
-    of the IrDA protocol, used for Infrared devices. Remote attackers within
-    IR device range can cause a denial of service or possibly gain elevated
+    of the IrDA protocol, used for Infrared devices. Remote attackers within IR
+    device range can cause a denial of service or possibly gain elevated
     privileges.
 
 CVE-2011-1182
@@ -143,11 +142,10 @@ CVE-2011-1477
 
 CVE-2011-1478
 
-    Ryan Sweat reported an issue in the Generic Receive Offload (GRO) support
-    in the Linux networking subsystem. If an interface has GRO enabled and
-    is running in promiscuous mode, remote users can cause a denial of
-    service (NULL pointer dereference) by sending packets on an unknown
-    VLAN.
+    Ryan Sweat reported an issue in the Generic Receive Offload (GRO) support in
+    the Linux networking subsystem. If an interface has GRO enabled and is
+    running in promiscuous mode, remote users can cause a denial of service
+    (NULL pointer dereference) by sending packets on an unknown VLAN.
 
 CVE-2011-1493
 
@@ -157,11 +155,11 @@ CVE-2011-1493
 
 CVE-2011-1494
 
-    Dan Rosenberg reported an issue in the /dev/mpt2ctl interface provided
-    by the driver for LSI MPT Fusion SAS 2.0 controllers. Local users can
-    obtain elevated privileges by specially crafted ioctl calls. On default
-    Debian installations this is not exploitable as this interface is only
-    accessible to root.
+    Dan Rosenberg reported an issue in the /dev/mpt2ctl interface provided by
+    the driver for LSI MPT Fusion SAS 2.0 controllers. Local users can obtain
+    elevated privileges by specially crafted ioctl calls. On default Debian
+    installations this is not exploitable as this interface is only accessible
+    to root.
 
 CVE-2011-1495
 
@@ -191,35 +189,35 @@ CVE-2011-1598
 CVE-2011-1745
 
     Vasiliy Kulikov reported an issue in the Linux support for AGP devices.
-    Local users can obtain elevated privileges or cause a denial of service
-    due to missing bounds checking in the AGPIOC_BIND ioctl. On default Debian
+    Local users can obtain elevated privileges or cause a denial of service due
+    to missing bounds checking in the AGPIOC_BIND ioctl. On default Debian
     installations, this is exploitable only by users in the video group.
 
 CVE-2011-1746
 
     Vasiliy Kulikov reported an issue in the Linux support for AGP devices.
-    Local users can obtain elevated privileges or cause a denial of service
-    due to missing bounds checking in the agp_allocate_memory and
-    agp_create_user_memory. On default Debian installations, this is
-    exploitable only by users in the video group.
+    Local users can obtain elevated privileges or cause a denial of service due
+    to missing bounds checking in the agp_allocate_memory and
+    agp_create_user_memory. On default Debian installations, this is exploitable
+    only by users in the video group.
 
 CVE-2011-1748
 
-    Oliver Kartkopp reported an issue in the Controller Area Network (CAN)
-    raw socket implementation which permits ocal users to cause a NULL
-    pointer dereference, resulting in a denial of service.
+    Oliver Kartkopp reported an issue in the Controller Area Network (CAN) raw
+    socket implementation which permits ocal users to cause a NULL pointer
+    dereference, resulting in a denial of service.
     
 CVE-2011-1759
 
     Dan Rosenberg reported an issue in the support for executing "old ABI"
-    binaries on ARM processors. Local users can obtain elevated privileges
-    due to insufficient bounds checking in the semtimedop system call.
+    binaries on ARM processors. Local users can obtain elevated privileges due
+    to insufficient bounds checking in the semtimedop system call.
 
 CVE-2011-1767
 
     Alexecy Dobriyan reported an issue in the GRE over IP implementation.
-    Remote users can cause a denial of service by sending a packet during
-    module initialization.
+    Remote users can cause a denial of service by sending a packet during module
+    initialization.
 
 CVE-2011-1770
 
@@ -230,28 +228,27 @@ CVE-2011-1770
 CVE-2011-1776
 
     Timo Warns reported an issue in the Linux implementation for GUID
-    partitions. Users with physical access can gain access to sensitive
-    kernel memory by adding a storage device with a specially crafted
-    corrupted invalid partition table.
+    partitions. Users with physical access can gain access to sensitive kernel
+    memory by adding a storage device with a specially crafted corrupted invalid
+    partition table.
 
 CVE-2011-2022
 
     Vasiliy Kulikov reported an issue in the Linux support for AGP devices.
-    Local users can obtain elevated privileges or cause a denial of service
-    due to missing bounds checking in the AGPIOC_UNBIND ioctl. On default
-    Debian installations, this is exploitable only by users in the video group.
+    Local users can obtain elevated privileges or cause a denial of service due
+    to missing bounds checking in the AGPIOC_UNBIND ioctl. On default Debian
+    installations, this is exploitable only by users in the video group.
 
 This update also includes fixes a regression introduced by a previous
 update. See the referenced Debian bug page for details.
 
-For the stable distribution (lenny), this problem has been fixed in
-version 2.6.32-34squeeze1.
+For the stable distribution (lenny), this problem has been fixed in version
+2.6.32-34squeeze1.
 
-We recommend that you upgrade your linux-2.6 and user-mode-linux
-packages.
+We recommend that you upgrade your linux-2.6 and user-mode-linux packages.
 
-The following matrix lists additional source packages that were
-rebuilt for compatibility with or to take advantage of this update:
+The following matrix lists additional source packages that were rebuilt for
+compatibility with or to take advantage of this update:
 
                                              Debian 5.0 (lenny)
      user-mode-linux                         2.6.26-1um-2+24lenny1