__________________________________________________________
The U.S. Department of Energy
Computer Incident Advisory Capability
___ __ __ _ ___
/ | /_\ /
\___ __|__ / \ \___
__________________________________________________________
INFORMATION BULLETIN
kernel-source-2.6.8
[DSA-1017-1]
March 24, 2006 22:00 GMT Number Q-155
[REVISED 07 Apr 2006]
[REVISED 25 May 2006]
[REVISED 20 May 2006]
[REVISED 14 July 2006]
[REVISED 21 Jul 2006]
[REVISED 11 Aug 2006]
______________________________________________________________________________
PROBLEM: Allows local users to gain privileges.
PLATFORM: Debian GNU/Linux 3.1 (sarge)
Red Hat Desktop (v. 3 & v. 4)
Red Hat Enterprise Linux AS, ES, WS (v. 2.1, V. 3, & v. 4)
Debian GNU/Linux 3.0 alias woody
DAMAGE: Allows local users to gain privileges.
SOLUTION: Apply current patches.
______________________________________________________________________________
VULNERABILITY The risk is LOW. Allows local users to gain privileges.
ASSESSMENT:
______________________________________________________________________________
LINKS:
CIAC BULLETIN: http://www.ciac.org/ciac/bulletins/q-155.shtml
ORIGINAL BULLETIN: http://www.debian.org/security/2006/dsa-1017
ADDITIONAL LINKS: Debian Security Advisory DSA-1018-2
http://www.debian.org/security/2006/dsa-1018
Red Hat Security Advisory RHSA-2006:0493-6
https://rhn.redhat.com/errata/RHSA-2006-0493.html
Debian Security Advisory DSA-1082-1
http://www.debian.org/security/2006/dsa-1082
RHSA-2006:0579-12
https://rhn.redhat.com/errata/RHSA-2006-0579.html
RHSA-2006:0580-7
https://rhn.redhat.com/errata/RHSA-2006-0580.html
RHSA-2006:0437-22
https://rhn.redhat.com/errata/RHSA-2006-0437.html
RHSA-2006:0575-22
https://rhn.redhat.com/errata/RHSA-2006-0575.html
CVE: http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3257
______________________________________________________________________________
REVISION HISTORY:
04/07/06 - added a link to Debian Security Advisory DSA-1018-2 for Debian GNU/Linux 3.1 sarge.
05/25/06 - added a link to Red Hat Security Advisory RHSA-2006:0493-6 for updates to Red Hat Desktop (v. 4), Red Hat Enterprise Linux AS, ES, WS (v. 4)
05/30/06 - added a link to Debian Security Adivisory DSA-1082-1 for Debian GNU/Linux 3.0 alias woody.
07/14/06 - added links to Red Hat Security Advisories RHSA-2006:0579-12 and RHSA-2006:0580-7.
07/21/06 - added a link to Red Hat Security Advisory RHSA-2006:0437-22 for Red
Hat Desktop (v. 3) and Enterprise Linux AS, ES, WS (v. 3).
08/11/06 - added a link to Red Hat Security Advisory RHSA-2006:0437-22 for Red
Hat Desktop (v. 4) and Enterprise Linux AS, ES, WS (v. 4).
[***** Start DSA-1017-1 *****]
Debian Security Advisory
DSA-1017-1 kernel-source-2.6.8 -- several vulnerabilities
Date Reported:
23 Mar 2006
Affected Packages:
kernel-source-2.6.8
Vulnerable:
Yes
Security database references:
In the Debian bugtracking system: Bug 295949, Bug 334113, Bug 330287,
Bug 332587, Bug 332596, Bug 330343, Bug 330353, Bug 327416.
In Mitre's CVE dictionary: CVE-2004-1017, CVE-2005-0124, CVE-2005-0449,
CVE-2005-2457, CVE-2005-2490, CVE-2005-2555, CVE-2005-2709, CVE-2005-2800,
CVE-2005-2973, CVE-2005-3044, CVE-2005-3053, CVE-2005-3055, CVE-2005-3180,
CVE-2005-3181, CVE-2005-3257, CVE-2005-3356, CVE-2005-3358, CVE-2005-3783,
CVE-2005-3784, CVE-2005-3806, CVE-2005-3847, CVE-2005-3848, CVE-2005-3857,
CVE-2005-3858, CVE-2005-4605, CVE-2005-4618, CVE-2006-0095, CVE-2006-0096,
CVE-2006-0482, CVE-2006-1066.
More information:
Several local and remote vulnerabilities have been discovered in the Linux
kernel that may lead to a denial of service or the execution of arbitrary
code. The Common Vulnerabilities and Exposures project identifies the
following problems:
CVE-2004-1017
Multiple overflows exist in the io_edgeport driver which might be usable as
a denial of service attack vector.
CVE-2005-0124
Bryan Fulton reported a bounds checking bug in the coda_pioctl function
which may allow local users to execute arbitrary code or trigger a denial
of service attack.
CVE-2005-0449
An error in the skb_checksum_help() function from the netfilter framework
has been discovered that allows the bypass of packet filter rules or a
denial of service attack.
CVE-2005-2457
Tim Yamin discovered that insufficient input validation in the zisofs
driver for compressed ISO file systems allows a denial of service attack
through maliciously crafted ISO images.
CVE-2005-2490
A buffer overflow in the sendmsg() function allows local users to execute
arbitrary code.
CVE-2005-2555
Herbert Xu discovered that the setsockopt() function was not restricted to
users/processes with the CAP_NET_ADMIN capability. This allows attackers
to manipulate IPSEC policies or initiate a denial of service attack.
CVE-2005-2709
Al Viro discovered a race condition in the /proc handling of network
devices. A (local) attacker could exploit the stale reference after
interface shutdown to cause a denial of service or possibly execute code
in kernel mode.
CVE-2005-2800
Jan Blunck discovered that repeated failed reads of /proc/scsi/sg/devices
leak memory, which allows a denial of service attack.
CVE-2005-2973
Tetsuo Handa discovered that the udp_v6_get_port() function from the
IPv6 code can be forced into an endless loop, which allows a denial of
service attack.
CVE-2005-3044
Vasiliy Averin discovered that the reference counters from sockfd_put()
and fput() can be forced into overlapping, which allows a denial of
service attack through a null pointer dereference.
CVE-2005-3053
Eric Dumazet discovered that the set_mempolicy() system call accepts a
negative value for its first argument, which triggers a BUG() assert.
This allows a denial of service attack.
CVE-2005-3055
Harald Welte discovered that if a process issues a USB Request Block
(URB) to a device and terminates before the URB completes, a stale
pointer would be dereferenced. This could be used to trigger a denial
of service attack.
CVE-2005-3180
Pavel Roskin discovered that the driver for Orinoco wireless cards
clears its buffers insufficiently. This could leak sensitive information
into user space.
CVE-2005-3181
Robert Derr discovered that the audit subsystem uses an incorrect
function to free memory, which allows a denial of service attack.
CVE-2005-3257
Rudolf Polzer discovered that the kernel improperly restricts access
to the KDSKBSENT ioctl, which can possibly lead to privilege escalation.
CVE-2005-3356
Doug Chapman discovered that the mq_open syscall can be tricked into
decrementing an internal counter twice, which allows a denial of service
attack through a kernel panic.
CVE-2005-3358
Doug Chapman discovered that passing a zero bitmask to the
set_mempolicy() system call leads to a kernel panic, which allows a
denial of service attack.
CVE-2005-3783
The ptrace code using CLONE_THREAD didn't use the thread group ID to
determine whether the caller is attaching to itself, which allows a
denial of service attack.
CVE-2005-3784
The auto-reaping of child processes functionality included ptraced-
attached processes, which allows denial of service through dangling
references.
CVE-2005-3806
Yen Zheng discovered that the IPv6 flow label code modified an incorrect
variable, which could lead to memory corruption and denial of service.
CVE-2005-3847
It was discovered that a threaded real-time process, which is currently
dumping core can be forced into a dead-lock situation by sending it a
SIGKILL signal, which allows a denial of service attack.
CVE-2005-3848
Ollie Wild discovered a memory leak in the icmp_push_reply() function,
which allows denial of service through memory consumption.
CVE-2005-3857
Chris Wright discovered that excessive allocation of broken file lock
leases in the VFS layer can exhaust memory and fill up the system
logging, which allows denial of service.
CVE-2005-3858
Patrick McHardy discovered a memory leak in the ip6_input_finish()
function from the IPv6 code, which allows denial of service.
CVE-2005-4605
Karl Janmar discovered that a signedness error in the procfs code can be
exploited to read kernel memory, which may disclose sensitive information.
CVE-2005-4618
Yi Ying discovered that sysctl does not properly enforce the size of a
buffer, which allows a denial of service attack.
CVE-2006-0095
Stefan Rompf discovered that dm_crypt does not clear an internal struct
before freeing it, which might disclose sensitive information.
CVE-2006-0096
It was discovered that the SDLA driver's capability checks were too lax
for firmware upgrades.
CVE-2006-0482
Ludovic Courtes discovered that get_compat_timespec() performs insufficient
input sanitizing, which allows a local denial of service attack.
CVE-2006-1066
It was discovered that ptrace() on the ia64 architecture allows a local
denial of service attack, when preemption is enabled.
The following matrix explains which kernel version for which architecture
fix the problems mentioned above:
Debian 3.1 (sarge)
Source 2.6.8-16sarge2
Alpha architecture 2.6.8-16sarge2
AMD64 architecture 2.6.8-16sarge2
HP Precision architecture 2.6.8-6sarge2
Intel IA-32 architecture 2.6.8-16sarge2
Intel IA-64 architecture 2.6.8-14sarge2
Motorola 680x0 architecture 2.6.8-4sarge2
PowerPC architecture 2.6.8-12sarge2
IBM S/390 architecture 2.6.8-5sarge2
Sun Sparc architecture 2.6.8-15sarge2
The following matrix lists additional packages that were rebuilt for
compatibility with or to take advantage of this update:
Debian 3.1 (sarge)
kernel-latest-2.6-alpha 101sarge1
kernel-latest-2.6-amd64 103sarge1
kernel-latest-2.6-hppa 2.6.8-1sarge1
kernel-latest-2.6-sparc 101sarge1
kernel-latest-2.6-i386 101sarge1
kernel-latest-powerpc 102sarge1
fai-kernels 1.9.1sarge1
hostap-modules-i386 0.3.7-1sarge1
mol-modules-2.6.8 0.9.70+2.6.8+12sarge1
ndiswrapper-modules-i386 1.1-2sarge1
We recommend that you upgrade your kernel package immediately and reboot
the machine. If you have built a custom kernel from the kernel source
package, you will need to rebuild to take advantage of these fixes.
This update introduces a change in the kernel's binary interface, the
affected kernel packages inside Debian have been rebuilt, if you're running
local addons you'll need to rebuild these as well. Due to the change in
the package name you need to use apt-get dist-upgrade to update your system.
Fixed in:
Debian GNU/Linux 3.1 (sarge)
Source:
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-
m68k/kernel-image-2.6.8-m68k_2.6.8-4sarge2.dsc
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-
m68k/kernel-image-2.6.8-m68k_2.6.8-4sarge2.tar.gz
http://security.debian.org/pool/updates/main/k/kernel-source-2.6.8/kernel-
source-2.6.8_2.6.8-16sarge2.dsc
http://security.debian.org/pool/updates/main/k/kernel-source-2.6.8/kernel-
source-2.6.8_2.6.8-16sarge2.diff.gz
http://security.debian.org/pool/updates/main/k/kernel-source-2.6.8/kernel-
source-2.6.8_2.6.8.orig.tar.gz
http://security.debian.org/pool/updates/main/k/kernel-latest-2.6-
amd64/kernel-latest-2.6-amd64_103sarge1.dsc
http://security.debian.org/pool/updates/main/k/kernel-latest-2.6-
amd64/kernel-latest-2.6-amd64_103sarge1.tar.gz
http://security.debian.org/pool/updates/main/k/kernel-latest-2.6-
alpha/kernel-latest-2.6-alpha_101sarge1.dsc
http://security.debian.org/pool/updates/main/k/kernel-latest-2.6-
alpha/kernel-latest-2.6-alpha_101sarge1.tar.gz
http://security.debian.org/pool/updates/main/k/kernel-latest-2.6-
sparc/kernel-latest-2.6-sparc_101sarge1.dsc
http://security.debian.org/pool/updates/main/k/kernel-latest-2.6-
sparc/kernel-latest-2.6-sparc_101sarge1.tar.gz
http://security.debian.org/pool/updates/main/k/kernel-latest-2.6-
hppa/kernel-latest-2.6-hppa_2.6.8-1sarge1.dsc
http://security.debian.org/pool/updates/main/k/kernel-latest-2.6-
hppa/kernel-latest-2.6-hppa_2.6.8-1sarge1.tar.gz
http://security.debian.org/pool/updates/main/f/fai-kernels/fai-kernels_
1.9.1sarge1.dsc
http://security.debian.org/pool/updates/main/f/fai-kernels/fai-kernels_
1.9.1sarge1.tar.gz
http://security.debian.org/pool/updates/main/k/kernel-latest-
powerpc/kernel-latest-powerpc_102sarge1.dsc
http://security.debian.org/pool/updates/main/k/kernel-latest-
powerpc/kernel-latest-powerpc_102sarge1.tar.gz
http://security.debian.org/pool/updates/main/k/kernel-latest-2.6-
i386/kernel-latest-2.6-i386_101sarge1.dsc
http://security.debian.org/pool/updates/main/k/kernel-latest-2.6-
i386/kernel-latest-2.6-i386_101sarge1.tar.gz
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-
i386/kernel-image-2.6.8-i386_2.6.8-16sarge2.dsc
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-
i386/kernel-image-2.6.8-i386_2.6.8-16sarge2.tar.gz
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-
hppa/kernel-image-2.6.8-hppa_2.6.8-6sarge2.dsc
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-
hppa/kernel-image-2.6.8-hppa_2.6.8-6sarge2.tar.gz
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-
amd64/kernel-image-2.6.8-amd64_2.6.8-16sarge2.dsc
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-
amd64/kernel-image-2.6.8-amd64_2.6.8-16sarge2.tar.gz
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-
alpha/kernel-image-2.6.8-alpha_2.6.8-16sarge2.dsc
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-
alpha/kernel-image-2.6.8-alpha_2.6.8-16sarge2.tar.gz
http://security.debian.org/pool/updates/main/k/kernel-patch-powerpc-
2.6.8/kernel-patch-powerpc-2.6.8_2.6.8-12sarge2.dsc
http://security.debian.org/pool/updates/main/k/kernel-patch-powerpc-
2.6.8/kernel-patch-powerpc-2.6.8_2.6.8-12sarge2.tar.gz
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-
ia64/kernel-image-2.6.8-ia64_2.6.8-14sarge2.dsc
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-
ia64/kernel-image-2.6.8-ia64_2.6.8-14sarge2.tar.gz
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-
s390/kernel-image-2.6.8-s390_2.6.8-5sarge2.dsc
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-
s390/kernel-image-2.6.8-s390_2.6.8-5sarge2.tar.gz
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-
sparc/kernel-image-2.6.8-sparc_2.6.8-15sarge2.dsc
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-
sparc/kernel-image-2.6.8-sparc_2.6.8-15sarge2.tar.gz
http://security.debian.org/pool/updates/main/m/mol-modules-2.6.8/mol-
modules-2.6.8_0.9.70+2.6.8+12sarge1.dsc
http://security.debian.org/pool/updates/main/m/mol-modules-2.6.8/mol-
modules-2.6.8_0.9.70+2.6.8+12sarge1.tar.gz
http://security.debian.org/pool/updates/main/h/hostap-modules-i386/hostap-
modules-i386_0.3.7-1sarge1.dsc
http://security.debian.org/pool/updates/main/h/hostap-modules-i386/hostap-
modules-i386_0.3.7-1sarge1.tar.gz
http://security.debian.org/pool/updates/main/n/ndiswrapper-modules-
i386/ndiswrapper-modules-i386_1.1-2sarge1.dsc
http://security.debian.org/pool/updates/main/n/ndiswrapper-modules-
i386/ndiswrapper-modules-i386_1.1-2sarge1.tar.gz
Alpha:
http://security.debian.org/pool/updates/main/k/kernel-latest-2.6-
alpha/kernel-headers-2.6-generic_101sarge1_alpha.deb
http://security.debian.org/pool/updates/main/k/kernel-latest-2.6-
alpha/kernel-headers-2.6-smp_101sarge1_alpha.deb
http://security.debian.org/pool/updates/main/k/kernel-latest-2.6-
alpha/kernel-image-2.6-generic_101sarge1_alpha.deb
http://security.debian.org/pool/updates/main/k/kernel-latest-2.6-
alpha/kernel-image-2.6-smp_101sarge1_alpha.deb
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-
alpha/kernel-headers-2.6.8-2_2.6.8-16sarge1_alpha.deb
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-
alpha/kernel-headers-2.6.8-2-generic_2.6.8-16sarge1_alpha.deb
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-
alpha/kernel-headers-2.6.8-2-smp_2.6.8-16sarge1_alpha.deb
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-
alpha/kernel-headers-2.6.8-3_2.6.8-16sarge2_alpha.deb
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-
alpha/kernel-headers-2.6.8-3-generic_2.6.8-16sarge2_alpha.deb
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-
alpha/kernel-headers-2.6.8-3-smp_2.6.8-16sarge2_alpha.deb
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-
alpha/kernel-image-2.6.8-2-generic_2.6.8-16sarge1_alpha.deb
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-
alpha/kernel-image-2.6.8-2-smp_2.6.8-16sarge1_alpha.deb
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-
alpha/kernel-image-2.6.8-3-generic_2.6.8-16sarge2_alpha.deb
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-
alpha/kernel-image-2.6.8-3-smp_2.6.8-16sarge2_alpha.deb
AMD64:
http://security.debian.org/pool/updates/main/k/kernel-latest-2.6-
amd64/kernel-headers-2.6-amd64-generic_103sarge1_amd64.deb
http://security.debian.org/pool/updates/main/k/kernel-latest-2.6-
amd64/kernel-headers-2.6-amd64-k8_103sarge1_amd64.deb
http://security.debian.org/pool/updates/main/k/kernel-latest-2.6-
amd64/kernel-headers-2.6-amd64-k8-smp_103sarge1_amd64.deb
http://security.debian.org/pool/updates/main/k/kernel-latest-2.6-
amd64/kernel-headers-2.6-em64t-p4_103sarge1_amd64.deb
http://security.debian.org/pool/updates/main/k/kernel-latest-2.6-
amd64/kernel-headers-2.6-em64t-p4-smp_103sarge1_amd64.deb
http://security.debian.org/pool/updates/main/k/kernel-latest-2.6-
amd64/kernel-image-2.6-amd64-generic_103sarge1_amd64.deb
http://security.debian.org/pool/updates/main/k/kernel-latest-2.6-
amd64/kernel-image-2.6-amd64-k8_103sarge1_amd64.deb
http://security.debian.org/pool/updates/main/k/kernel-latest-2.6-
amd64/kernel-image-2.6-amd64-k8-smp_103sarge1_amd64.deb
http://security.debian.org/pool/updates/main/k/kernel-latest-2.6-
amd64/kernel-image-2.6-em64t-p4_103sarge1_amd64.deb
http://security.debian.org/pool/updates/main/k/kernel-latest-2.6-
amd64/kernel-image-2.6-em64t-p4-smp_103sarge1_amd64.deb
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-
amd64/kernel-headers-2.6.8-11_2.6.8-16sarge1_amd64.deb
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-
amd64/kernel-headers-2.6.8-11-amd64-generic_2.6.8-16sarge1_amd64.deb
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-
amd64/kernel-headers-2.6.8-11-amd64-k8_2.6.8-16sarge1_amd64.deb
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-
amd64/kernel-headers-2.6.8-11-amd64-k8-smp_2.6.8-16sarge1_amd64.deb
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-
amd64/kernel-headers-2.6.8-11-em64t-p4_2.6.8-16sarge1_amd64.deb
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-
amd64/kernel-headers-2.6.8-11-em64t-p4-smp_2.6.8-16sarge1_amd64.deb
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-
amd64/kernel-headers-2.6.8-12_2.6.8-16sarge2_amd64.deb
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-
amd64/kernel-headers-2.6.8-12-amd64-generic_2.6.8-16sarge2_amd64.deb
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-
amd64/kernel-headers-2.6.8-12-amd64-k8_2.6.8-16sarge2_amd64.deb
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-
amd64/kernel-headers-2.6.8-12-amd64-k8-smp_2.6.8-16sarge2_amd64.deb
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-
amd64/kernel-headers-2.6.8-12-em64t-p4_2.6.8-16sarge2_amd64.deb
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-
amd64/kernel-headers-2.6.8-12-em64t-p4-smp_2.6.8-16sarge2_amd64.deb
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-
amd64/kernel-image-2.6.8-11-amd64-generic_2.6.8-16sarge1_amd64.deb
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-
amd64/kernel-image-2.6.8-11-amd64-k8_2.6.8-16sarge1_amd64.deb
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-
amd64/kernel-image-2.6.8-11-amd64-k8-smp_2.6.8-16sarge1_amd64.deb
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-
amd64/kernel-image-2.6.8-11-em64t-p4_2.6.8-16sarge1_amd64.deb
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-
amd64/kernel-image-2.6.8-11-em64t-p4-smp_2.6.8-16sarge1_amd64.deb
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-
amd64/kernel-image-2.6.8-12-amd64-generic_2.6.8-16sarge2_amd64.deb
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-
amd64/kernel-image-2.6.8-12-amd64-k8_2.6.8-16sarge2_amd64.deb
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-
amd64/kernel-image-2.6.8-12-amd64-k8-smp_2.6.8-16sarge2_amd64.deb
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-
amd64/kernel-image-2.6.8-12-em64t-p4_2.6.8-16sarge2_amd64.deb
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-
amd64/kernel-image-2.6.8-12-em64t-p4-smp_2.6.8-16sarge2_amd64.deb
Intel IA-32:
http://security.debian.org/pool/updates/main/k/kernel-latest-2.6-
amd64/kernel-headers-2.6-amd64-generic_103sarge1_i386.deb
http://security.debian.org/pool/updates/main/k/kernel-latest-2.6-
amd64/kernel-headers-2.6-amd64-k8_103sarge1_i386.deb
http://security.debian.org/pool/updates/main/k/kernel-latest-2.6-
amd64/kernel-headers-2.6-amd64-k8-smp_103sarge1_i386.deb
http://security.debian.org/pool/updates/main/k/kernel-latest-2.6-
amd64/kernel-headers-2.6-em64t-p4_103sarge1_i386.deb
http://security.debian.org/pool/updates/main/k/kernel-latest-2.6-
amd64/kernel-headers-2.6-em64t-p4-smp_103sarge1_i386.deb
http://security.debian.org/pool/updates/main/k/kernel-latest-2.6-
amd64/kernel-image-2.6-amd64-generic_103sarge1_i386.deb
http://security.debian.org/pool/updates/main/k/kernel-latest-2.6-
amd64/kernel-image-2.6-amd64-k8_103sarge1_i386.deb
http://security.debian.org/pool/updates/main/k/kernel-latest-2.6-
amd64/kernel-image-2.6-amd64-k8-smp_103sarge1_i386.deb
http://security.debian.org/pool/updates/main/k/kernel-latest-2.6-
amd64/kernel-image-2.6-em64t-p4_103sarge1_i386.deb
http://security.debian.org/pool/updates/main/k/kernel-latest-2.6-
amd64/kernel-image-2.6-em64t-p4-smp_103sarge1_i386.deb
http://security.debian.org/pool/updates/main/k/kernel-latest-2.6-
i386/kernel-headers-2.6-386_101sarge1_i386.deb
http://security.debian.org/pool/updates/main/k/kernel-latest-2.6-
i386/kernel-headers-2.6-686_101sarge1_i386.deb
http://security.debian.org/pool/updates/main/k/kernel-latest-2.6-
i386/kernel-headers-2.6-686-smp_101sarge1_i386.deb
http://security.debian.org/pool/updates/main/k/kernel-latest-2.6-
i386/kernel-headers-2.6-k7_101sarge1_i386.deb
http://security.debian.org/pool/updates/main/k/kernel-latest-2.6-
i386/kernel-headers-2.6-k7-smp_101sarge1_i386.deb
http://security.debian.org/pool/updates/main/k/kernel-latest-2.6-
i386/kernel-image-2.6-386_101sarge1_i386.deb
http://security.debian.org/pool/updates/main/k/kernel-latest-2.6-
i386/kernel-image-2.6-686_101sarge1_i386.deb
http://security.debian.org/pool/updates/main/k/kernel-latest-2.6-
i386/kernel-image-2.6-686-smp_101sarge1_i386.deb
http://security.debian.org/pool/updates/main/k/kernel-latest-2.6-
i386/kernel-image-2.6-k7_101sarge1_i386.deb
http://security.debian.org/pool/updates/main/k/kernel-latest-2.6-
i386/kernel-image-2.6-k7-smp_101sarge1_i386.deb
http://security.debian.org/pool/updates/main/f/fai-kernels/fai-kernels_
1.9.1sarge1_i386.deb
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-
i386/kernel-headers-2.6.8-2_2.6.8-16sarge1_i386.deb
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-
i386/kernel-headers-2.6.8-2-386_2.6.8-16sarge1_i386.deb
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-
i386/kernel-headers-2.6.8-2-686_2.6.8-16sarge1_i386.deb
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-
i386/kernel-headers-2.6.8-2-686-smp_2.6.8-16sarge1_i386.deb
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-
i386/kernel-headers-2.6.8-2-k7_2.6.8-16sarge1_i386.deb
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-
i386/kernel-headers-2.6.8-2-k7-smp_2.6.8-16sarge1_i386.deb
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-
i386/kernel-headers-2.6.8-3_2.6.8-16sarge2_i386.deb
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-
i386/kernel-headers-2.6.8-3-386_2.6.8-16sarge2_i386.deb
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-
i386/kernel-headers-2.6.8-3-686_2.6.8-16sarge2_i386.deb
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-
i386/kernel-headers-2.6.8-3-686-smp_2.6.8-16sarge2_i386.deb
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-
i386/kernel-headers-2.6.8-3-k7_2.6.8-16sarge2_i386.deb
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-
i386/kernel-headers-2.6.8-3-k7-smp_2.6.8-16sarge2_i386.deb
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-
i386/kernel-image-2.6.8-2-386_2.6.8-16sarge1_i386.deb
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-
i386/kernel-image-2.6.8-2-686_2.6.8-16sarge1_i386.deb
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-
i386/kernel-image-2.6.8-2-686-smp_2.6.8-16sarge1_i386.deb
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-
i386/kernel-image-2.6.8-2-k7_2.6.8-16sarge1_i386.deb
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-
i386/kernel-image-2.6.8-2-k7-smp_2.6.8-16sarge1_i386.deb
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-
i386/kernel-image-2.6.8-3-386_2.6.8-16sarge2_i386.deb
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-
i386/kernel-image-2.6.8-3-686_2.6.8-16sarge2_i386.deb
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-
i386/kernel-image-2.6.8-3-686-smp_2.6.8-16sarge2_i386.deb
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-
i386/kernel-image-2.6.8-3-k7_2.6.8-16sarge2_i386.deb
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-
i386/kernel-image-2.6.8-3-k7-smp_2.6.8-16sarge2_i386.deb
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-
amd64/kernel-headers-2.6.8-11_2.6.8-16sarge1_i386.deb
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-
amd64/kernel-headers-2.6.8-11-amd64-generic_2.6.8-16sarge1_i386.deb
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-
amd64/kernel-headers-2.6.8-11-amd64-k8_2.6.8-16sarge1_i386.deb
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-
amd64/kernel-headers-2.6.8-11-amd64-k8-smp_2.6.8-16sarge1_i386.deb
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-
amd64/kernel-headers-2.6.8-11-em64t-p4_2.6.8-16sarge1_i386.deb
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-
amd64/kernel-headers-2.6.8-11-em64t-p4-smp_2.6.8-16sarge1_i386.deb
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-
amd64/kernel-headers-2.6.8-12_2.6.8-16sarge2_i386.deb
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-
amd64/kernel-headers-2.6.8-12-amd64-generic_2.6.8-16sarge2_i386.deb
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-
amd64/kernel-headers-2.6.8-12-amd64-k8_2.6.8-16sarge2_i386.deb
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-
amd64/kernel-headers-2.6.8-12-amd64-k8-smp_2.6.8-16sarge2_i386.deb
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-
amd64/kernel-headers-2.6.8-12-em64t-p4_2.6.8-16sarge2_i386.deb
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-
amd64/kernel-headers-2.6.8-12-em64t-p4-smp_2.6.8-16sarge2_i386.deb
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-
amd64/kernel-image-2.6.8-11-amd64-generic_2.6.8-16sarge1_i386.deb
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-
amd64/kernel-image-2.6.8-11-amd64-k8_2.6.8-16sarge1_i386.deb
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-
amd64/kernel-image-2.6.8-11-amd64-k8-smp_2.6.8-16sarge1_i386.deb
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-
amd64/kernel-image-2.6.8-11-em64t-p4_2.6.8-16sarge1_i386.deb
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-
amd64/kernel-image-2.6.8-11-em64t-p4-smp_2.6.8-16sarge1_i386.deb
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-
amd64/kernel-image-2.6.8-12-amd64-generic_2.6.8-16sarge2_i386.deb
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-
amd64/kernel-image-2.6.8-12-amd64-k8_2.6.8-16sarge2_i386.deb
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-
amd64/kernel-image-2.6.8-12-amd64-k8-smp_2.6.8-16sarge2_i386.deb
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-
amd64/kernel-image-2.6.8-12-em64t-p4_2.6.8-16sarge2_i386.deb
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-
amd64/kernel-image-2.6.8-12-em64t-p4-smp_2.6.8-16sarge2_i386.deb
http://security.debian.org/pool/updates/main/h/hostap-modules-
i386/hostap-modules-2.4.27-3-386_0.3.7-1sarge1_i386.deb
http://security.debian.org/pool/updates/main/h/hostap-modules-
i386/hostap-modules-2.4.27-3-586tsc_0.3.7-1sarge1_i386.deb
http://security.debian.org/pool/updates/main/h/hostap-modules-
i386/hostap-modules-2.4.27-3-686_0.3.7-1sarge1_i386.deb
http://security.debian.org/pool/updates/main/h/hostap-modules-
i386/hostap-modules-2.4.27-3-686-smp_0.3.7-1sarge1_i386.deb
http://security.debian.org/pool/updates/main/h/hostap-modules-
i386/hostap-modules-2.4.27-3-k6_0.3.7-1sarge1_i386.deb
http://security.debian.org/pool/updates/main/h/hostap-modules-
i386/hostap-modules-2.4.27-3-k7_0.3.7-1sarge1_i386.deb
http://security.debian.org/pool/updates/main/h/hostap-modules-
i386/hostap-modules-2.4.27-3-k7-smp_0.3.7-1sarge1_i386.deb
http://security.debian.org/pool/updates/main/h/hostap-modules-
i386/hostap-modules-2.6.8-3-386_0.3.7-1sarge1_i386.deb
http://security.debian.org/pool/updates/main/h/hostap-modules-
i386/hostap-modules-2.6.8-3-686_0.3.7-1sarge1_i386.deb
http://security.debian.org/pool/updates/main/h/hostap-modules-
i386/hostap-modules-2.6.8-3-686-smp_0.3.7-1sarge1_i386.deb
http://security.debian.org/pool/updates/main/h/hostap-modules-
i386/hostap-modules-2.6.8-3-k7_0.3.7-1sarge1_i386.deb
http://security.debian.org/pool/updates/main/h/hostap-modules-
i386/hostap-modules-2.6.8-3-k7-smp_0.3.7-1sarge1_i386.deb
http://security.debian.org/pool/updates/main/n/ndiswrapper-modules-
i386/ndiswrapper-modules-2.6.8-3-386_1.1-2sarge1_i386.deb
http://security.debian.org/pool/updates/main/n/ndiswrapper-modules-
i386/ndiswrapper-modules-2.6.8-3-686_1.1-2sarge1_i386.deb
http://security.debian.org/pool/updates/main/n/ndiswrapper-modules-
i386/ndiswrapper-modules-2.6.8-3-686-smp_1.1-2sarge1_i386.deb
http://security.debian.org/pool/updates/main/n/ndiswrapper-modules-
i386/ndiswrapper-modules-2.6.8-3-k7_1.1-2sarge1_i386.deb
http://security.debian.org/pool/updates/main/n/ndiswrapper-modules-
i386/ndiswrapper-modules-2.6.8-3-k7-smp_1.1-2sarge1_i386.deb
Intel IA-64:
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-
ia64/kernel-headers-2.6-itanium_2.6.8-14sarge2_ia64.deb
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-
ia64/kernel-headers-2.6-itanium-smp_2.6.8-14sarge2_ia64.deb
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-
ia64/kernel-headers-2.6-mckinley_2.6.8-14sarge2_ia64.deb
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-
ia64/kernel-headers-2.6-mckinley-smp_2.6.8-14sarge2_ia64.deb
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-
ia64/kernel-headers-2.6.8-2_2.6.8-14sarge1_ia64.deb
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-
ia64/kernel-headers-2.6.8-2-itanium_2.6.8-14sarge1_ia64.deb
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-
ia64/kernel-headers-2.6.8-2-itanium-smp_2.6.8-14sarge1_ia64.deb
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-
ia64/kernel-headers-2.6.8-2-mckinley_2.6.8-14sarge1_ia64.deb
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-
ia64/kernel-headers-2.6.8-2-mckinley-smp_2.6.8-14sarge1_ia64.deb
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-
ia64/kernel-headers-2.6.8-3_2.6.8-14sarge2_ia64.deb
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-
ia64/kernel-headers-2.6.8-3-itanium_2.6.8-14sarge2_ia64.deb
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-
ia64/kernel-headers-2.6.8-3-itanium-smp_2.6.8-14sarge2_ia64.deb
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-
ia64/kernel-headers-2.6.8-3-mckinley_2.6.8-14sarge2_ia64.deb
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-
ia64/kernel-headers-2.6.8-3-mckinley-smp_2.6.8-14sarge2_ia64.deb
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-
ia64/kernel-image-2.6-itanium_2.6.8-14sarge2_ia64.deb
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-
ia64/kernel-image-2.6-itanium-smp_2.6.8-14sarge2_ia64.deb
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-
ia64/kernel-image-2.6-mckinley_2.6.8-14sarge2_ia64.deb
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-
ia64/kernel-image-2.6-mckinley-smp_2.6.8-14sarge2_ia64.deb
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-
ia64/kernel-image-2.6.8-2-itanium_2.6.8-14sarge1_ia64.deb
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-
ia64/kernel-image-2.6.8-2-itanium-smp_2.6.8-14sarge1_ia64.deb
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-
ia64/kernel-image-2.6.8-2-mckinley_2.6.8-14sarge1_ia64.deb
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-
ia64/kernel-image-2.6.8-2-mckinley-smp_2.6.8-14sarge1_ia64.deb
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-
ia64/kernel-image-2.6.8-3-itanium_2.6.8-14sarge2_ia64.deb
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-
ia64/kernel-image-2.6.8-3-itanium-smp_2.6.8-14sarge2_ia64.deb
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-
ia64/kernel-image-2.6.8-3-mckinley_2.6.8-14sarge2_ia64.deb
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-
ia64/kernel-image-2.6.8-3-mckinley-smp_2.6.8-14sarge2_ia64.deb
HPPA:
http://security.debian.org/pool/updates/main/k/kernel-latest-2.6-
hppa/kernel-headers-2.6_2.6.8-1sarge1_hppa.deb
http://security.debian.org/pool/updates/main/k/kernel-latest-2.6-
hppa/kernel-headers-2.6-32_2.6.8-1sarge1_hppa.deb
http://security.debian.org/pool/updates/main/k/kernel-latest-2.6-
hppa/kernel-headers-2.6-32-smp_2.6.8-1sarge1_hppa.deb
http://security.debian.org/pool/updates/main/k/kernel-latest-2.6-
hppa/kernel-headers-2.6-64_2.6.8-1sarge1_hppa.deb
http://security.debian.org/pool/updates/main/k/kernel-latest-2.6-
hppa/kernel-headers-2.6-64-smp_2.6.8-1sarge1_hppa.deb
http://security.debian.org/pool/updates/main/k/kernel-latest-2.6-
hppa/kernel-image-2.6-32_2.6.8-1sarge1_hppa.deb
http://security.debian.org/pool/updates/main/k/kernel-latest-2.6-
hppa/kernel-image-2.6-32-smp_2.6.8-1sarge1_hppa.deb
http://security.debian.org/pool/updates/main/k/kernel-latest-2.6-
hppa/kernel-image-2.6-64_2.6.8-1sarge1_hppa.deb
http://security.debian.org/pool/updates/main/k/kernel-latest-2.6-
hppa/kernel-image-2.6-64-smp_2.6.8-1sarge1_hppa.deb
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-
hppa/kernel-headers-2.6.8-2_2.6.8-6sarge1_hppa.deb
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-
hppa/kernel-headers-2.6.8-2-32_2.6.8-6sarge1_hppa.deb
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-
hppa/kernel-headers-2.6.8-2-32-smp_2.6.8-6sarge1_hppa.deb
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-
hppa/kernel-headers-2.6.8-2-64_2.6.8-6sarge1_hppa.deb
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-
hppa/kernel-headers-2.6.8-2-64-smp_2.6.8-6sarge1_hppa.deb
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-
hppa/kernel-headers-2.6.8-3_2.6.8-6sarge2_hppa.deb
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-
hppa/kernel-headers-2.6.8-3-32_2.6.8-6sarge2_hppa.deb
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-
hppa/kernel-headers-2.6.8-3-32-smp_2.6.8-6sarge2_hppa.deb
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-
hppa/kernel-headers-2.6.8-3-64_2.6.8-6sarge2_hppa.deb
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-
hppa/kernel-headers-2.6.8-3-64-smp_2.6.8-6sarge2_hppa.deb
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-
hppa/kernel-image-2.6.8-2-32_2.6.8-6sarge1_hppa.deb
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-
hppa/kernel-image-2.6.8-2-32-smp_2.6.8-6sarge1_hppa.deb
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-
hppa/kernel-image-2.6.8-2-64_2.6.8-6sarge1_hppa.deb
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-
hppa/kernel-image-2.6.8-2-64-smp_2.6.8-6sarge1_hppa.deb
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-
hppa/kernel-image-2.6.8-3-32_2.6.8-6sarge2_hppa.deb
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-
hppa/kernel-image-2.6.8-3-32-smp_2.6.8-6sarge2_hppa.deb
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-
hppa/kernel-image-2.6.8-3-64_2.6.8-6sarge2_hppa.deb
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-
hppa/kernel-image-2.6.8-3-64-smp_2.6.8-6sarge2_hppa.deb
Motorola 680x0:
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-
m68k/kernel-image-2.6.8-amiga_2.6.8-4sarge2_m68k.deb
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-
m68k/kernel-image-2.6.8-atari_2.6.8-4sarge2_m68k.deb
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-
m68k/kernel-image-2.6.8-bvme6000_2.6.8-4sarge2_m68k.deb
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-
m68k/kernel-image-2.6.8-hp_2.6.8-4sarge2_m68k.deb
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-
m68k/kernel-image-2.6.8-mac_2.6.8-4sarge2_m68k.deb
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-
m68k/kernel-image-2.6.8-mvme147_2.6.8-4sarge2_m68k.deb
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-
m68k/kernel-image-2.6.8-mvme16x_2.6.8-4sarge2_m68k.deb
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-
m68k/kernel-image-2.6.8-q40_2.6.8-4sarge2_m68k.deb
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-
m68k/kernel-image-2.6.8-sun3_2.6.8-4sarge2_m68k.deb
PowerPC:
http://security.debian.org/pool/updates/main/k/kernel-latest-
powerpc/kernel-headers_102sarge1_powerpc.deb
http://security.debian.org/pool/updates/main/k/kernel-latest-
powerpc/kernel-headers-2.4_102sarge1_powerpc.deb
http://security.debian.org/pool/updates/main/k/kernel-latest-
powerpc/kernel-headers-2.6_102sarge1_powerpc.deb
http://security.debian.org/pool/updates/main/k/kernel-latest-
powerpc/kernel-image-2.4-powerpc_102sarge1_powerpc.deb
http://security.debian.org/pool/updates/main/k/kernel-latest-
powerpc/kernel-image-2.4-powerpc-smp_102sarge1_powerpc.deb
http://security.debian.org/pool/updates/main/k/kernel-latest-
powerpc/kernel-image-2.6-power3_102sarge1_powerpc.deb
http://security.debian.org/pool/updates/main/k/kernel-latest-
powerpc/kernel-image-2.6-power3-smp_102sarge1_powerpc.deb
http://security.debian.org/pool/updates/main/k/kernel-latest-
powerpc/kernel-image-2.6-power4_102sarge1_powerpc.deb
http://security.debian.org/pool/updates/main/k/kernel-latest-
powerpc/kernel-image-2.6-power4-smp_102sarge1_powerpc.deb
http://security.debian.org/pool/updates/main/k/kernel-latest-
powerpc/kernel-image-2.6-powerpc_102sarge1_powerpc.deb
http://security.debian.org/pool/updates/main/k/kernel-latest-
powerpc/kernel-image-2.6-powerpc-smp_102sarge1_powerpc.deb
http://security.debian.org/pool/updates/main/k/kernel-latest-
powerpc/kernel-image-power3_102sarge1_powerpc.deb
http://security.debian.org/pool/updates/main/k/kernel-latest-
powerpc/kernel-image-power3-smp_102sarge1_powerpc.deb
http://security.debian.org/pool/updates/main/k/kernel-latest-
powerpc/kernel-image-power4_102sarge1_powerpc.deb
http://security.debian.org/pool/updates/main/k/kernel-latest-
powerpc/kernel-image-power4-smp_102sarge1_powerpc.deb
http://security.debian.org/pool/updates/main/k/kernel-latest-
powerpc/kernel-image-powerpc_102sarge1_powerpc.deb
http://security.debian.org/pool/updates/main/k/kernel-latest-
powerpc/kernel-image-powerpc-smp_102sarge1_powerpc.deb
http://security.debian.org/pool/updates/main/k/kernel-patch-powerpc-
2.6.8/kernel-build-2.6.8-3-power3_2.6.8-12sarge2_powerpc.deb
http://security.debian.org/pool/updates/main/k/kernel-patch-powerpc-
2.6.8/kernel-build-2.6.8-3-power3-smp_2.6.8-12sarge2_powerpc.deb
http://security.debian.org/pool/updates/main/k/kernel-patch-powerpc-
2.6.8/kernel-build-2.6.8-3-power4_2.6.8-12sarge2_powerpc.deb
http://security.debian.org/pool/updates/main/k/kernel-patch-powerpc-
2.6.8/kernel-build-2.6.8-3-power4-smp_2.6.8-12sarge2_powerpc.deb
http://security.debian.org/pool/updates/main/k/kernel-patch-powerpc-
2.6.8/kernel-build-2.6.8-3-powerpc_2.6.8-12sarge2_powerpc.deb
http://security.debian.org/pool/updates/main/k/kernel-patch-powerpc-
2.6.8/kernel-build-2.6.8-3-powerpc-smp_2.6.8-12sarge2_powerpc.deb
http://security.debian.org/pool/updates/main/k/kernel-patch-powerpc-
2.6.8/kernel-build-2.6.8-power3_2.6.8-12sarge1_powerpc.deb
http://security.debian.org/pool/updates/main/k/kernel-patch-powerpc-
2.6.8/kernel-build-2.6.8-power3-smp_2.6.8-12sarge1_powerpc.deb
http://security.debian.org/pool/updates/main/k/kernel-patch-powerpc-
2.6.8/kernel-build-2.6.8-power4_2.6.8-12sarge1_powerpc.deb
http://security.debian.org/pool/updates/main/k/kernel-patch-powerpc-
2.6.8/kernel-build-2.6.8-power4-smp_2.6.8-12sarge1_powerpc.deb
http://security.debian.org/pool/updates/main/k/kernel-patch-powerpc-
2.6.8/kernel-build-2.6.8-powerpc_2.6.8-12sarge1_powerpc.deb
http://security.debian.org/pool/updates/main/k/kernel-patch-powerpc-
2.6.8/kernel-build-2.6.8-powerpc-smp_2.6.8-12sarge1_powerpc.deb
http://security.debian.org/pool/updates/main/k/kernel-patch-powerpc-
2.6.8/kernel-headers-2.6.8_2.6.8-12sarge1_powerpc.deb
http://security.debian.org/pool/updates/main/k/kernel-patch-powerpc-
2.6.8/kernel-headers-2.6.8-3_2.6.8-12sarge2_powerpc.deb
http://security.debian.org/pool/updates/main/k/kernel-patch-powerpc-
2.6.8/kernel-image-2.6.8-3-power3_2.6.8-12sarge2_powerpc.deb
http://security.debian.org/pool/updates/main/k/kernel-patch-powerpc-
2.6.8/kernel-image-2.6.8-3-power3-smp_2.6.8-12sarge2_powerpc.deb
http://security.debian.org/pool/updates/main/k/kernel-patch-powerpc-
2.6.8/kernel-image-2.6.8-3-power4_2.6.8-12sarge2_powerpc.deb
http://security.debian.org/pool/updates/main/k/kernel-patch-powerpc-
2.6.8/kernel-image-2.6.8-3-power4-smp_2.6.8-12sarge2_powerpc.deb
http://security.debian.org/pool/updates/main/k/kernel-patch-powerpc-
2.6.8/kernel-image-2.6.8-3-powerpc_2.6.8-12sarge2_powerpc.deb
http://security.debian.org/pool/updates/main/k/kernel-patch-powerpc-
2.6.8/kernel-image-2.6.8-3-powerpc-smp_2.6.8-12sarge2_powerpc.deb
http://security.debian.org/pool/updates/main/k/kernel-patch-powerpc-
2.6.8/kernel-image-2.6.8-power3_2.6.8-12sarge1_powerpc.deb
http://security.debian.org/pool/updates/main/k/kernel-patch-powerpc-
2.6.8/kernel-image-2.6.8-power3-smp_2.6.8-12sarge1_powerpc.deb
http://security.debian.org/pool/updates/main/k/kernel-patch-powerpc-
2.6.8/kernel-image-2.6.8-power4_2.6.8-12sarge1_powerpc.deb
http://security.debian.org/pool/updates/main/k/kernel-patch-powerpc-
2.6.8/kernel-image-2.6.8-power4-smp_2.6.8-12sarge1_powerpc.deb
http://security.debian.org/pool/updates/main/k/kernel-patch-powerpc-
2.6.8/kernel-image-2.6.8-powerpc_2.6.8-12sarge1_powerpc.deb
http://security.debian.org/pool/updates/main/k/kernel-patch-powerpc-
2.6.8/kernel-image-2.6.8-powerpc-smp_2.6.8-12sarge1_powerpc.deb
http://security.debian.org/pool/updates/main/m/mol-modules-2.6.8/mol-
modules-2.6.8-3-powerpc_0.9.70+2.6.8+12sarge1_powerpc.deb
http://security.debian.org/pool/updates/main/m/mol-modules-2.6.8/mol-
modules-2.6.8-3-powerpc-smp_0.9.70+2.6.8+12sarge1_powerpc.deb
IBM S/390:
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-
s390/kernel-headers-2.6.8-2_2.6.8-5sarge1_s390.deb
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-
s390/kernel-headers-2.6.8-3_2.6.8-5sarge2_s390.deb
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-
s390/kernel-image-2.6.8-2-s390_2.6.8-5sarge1_s390.deb
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-
s390/kernel-image-2.6.8-2-s390-tape_2.6.8-5sarge1_s390.deb
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-
s390/kernel-image-2.6.8-2-s390x_2.6.8-5sarge1_s390.deb
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-
s390/kernel-image-2.6.8-3-s390_2.6.8-5sarge2_s390.deb
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-
s390/kernel-image-2.6.8-3-s390-tape_2.6.8-5sarge2_s390.deb
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-
s390/kernel-image-2.6.8-3-s390x_2.6.8-5sarge2_s390.deb
Sun Sparc:
http://security.debian.org/pool/updates/main/k/kernel-latest-2.6-
sparc/kernel-headers-2.6-sparc32_101sarge1_sparc.deb
http://security.debian.org/pool/updates/main/k/kernel-latest-2.6-
sparc/kernel-headers-2.6-sparc64_101sarge1_sparc.deb
http://security.debian.org/pool/updates/main/k/kernel-latest-2.6-
sparc/kernel-headers-2.6-sparc64-smp_101sarge1_sparc.deb
http://security.debian.org/pool/updates/main/k/kernel-latest-2.6-
sparc/kernel-image-2.6-sparc32_101sarge1_sparc.deb
http://security.debian.org/pool/updates/main/k/kernel-latest-2.6-
sparc/kernel-image-2.6-sparc64_101sarge1_sparc.deb
http://security.debian.org/pool/updates/main/k/kernel-latest-2.6-
sparc/kernel-image-2.6-sparc64-smp_101sarge1_sparc.deb
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-
sparc/kernel-build-2.6.8-2_2.6.8-15sarge1_sparc.deb
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-
sparc/kernel-build-2.6.8-3_2.6.8-15sarge2_sparc.deb
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-
sparc/kernel-headers-2.6.8-2_2.6.8-15sarge1_sparc.deb
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-
sparc/kernel-headers-2.6.8-2-sparc32_2.6.8-15sarge1_sparc.deb
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-
sparc/kernel-headers-2.6.8-2-sparc64_2.6.8-15sarge1_sparc.deb
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-
sparc/kernel-headers-2.6.8-2-sparc64-smp_2.6.8-15sarge1_sparc.deb
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-
sparc/kernel-headers-2.6.8-3_2.6.8-15sarge2_sparc.deb
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-
sparc/kernel-headers-2.6.8-3-sparc32_2.6.8-15sarge2_sparc.deb
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-
sparc/kernel-headers-2.6.8-3-sparc64_2.6.8-15sarge2_sparc.deb
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-
sparc/kernel-headers-2.6.8-3-sparc64-smp_2.6.8-15sarge2_sparc.deb
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-
sparc/kernel-image-2.6.8-2-sparc32_2.6.8-15sarge1_sparc.deb
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-
sparc/kernel-image-2.6.8-2-sparc64_2.6.8-15sarge1_sparc.deb
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-
sparc/kernel-image-2.6.8-2-sparc64-smp_2.6.8-15sarge1_sparc.deb
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-
sparc/kernel-image-2.6.8-3-sparc32_2.6.8-15sarge2_sparc.deb
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-
sparc/kernel-image-2.6.8-3-sparc64_2.6.8-15sarge2_sparc.deb
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-
sparc/kernel-image-2.6.8-3-sparc64-smp_2.6.8-15sarge2_sparc.deb
Architecture-independent component:
http://security.debian.org/pool/updates/main/k/kernel-source-2.6.8/kernel-
doc-2.6.8_2.6.8-16sarge2_all.deb
http://security.debian.org/pool/updates/main/k/kernel-source-2.6.8/kernel-
patch-debian-2.6.8_2.6.8-16sarge2_all.deb
http://security.debian.org/pool/updates/main/k/kernel-source-2.6.8/kernel-
source-2.6.8_2.6.8-16sarge2_all.deb
http://security.debian.org/pool/updates/main/k/kernel-source-2.6.8/kernel-
tree-2.6.8_2.6.8-16sarge2_all.deb
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-
s390/kernel-patch-2.6.8-s390_2.6.8-5sarge2_all.deb
MD5 checksums of the listed files are available in the original advisory.
[***** End DSA-1017-1 *****]
_______________________________________________________________________________
CIAC wishes to acknowledge the contributions of Debian Security Advisory for the
information contained in this bulletin.
_______________________________________________________________________________
CIAC, the Computer Incident Advisory Capability, is the computer
security incident response team for the U.S. Department of Energy
(DOE) and the emergency backup response team for the National
Institutes of Health (NIH). CIAC is located at the Lawrence Livermore
National Laboratory in Livermore, California. CIAC is also a founding
member of FIRST, the Forum of Incident Response and Security Teams, a
global organization established to foster cooperation and coordination
among computer security teams worldwide.
CIAC services are available to DOE, DOE contractors, and the NIH. CIAC
can be contacted at:
Voice: +1 925-422-8193 (7x24)
FAX: +1 925-423-8002
STU-III: +1 925-423-2604
E-mail: ciac@ciac.org
Previous CIAC notices, anti-virus software, and other information are
available from the CIAC Computer Security Archive.
World Wide Web: http://www.ciac.org/
Anonymous FTP: ftp.ciac.org
PLEASE NOTE: Many users outside of the DOE, ESnet, and NIH computing
communities receive CIAC bulletins. If you are not part of these
communities, please contact your agency's response team to report
incidents. Your agency's team will coordinate with CIAC. The Forum of
Incident Response and Security Teams (FIRST) is a world-wide
organization. A list of FIRST member organizations and their
constituencies can be obtained via WWW at http://www.first.org/.
This document was prepared as an account of work sponsored by an
agency of the United States Government. Neither the United States
Government nor the University of California nor any of their
employees, makes any warranty, express or implied, or assumes any
legal liability or responsibility for the accuracy, completeness, or
usefulness of any information, apparatus, product, or process
disclosed, or represents that its use would not infringe privately
owned rights. Reference herein to any specific commercial products,
process, or service by trade name, trademark, manufacturer, or
otherwise, does not necessarily constitute or imply its endorsement,
recommendation or favoring by the United States Government or the
University of California. The views and opinions of authors expressed
herein do not necessarily state or reflect those of the United States
Government or the University of California, and shall not be used for
advertising or product endorsement purposes.
LAST 10 CIAC BULLETINS ISSUED (Previous bulletins available from CIAC)
Q-145: Vulnerabilities in Microsoft Office
Q-146: Permissive Windows Services DACLs
Q-147: Macromedia Flash Player Update to Address Security Vulnerabilities
Q-148: Media Server BENGINE Service Job Log Format String Overflow
Q-150: unzip
Q-149: kernel-patch-vserver, util-vserver
Q-151: sendmail Security Update
Q-152: snmptrapfmt
Q-153: RealPlayer Security Update
Q-154: Vulnerability in the way HTML Objects Handle Unexpected Method Calls