diff options
Diffstat (limited to 'polish/security/2004/dsa-481.wml')
-rw-r--r-- | polish/security/2004/dsa-481.wml | 62 |
1 files changed, 62 insertions, 0 deletions
diff --git a/polish/security/2004/dsa-481.wml b/polish/security/2004/dsa-481.wml new file mode 100644 index 00000000000..2bef9c24be3 --- /dev/null +++ b/polish/security/2004/dsa-481.wml @@ -0,0 +1,62 @@ +#use wml::debian::translation-check translation="1.3" maintainer="" +#pddp arteek +<define-tag description>several vulnerabilities</define-tag> +<define-tag moreinfo> +<p>Several serious problems have been discovered in the Linux kernel. +This update takes care of Linux 2.4.17 for the IA-64 architecture. +The Common Vulnerabilities and Exposures project identifies the +following problems that will be fixed with this update:</p> + +<ul> + +<li><a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0003">CAN-2004-0003</a> + + <p>A vulnerability has been discovered in the R128 DRI driver in the Linux + kernel which could potentially lead an attacker to gain + unauthorised privileges. Alan Cox and Thomas Biege developed a + correction for this.</p> + +<li><a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0010">CAN-2004-0010</a> + + <p>Arjan van de Ven discovered a stack-based buffer overflow in the + ncp_lookup function for ncpfs in the Linux kernel, which could + lead an attacker to gain unauthorised privileges. Petr Vandrovec + developed a correction for this.</p> + +<li><a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0109">CAN-2004-0109</a> + + <p>zen-parse discovered a buffer overflow vulnerability in the + ISO9660 filesystem component of Linux kernel which could be abused + by an attacker to gain unauthorised root access. Sebastian + Krahmer and Ernie Petrides developed a correction for this.</p> + +<li><a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0177">CAN-2004-0177</a> + + <p>Solar Designer discovered an information leak in the ext3 code of + Linux. In a worst case an attacker could read sensitive data such + as cryptographic keys which would otherwise never hit disk media. + Theodore Ts'o developed a correction for this.</p> + +<li><a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0178">CAN-2004-0178</a> + + <p>Andreas Kies discovered a denial of service condition in the Sound + Blaster driver in Linux. He also developed a correction for this.</p> + +</ul> + +<p>These problems are also fixed by upstream in Linux 2.4.26 and will be +fixed in Linux 2.6.6.</p> + +<p>For the stable distribution (woody) these problems have been fixed in +version 011226.17 for Linux 2.4.17.</p> + +<p>For the unstable distribution (sid) these problems have been fixed in +version 2.4.25-5 for Linux 2.4.25 and in version 2.6.5-1 for Linux +2.6.5.</p> + +<p>We recommend that you upgrade your kernel packages immediately, either +with a Debian provided kernel or with a self compiled one.</p> +</define-tag> + +# do not modify the following line +#include "$(ENGLISHDIR)/security/2004/dsa-481.data" |