rename to reflect version number

git-svn-id: svn+ssh://svn.debian.org/svn/kernel-sec@2960 e094ebfe-e918-0410-adfb-c712417f3574

1 files changed, 116 insertions, 0 deletions

diff --git a/dsa-texts/3.2.41-2+deb7u2 b/dsa-texts/3.2.41-2+deb7u2
new file mode 100644
index 000000000..738403275
--- /dev/null
+++ b/dsa-texts/3.2.41-2+deb7u2
@@ -0,0 +1,116 @@
+----------------------------------------------------------------------
+Debian Security Advisory DSA-XXXX-1                security@debian.org
+http://www.debian.org/security/                           Dann Frazier
+May 15, 2013                        http://www.debian.org/security/faq
+----------------------------------------------------------------------
+
+Package        : linux
+Vulnerability  : privilege escalation/denial of service/information leak
+Problem type   : local/remote
+Debian-specific: no
+CVE Id(s)      : CVE-2013-0160 CVE-2013-1796 CVE-2013-1929 CVE-2013-1979
+                 CVE-2013-2015 CVE-2013-2094 CVE-2013-3076 CVE-2013-3222
+                 CVE-2013-3223 CVE-2013-3224 CVE-2013-3225 CVE-2013-3227
+                 CVE-2013-3228 CVE-2013-3229 CVE-2013-3231 CVE-2013-3234
+                 CVE-2013-3235 CVE-2013-3301
+
+Several vulnerabilities have been discovered in the Linux kernel that may lead
+to a denial of service, information leak or privilege escalation. The Common
+Vulnerabilities and Exposures project identifies the following problems:
+
+CVE-2013-0160
+CVE-2013-1796
+
+    Andrew Honig of Google reported an issue in the KVM subsystem. A user in
+    a guest operating system could corrupt kernel memory, resulting in a
+    denial of service.
+
+CVE-2013-1929
+
+    Oded Horovitz and Brad Spengler reported an issue in the device driver for
+    Broadcom Tigon3 based gigabit Ethernet. Users with the ability to attach
+    untrusted devices can create an overflow condition, resulting in a denial
+    of service or elevated privileges.
+
+CVE-2013-1979
+CVE-2013-2015
+
+    Theodore Ts'o provided a fix for an issue in the ext4 filesystem. Local
+    users with the ability to mount a specially crafted filesystem can cause
+    a denial of service (infinite loop).
+
+CVE-2013-2094
+CVE-2013-3076
+CVE-2013-3222
+
+    Mathias Krauss discovered an issue in the Asynchronous Transfer Mode (ATM)
+    protocol support. Local users can gain access to sensitive kernel memory.
+
+CVE-2013-3223
+
+    Mathias Krauss discovered an issue in the Amateur Radio AX.25 protocol
+    support. Local users can gain access to sensitive kernel memory.
+
+CVE-2013-3224
+
+    Mathias Krauss discovered an issue in the Bluetooth subsystem. Local users
+    can gain access to sensitive kernel memory.
+
+CVE-2013-3225
+
+    Mathias Krauss discovered an issue in the Bluetooth RFCOMM protocol
+    support. Local users can gain access to sensitive kernel memory.
+    
+CVE-2013-3227
+CVE-2013-3228
+
+    Mathias Krauss discovered an issue in the IrDA (infrared) subsystem
+    support. Local users can gain access to sensitive kernel memory.
+
+CVE-2013-3229
+
+    Mathias Krauss discovered an issue in the IUCV support on s390 systems.
+    Local users can gain access to sensitive kernel memory.
+
+CVE-2013-3231
+
+    Mathias Krauss discovered an issue in the ANSI/IEEE 802.2 LLC type 2
+    protocol support. Local users can gain access to sensitive kernel memory.
+
+CVE-2013-3234
+
+    Mathias Krauss discovered an issue in the Amateur Radio X.25 PLP (Rose)
+    protocol support. Local users can gain access to sensitive kernel memory.
+
+CVE-2013-3235
+
+    Mathias Krauss discovered an issue in the Transparent Inter Process
+    Communication (TIPC) protocol support. Local users can gain access to
+    sensitive kernel memory.
+
+CVE-2013-3301
+
+For the stable distribution (wheezy), this problem has been fixed in version
+3.2.41-2+deb7u1.
+
+The following matrix lists additional source packages that were rebuilt for
+compatibility with or to take advantage of this update:
+
+                                             Debian 7.0 (wheezy)
+     user-mode-linux                         XXXX
+
+We recommend that you upgrade your linux and user-mode-linux packages.
+
+Note: Debian carefully tracks all known security issues across every
+linux kernel package in all releases under active security support.
+However, given the high frequency at which low-severity security
+issues are discovered in the kernel and the resource requirements of
+doing an update, updates for lower priority issues will normally not
+be released for all kernels at the same time. Rather, they will be
+released in a staggered or "leap-frog" fashion.
+
+Further information about Debian Security Advisories, how to apply
+these updates to your system and frequently asked questions can be
+found at: http://www.debian.org/security/
+
+Mailing list: debian-security-announce@lists.debian.org