From 7ac4339f1c5e673d4e452fc50547cb8ac6b42e55 Mon Sep 17 00:00:00 2001
From: dann frazier <dannf@debian.org>
Date: Sun, 24 Feb 2013 22:44:21 +0000
Subject: new text

git-svn-id: svn+ssh://svn.debian.org/svn/kernel-sec@2818 e094ebfe-e918-0410-adfb-c712417f3574
---
 dsa-texts/2.6.32-48squeeze1 | 46 +++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 46 insertions(+)
 create mode 100644 dsa-texts/2.6.32-48squeeze1

(limited to 'dsa-texts/2.6.32-48squeeze1')

diff --git a/dsa-texts/2.6.32-48squeeze1 b/dsa-texts/2.6.32-48squeeze1
new file mode 100644
index 00000000..c0800942
--- /dev/null
+++ b/dsa-texts/2.6.32-48squeeze1
@@ -0,0 +1,46 @@
+----------------------------------------------------------------------
+Debian Security Advisory DSA-XXXX-1                security@debian.org
+http://www.debian.org/security/                           Dann Frazier
+February 25, 2013                   http://www.debian.org/security/faq
+----------------------------------------------------------------------
+
+Package        : linux-2.6
+Vulnerability  : privilege escalation/denial of service
+Problem type   : local
+Debian-specific: no
+CVE Id(s)      : CVE-2013-0231 CVE-2013-0871
+
+Several vulnerabilities have been discovered in the Linux kernel that may lead
+to a denial of service or privilege escalation. The Common Vulnerabilities and
+Exposures project identifies the following problems:
+
+CVE-2013-0231
+
+    Jan Beulich provided a fix for an issue in the Xen PCI backend drivers.
+    Users of guests on a system using passed-through PCI devices can create
+    a denial of service of the host system due to the use of non-ratelimited
+    kernel log messages.
+
+CVE-2013-0871
+
+    Suleiman Souhlal and Salman Qazi of Google, with help from Aaron Durbin
+    and Michael Davidson of Google, discovered an issue in the
+    ptrace subsystem. Due to a race condition with PTRACE_SETREGS, local users
+    can cause kernel stack corruption and execution of arbitrary code.
+
+For the stable distribution (squeeze), this problem has been fixed in version
+2.6.32-48squeeze1.
+
+The following matrix lists additional source packages that were rebuilt for
+compatibility with or to take advantage of this update:
+
+                                             Debian 6.0 (squeeze)
+     user-mode-linux                         2.6.32-1um-4+48squeeze1
+
+We recommend that you upgrade your linux-2.6 and user-mode-linux packages.
+
+Further information about Debian Security Advisories, how to apply
+these updates to your system and frequently asked questions can be
+found at: http://www.debian.org/security/
+
+Mailing list: debian-security-announce@lists.debian.org
-- 
cgit v1.2.3