===================================================================== CERT-Renater Note d'Information No. 2006/VULN339 _____________________________________________________________________ DATE : 15/06/2006 HARDWARE PLATFORM(S) : / OPERATING SYSTEM(S) : linux running kernel 2.4.27. ====================================================================== - -------------------------------------------------------------------------- Debian Security Advisory DSA 1097-1 security at debian.org http://www.debian.org/security/ Dann Frazier, Troy Heber June 14th, 2006 http://www.debian.org/security/faq - -------------------------------------------------------------------------- Package : kernel-source-2.4.27 Vulnerability : several Problem-Type : local/remote Debian-specific: no CVE ID : CVE-2006-0038 CVE-2006-0039 CVE-2006-0741 CVE-2006-0742 CVE-2006-1056 CVE-2006-1242 CVE-2006-1343 CVE-2006-1368 CVE-2006-1524 CVE-2006-1525 CVE-2006-1857 CVE-2006-1858 CVE-2006-1864 CVE-2006-2271 CVE-2006-2272 CVE-2006-2274 Debian Bug : Several local and remote vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service or the execution of arbitrary code. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2006-0038 "Solar Designer" discovered that arithmetic computations in netfilter's do_replace() function can lead to a buffer overflow and the execution of arbitrary code. However, the operation requires CAP_NET_ADMIN privileges, which is only an issue in virtualization systems or fine grained access control systems. CVE-2006-0039 "Solar Designer" discovered a race condition in netfilter's do_add_counters() function, which allows information disclosure of kernel memory by exploiting a race condition. Like CVE-2006-0038, it requires CAP_NET_ADMIN privileges. CVE-2006-0741 Intel EM64T systems were discovered to be susceptible to a local DoS due to an endless recursive fault related to a bad ELF entry address. CVE-2006-0742 incorrectly declared die_if_kernel() function as "does never return" which could be exploited by a local attacker resulting in a kernel crash. CVE-2006-1056 AMD64 machines (and other 7th and 8th generation AuthenticAMD processors) were found to be vulnerable to sensitive information leakage, due to how they handle saving and restoring the FOP, FIP, and FDP x87 registers in FXSAVE/FXRSTOR when an exception is pending. This allows a process to determine portions of the state of floating point instructions of other processes. CVE-2006-1242 Marco Ivaldi discovered that there was an unintended information disclosure allowing remote attackers to bypass protections against Idle Scans (nmap -sI) by abusing the ID field of IP packets and bypassing the zero IP ID in DF packet countermeasure. This was a result of the ip_push_pending_frames function improperly incremented the IP ID field when sending a RST after receiving unsolicited TCP SYN-ACK packets. CVE-2006-1343 Pavel Kankovsky reported the existance of a potential information leak resulting from the failure to initialize sin.sin_zero in the IPv4 socket code. CVE-2006-1368 Shaun Tancheff discovered a buffer overflow (boundry condition error) in the USB Gadget RNDIS implementation allowing remote attackers to cause a DoS. While creating a reply message, the driver allocated memory for the reply data, but not for the reply structure. The kernel fails to properly bounds-check user-supplied data before copying it to an insufficiently sized memory buffer. Attackers could crash the system, or possibly execute arbitrary machine code. CVE-2006-1524 Hugh Dickins discovered an issue in the madvise_remove() function wherein file and mmap restrictions are not followed, allowing local users to bypass IPC permissions and replace portions of readonly tmpfs files with zeroes. CVE-2006-1525 Alexandra Kossovsky reported a NULL pointer dereference condition in ip_route_input() that can be triggered by a local user by requesting a route for a multicast IP address, resulting in a denial of service (panic). CVE-2006-1857 Vlad Yasevich reported a data validation issue in the SCTP subsystem that may allow a remote user to overflow a buffer using a badly formatted HB-ACK chunk, resulting in a denial of service. CVE-2006-1858 Vlad Yasevich reported a bug in the bounds checking code in the SCTP subsystem that may allow a remote attacker to trigger a denial of service attack when rounded parameter lengths are used to calculate parameter lengths instead of the actual values. CVE-2006-1864 Mark Mosely discovered that chroots residing on an SMB share can be escaped with specially crafted "cd" sequences. CVE-2006-2271 The "Mu security team" discovered that carefully crafted ECNE chunkscan cause a kernel crash by accessing incorrect state stable entries in the SCTP networking subsystem, which allows denial of service. CVE-2006-2272 The "Mu security team" discovered that fragmented SCTP control chunks can trigger kernel panics, which allows for denial of service attacks. CVE-2006-2274 It was discovered that SCTP packets with two initial bundled data packets can lead to infinite recursion, which allows for denial of service attacks. The following matrix explains which kernel version for which architecture fix the problems mentioned above: Debian 3.1 (sarge) Source 2.4.27-10sarge3 Alpha architecture 2.4.27-10sarge3 ARM architecture 2.4.27-2sarge3 Intel IA-32 architecture 2.4.27-10sarge3 Intel IA-64 architecture 2.4.27-10sarge3 Motorola 680x0 architecture 2.4.27-3sarge3 Big endian MIPS 2.4.27-10.sarge3.040815-1 Little endian MIPS 2.4.27-10.sarge3.040815-1 PowerPC architecture 2.4.27-10sarge3 IBM S/390 architecture 2.4.27-2sarge3 Sun Sparc architecture 2.4.27-9sarge3 The following matrix lists additional packages that were rebuilt for compatibility with or to take advantage of this update: Debian 3.1 (sarge) fai-kernels 1.9.1sarge2 kernel-image-2.4.27-speakup 2.4.27-1.1sarge2 mindi-kernel 2.4.27-2sarge2 systemimager 3.2.3-6sarge2 We recommend that you upgrade your kernel package immediately and reboot the machine. If you have built a custom kernel from the kernel source package, you will need to rebuild to take advantage of these fixes. Upgrade Instructions - -------------------- wget url will fetch the file for you dpkg -i file.deb will install the referenced file. If you are using the apt-get package manager, use the line for sources.list as given below: apt-get update will update the internal database apt-get upgrade will install corrected packages You may use an automated update by adding the resources from the footer to the proper configuration. Debian GNU/Linux 3.1 alias sarge - -------------------------------- Source archives: http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-s390/kernel-image-2.4.27-s390_2.4.27-2sarge3.dsc Size/MD5 checksum: 831 fac953b669c78c37ea181597402b1c1b http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-i386/kernel-image-2.4.27-i386_2.4.27-10sarge3.tar.gz Size/MD5 checksum: 98672 717a42fcf8a6b67690a756b9f3f00aa1 http://security.debian.org/pool/updates/main/m/mindi-kernel/mindi-kernel_2.4.27-2sarge2.diff.gz Size/MD5 checksum: 3962 fc1912f815afb314558fbadae87e43fc http://security.debian.org/pool/updates/main/f/fai-kernels/fai-kernels_1.9.1sarge2.tar.gz Size/MD5 checksum: 26319 368860bca1219d5777ab12dbc0713985 http://security.debian.org/pool/updates/main/k/kernel-patch-powerpc-2.4.27/kernel-patch-powerpc-2.4.27_2.4.27-10sarge3.dsc Size/MD5 checksum: 1139 47ebcb365d37d7321eeee65b23920a29 http://security.debian.org/pool/updates/main/f/fai-kernels/fai-kernels_1.9.1sarge2.dsc Size/MD5 checksum: 621 096115eaec61120211e0ba317b92def9 http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-arm/kernel-image-2.4.27-arm_2.4.27-2sarge3.tar.gz Size/MD5 checksum: 31646 1673537490a1af1a72ff1d65cd73139d http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-m68k/kernel-image-2.4.27-m68k_2.4.27-3sarge3.dsc Size/MD5 checksum: 876 2340c14db87e56a98e01dd17b095b7d4 http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-sparc/kernel-image-2.4.27-sparc_2.4.27-9sarge3.tar.gz Size/MD5 checksum: 21264 932ad64503240eedef626a0856fe5665 http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-ia64/kernel-image-2.4.27-ia64_2.4.27-10sarge3.dsc Size/MD5 checksum: 1143 60abbaf01fa8d0f6ac0992eb08cb965e http://security.debian.org/pool/updates/main/k/kernel-image-speakup-i386/kernel-image-speakup-i386_2.4.27-1.1sarge2.dsc Size/MD5 checksum: 732 738178383acc2853cf8bd8b15861dc52 http://security.debian.org/pool/updates/main/s/systemimager/systemimager_3.2.3-6sarge2.tar.gz Size/MD5 checksum: 15975839 9d7e6b12846c71e4d530375aacd1390b http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-s390/kernel-image-2.4.27-s390_2.4.27-2sarge3.tar.gz Size/MD5 checksum: 9362 52942076ea9989d63ec619d0be8f324c http://security.debian.org/pool/updates/main/k/kernel-source-2.4.27/kernel-source-2.4.27_2.4.27-10sarge3.dsc Size/MD5 checksum: 900 6a5fd70b803f4a0996b994d72d30c65e http://security.debian.org/pool/updates/main/m/mindi-kernel/mindi-kernel_2.4.27.orig.tar.gz Size/MD5 checksum: 9501 a4ad085824ade5641f1c839d945dd301 http://security.debian.org/pool/updates/main/k/kernel-patch-2.4.27-mips/kernel-patch-2.4.27-mips_2.4.27-10.sarge3.040815-1.dsc Size/MD5 checksum: 1051 e28f324bd15f8825721c36d2ad685f8a http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-m68k/kernel-image-2.4.27-m68k_2.4.27-3sarge3.tar.gz Size/MD5 checksum: 11080 2813b0290efcd984fef6a69d9ca3c8e7 http://security.debian.org/pool/updates/main/k/kernel-patch-powerpc-2.4.27/kernel-patch-powerpc-2.4.27_2.4.27-10sarge3.tar.gz Size/MD5 checksum: 1463783 1df6018893f9772d156ccf8e3080fb2b http://security.debian.org/pool/updates/main/k/kernel-patch-2.4.27-mips/kernel-patch-2.4.27-mips_2.4.27-10.sarge3.040815-1.tar.+gz Size/MD5 checksum: 309066 ccf2db5585e30dd27b9eaf8d74285e70 http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-arm/kernel-image-2.4.27-arm_2.4.27-2sarge3.dsc Size/MD5 checksum: 839 2f9746e3d73001a774607a2e8460dec8 http://security.debian.org/pool/updates/main/m/mindi-kernel/mindi-kernel_2.4.27-2sarge2.dsc Size/MD5 checksum: 750 621fb9f1f76dc3fae5ed69f393ded2cb http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-ia64/kernel-image-2.4.27-ia64_2.4.27-10sarge3.tar.gz Size/MD5 checksum: 54501 650afb6ddf33bd3c55d036c6e163f8d1 http://security.debian.org/pool/updates/main/k/kernel-source-2.4.27/kernel-source-2.4.27_2.4.27-10sarge3.diff.gz Size/MD5 checksum: 741011 dc1085a42970fbb6f5174f8dae7f5bb2 http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-i386/kernel-image-2.4.27-i386_2.4.27-10sarge3.dsc Size/MD5 checksum: 1581 a0f54f9d6f61b4a31bdf49b2efa6a2ca http://security.debian.org/pool/updates/main/k/kernel-image-speakup-i386/kernel-image-speakup-i386_2.4.27-1.1sarge2.tar.gz Size/MD5 checksum: 17809 946929349518ac3d91c42825bfb6cabc http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-alpha/kernel-image-2.4.27-alpha_2.4.27-10sarge3.tar.gz Size/MD5 checksum: 31177 2d05a7a176dba04f37719199efa494b7 http://security.debian.org/pool/updates/main/k/kernel-source-2.4.27/kernel-source-2.4.27_2.4.27.orig.tar.gz Size/MD5 checksum: 38470181 56df34508cdc47a53d15bc02ffe4f42d http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-alpha/kernel-image-2.4.27-alpha_2.4.27-10sarge3.dsc Size/MD5 checksum: 831 4aa4330d08a7829fbe9a548d1d8bab2f http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-sparc/kernel-image-2.4.27-sparc_2.4.27-9sarge3.dsc Size/MD5 checksum: 1074 ef1ed7e19152004e160a48d320fed490 http://security.debian.org/pool/updates/main/s/systemimager/systemimager_3.2.3-6sarge2.dsc Size/MD5 checksum: 1012 271d488ce319e95d567143228330e9a1 Architecture independent components: http://security.debian.org/pool/updates/main/s/systemimager/systemimager-client_3.2.3-6sarge2_all.deb Size/MD5 checksum: 30482 64658643dc4a9554a722ff1b724c916f http://security.debian.org/pool/updates/main/s/systemimager/systemimager-boot-i386-standard_3.2.3-6sarge2_all.deb Size/MD5 checksum: 4759092 15c5bd7f61d7291f1267c12733ffcb5b http://security.debian.org/pool/updates/main/k/kernel-source-2.4.27/kernel-source-2.4.27_2.4.27-10sarge3_all.deb Size/MD5 checksum: 31033502 47eb2bd29ad34555156eac2ec8160cd4 http://security.debian.org/pool/updates/main/k/kernel-source-2.4.27/kernel-tree-2.4.27_2.4.27-10sarge3_all.deb Size/MD5 checksum: 26664 88c43bac04065e47b6486bed94692e9e http://security.debian.org/pool/updates/main/k/kernel-source-2.4.27/kernel-doc-2.4.27_2.4.27-10sarge3_all.deb Size/MD5 checksum: 3580108 9542a6368e1668c0b3dd5529ba9c80f0 http://security.debian.org/pool/updates/main/s/systemimager/systemimager-server_3.2.3-6sarge2_all.deb Size/MD5 checksum: 116802 a73dc8e6bb5119c7679d97d13b94cbc8 http://security.debian.org/pool/updates/main/s/systemimager/systemimager-common_3.2.3-6sarge2_all.deb Size/MD5 checksum: 30730 7cafd2b593e33cd0cb1ed5577a63142a http://security.debian.org/pool/updates/main/k/kernel-image-speakup-i386/kernel-doc-2.4.27-speakup_2.4.27-1.1sarge2_all.deb Size/MD5 checksum: 2419762 5e9e5072a78be7f12f2a499ee1116268 http://security.debian.org/pool/updates/main/s/systemimager/systemimager-server-flamethrowerd_3.2.3-6sarge2_all.deb Size/MD5 checksum: 15944 00be5d0f60f2e89dec74ec2a76310638 http://security.debian.org/pool/updates/main/k/kernel-source-2.4.27/kernel-patch-debian-2.4.27_2.4.27-10sarge3_all.deb Size/MD5 checksum: 689772 9054c12e58f6b8c6d7f6055e94e3e2b3 http://security.debian.org/pool/updates/main/s/systemimager/systemimager-doc_3.2.3-6sarge2_all.deb Size/MD5 checksum: 631336 01476ba30e300b6b91a9a1a5d5c7f16b http://security.debian.org/pool/updates/main/s/systemimager/systemimager-boot-ia64-standard_3.2.3-6sarge2_all.deb Size/MD5 checksum: 9545000 c225981a19829b44b8b2e61beea177c2 Alpha architecture: http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-alpha/kernel-headers-2.4.27-3-generic_2.4.27-10sarge3_alpha.+deb Size/MD5 checksum: 272284 56ec516e9425c915a04a2a7184d15192 http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-alpha/kernel-image-2.4.27-3-generic_2.4.27-10sarge3_alpha.de+b Size/MD5 checksum: 16521602 4975ec76eb158179d36de7746cab88ba http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-alpha/kernel-image-2.4.27-3-smp_2.4.27-10sarge3_alpha.deb Size/MD5 checksum: 16966302 9bb2d088907ead2c2e689c139e945ef9 http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-alpha/kernel-headers-2.4.27-3_2.4.27-10sarge3_alpha.deb Size/MD5 checksum: 4573588 ad755c6e0a640be87f44d0eeb3cb0b9d http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-alpha/kernel-build-2.4.27-3_2.4.27-10sarge3_alpha.deb Size/MD5 checksum: 6930 5af591a1a57ca5b7b5ce7af39d0c30f8 http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-alpha/kernel-headers-2.4.27-3-smp_2.4.27-10sarge3_alpha.deb Size/MD5 checksum: 274064 b675644b9520620077d740f5033e311c ARM architecture: http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-arm/kernel-image-2.4.27-riscpc_2.4.27-2sarge3_arm.deb Size/MD5 checksum: 3145470 0e5c53017bbb7a84d554c1b6e60a0f6a http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-arm/kernel-image-2.4.27-riscstation_2.4.27-2sarge3_arm.deb Size/MD5 checksum: 3668438 2c00f060b5f4a599b1509e5625d766c1 http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-arm/kernel-image-2.4.27-netwinder_2.4.27-2sarge3_arm.deb Size/MD5 checksum: 7331276 8ded6d50afd88d04fd9b601586509d32 http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-arm/kernel-build-2.4.27_2.4.27-2sarge3_arm.deb Size/MD5 checksum: 465160 61a35d05b6e9617ea9cec7ecc3ada43c http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-arm/kernel-image-2.4.27-bast_2.4.27-2sarge3_arm.deb Size/MD5 checksum: 1692044 73cb9319b752cc5eaca4849e20edf6ed http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-arm/kernel-headers-2.4.27_2.4.27-2sarge3_arm.deb Size/MD5 checksum: 4658994 b790e6512cd56ac98a1d9b5539c9d5b6 http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-arm/kernel-image-2.4.27-lart_2.4.27-2sarge3_arm.deb Size/MD5 checksum: 1056874 a03e9282e21db6a8094c8f2432a88e09 Intel IA-32 architecture: http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-i386/kernel-image-2.4.27-3-k7_2.4.27-10sarge3_i386.deb Size/MD5 checksum: 12087676 c53fd67452bade39a41a4d07b1ddbd26 http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-i386/kernel-pcmcia-modules-2.4.27-3-386_2.4.27-10sarge3_i386+.deb Size/MD5 checksum: 268890 b867a4d295e544fff9f5f0aa2a660762 http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-i386/kernel-image-2.4.27-3-k6_2.4.27-10sarge3_i386.deb Size/MD5 checksum: 11713818 a039669989458b154e77063b9f2cd05e http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-i386/kernel-pcmcia-modules-2.4.27-3-686-smp_2.4.27-10sarge3_+i386.deb Size/MD5 checksum: 305120 bcbd70a2fc6c58ecf1ff373e398069bd http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-i386/kernel-headers-2.4.27-3-k7-smp_2.4.27-10sarge3_i386.deb Size/MD5 checksum: 300776 cba2acbaa7a11221bf20476dec02cc2c http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-i386/kernel-image-2.4.27-3-686_2.4.27-10sarge3_i386.deb Size/MD5 checksum: 12340196 bb4547bd7a55cf5a863faf0eb787af72 http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-i386/kernel-build-2.4.27-3_2.4.27-10sarge3_i386.deb Size/MD5 checksum: 9460 a52b72284e9b2ac4ea7249b9889dae97 http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-i386/kernel-pcmcia-modules-2.4.27-3-k7_2.4.27-10sarge3_i386.+deb Size/MD5 checksum: 293320 0cfddb9db531337f9220c787e2916002 http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-i386/kernel-headers-2.4.27-3-686_2.4.27-10sarge3_i386.deb Size/MD5 checksum: 299132 cf2755d7c9628bf753d4f9fc59df37f6 http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-i386/kernel-image-2.4.27-3-686-smp_2.4.27-10sarge3_i386.deb Size/MD5 checksum: 12682330 64e091ae35b42450a3f0af1af1b1cc17 http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-i386/kernel-headers-2.4.27-3-386_2.4.27-10sarge3_i386.deb Size/MD5 checksum: 298354 03343347f66f3ebae64348769a8e7085 http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-i386/kernel-headers-2.4.27-3-586tsc_2.4.27-10sarge3_i386.deb Size/MD5 checksum: 298796 d5474dcad0aa041fa1bebffa5531a4cb http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-i386/kernel-headers-2.4.27-3-k6_2.4.27-10sarge3_i386.deb Size/MD5 checksum: 298168 29f6f0af6edcc6fdc7b34fd33b4b45a6 http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-i386/kernel-pcmcia-modules-2.4.27-3-k7-smp_2.4.27-10sarge3_i+386.deb Size/MD5 checksum: 298236 251b20906cabdabc2689f8fad6238485 http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-i386/kernel-image-2.4.27-3-386_2.4.27-10sarge3_i386.deb Size/MD5 checksum: 11049672 7c1d176724d5af7ef5d92cf91a4b3a24 http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-i386/kernel-headers-2.4.27-3-686-smp_2.4.27-10sarge3_i386.de+b Size/MD5 checksum: 300914 012fa2195bea70f63022c38ee8ece1b8 http://security.debian.org/pool/updates/main/f/fai-kernels/fai-kernels_1.9.1sarge2_i386.deb Size/MD5 checksum: 11992030 37b9f69b34c25ffd7f79c3dccb1c2b86 http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-i386/kernel-headers-2.4.27-3_2.4.27-10sarge3_i386.deb Size/MD5 checksum: 1824238 b412dad8e3fa8ffbb88f9e24b720682c http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-i386/kernel-pcmcia-modules-2.4.27-3-586tsc_2.4.27-10sarge3_i+386.deb Size/MD5 checksum: 293678 293d14c82e8f2dc12d75d9ffbf07a497 http://security.debian.org/pool/updates/main/k/kernel-image-speakup-i386/kernel-headers-2.4.27-speakup_2.4.27-1.1sarge2_i386.de+b Size/MD5 checksum: 4771964 810af192d449f6437de9c7b92bfc8f70 http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-i386/kernel-image-2.4.27-3-k7-smp_2.4.27-10sarge3_i386.deb Size/MD5 checksum: 12420578 5699a644c8305231c6ff00ca615bc79a http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-i386/kernel-headers-2.4.27-3-k7_2.4.27-10sarge3_i386.deb Size/MD5 checksum: 299016 8269e91daebb2aca7b360c15a41fa060 http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-i386/kernel-image-2.4.27-3-586tsc_2.4.27-10sarge3_i386.deb Size/MD5 checksum: 12024800 595b16fd83e6ca0ca9b3b4df82934f72 http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-i386/kernel-pcmcia-modules-2.4.27-3-k6_2.4.27-10sarge3_i386.+deb Size/MD5 checksum: 287484 80953396a754c47e76dc9c034fb2caab http://security.debian.org/pool/updates/main/m/mindi-kernel/mindi-kernel_2.4.27-2sarge2_i386.deb Size/MD5 checksum: 7766984 0f4f4f9d1a0bc59ae4a2bf51734cfdfa http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-i386/kernel-pcmcia-modules-2.4.27-3-686_2.4.27-10sarge3_i386+.deb Size/MD5 checksum: 299566 6165de4b3a2f79b3983d826f490f6c58 http://security.debian.org/pool/updates/main/k/kernel-image-speakup-i386/kernel-image-2.4.27-speakup_2.4.27-1.1sarge2_i386.deb Size/MD5 checksum: 11303960 3519c2d9f88bcbbe6cd1a793bc21a092 Intel IA-64 architecture: http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-ia64/kernel-headers-2.4.27-3-mckinley-smp_2.4.27-10sarge3_ia+64.deb Size/MD5 checksum: 241990 1de0bc8938c45fdc763edc8b5be16dbb http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-ia64/kernel-headers-2.4.27-3-mckinley_2.4.27-10sarge3_ia64.d+eb Size/MD5 checksum: 240416 d711a15e48958eaf0b0cffdb9afbe33b http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-ia64/kernel-image-2.4.27-3-mckinley_2.4.27-10sarge3_ia64.deb Size/MD5 checksum: 16623356 6f87ed371e352b5ef736eeb9aea9b1e3 http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-ia64/kernel-image-2.4.27-3-itanium-smp_2.4.27-10sarge3_ia64.+deb Size/MD5 checksum: 17020414 9748928c4403f7d1f708e4f1659ee56b http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-ia64/kernel-headers-2.4.27-3-itanium-smp_2.4.27-10sarge3_ia6+4.deb Size/MD5 checksum: 241792 3f041268f31bbc7c13bb41f4b9b254d5 http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-ia64/kernel-image-2.4.27-3-mckinley-smp_2.4.27-10sarge3_ia64+.deb Size/MD5 checksum: 16980154 c21794a39eae3611d166574bc4d6c946 http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-ia64/kernel-image-2.4-mckinley-smp_2.4.27-10sarge3_ia64.deb Size/MD5 checksum: 6188 510517c085a54b7f62b21fa549a28254 http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-ia64/kernel-image-2.4-itanium-smp_2.4.27-10sarge3_ia64.deb Size/MD5 checksum: 6154 0ffa2668983b76eb117180f4127f443f http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-ia64/kernel-image-2.4.27-3-itanium_2.4.27-10sarge3_ia64.deb Size/MD5 checksum: 16670542 5a5fc027a7ed1ea22de65134816ac27e http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-ia64/kernel-build-2.4.27-3_2.4.27-10sarge3_ia64.deb Size/MD5 checksum: 6372 9091687f1ccdd0a95238d4d8bf7a36b4 http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-ia64/kernel-image-2.4-itanium_2.4.27-10sarge3_ia64.deb Size/MD5 checksum: 6150 6862682a204020d9be7c3c7a24b58022 http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-ia64/kernel-headers-2.4.27-3_2.4.27-10sarge3_ia64.deb Size/MD5 checksum: 4688294 fec3cf9e850845e1339b39eaadbfe411 http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-ia64/kernel-headers-2.4.27-3-itanium_2.4.27-10sarge3_ia64.de+b Size/MD5 checksum: 240852 525e38de6f834e7112097c26da92b929 http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-ia64/kernel-image-2.4-mckinley_2.4.27-10sarge3_ia64.deb Size/MD5 checksum: 6178 c756f53c98ab21e53f097b2859433591 Motorola 680x0 architecture: http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-m68k/kernel-image-2.4.27-mvme16x_2.4.27-3sarge3_m68k.deb Size/MD5 checksum: 2395830 74f11a8ca02e8a1cc776bf950e1d346b http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-m68k/kernel-image-2.4.27-mac_2.4.27-3sarge3_m68k.deb Size/MD5 checksum: 2476584 4baad67d5c9bac3ee608a1f5b1d4dce0 http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-m68k/kernel-image-2.4.27-amiga_2.4.27-3sarge3_m68k.deb Size/MD5 checksum: 2638370 76fcbcdc52016ae4feeafa765a3fc761 http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-m68k/kernel-image-2.4.27-q40_2.4.27-3sarge3_m68k.deb Size/MD5 checksum: 2261274 baacace88b258a02d89ee5158269dc90 http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-m68k/kernel-image-2.4.27-mvme147_2.4.27-3sarge3_m68k.deb Size/MD5 checksum: 2324432 202215777ec6ddca992a02551578bd20 http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-m68k/kernel-image-2.4.27-atari_2.4.27-3sarge3_m68k.deb Size/MD5 checksum: 2543516 00b54f06d0e048692fec00cc8f888cf3 http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-m68k/kernel-image-2.4.27-bvme6000_2.4.27-3sarge3_m68k.deb Size/MD5 checksum: 2395344 9326ce159e507c20e26fc4aa4ec9fa61 Big endian MIPS architecture: http://security.debian.org/pool/updates/main/k/kernel-patch-2.4.27-mips/kernel-image-2.4.27-r5k-ip22_2.4.27-10.sarge3.040815-1_+mips.deb Size/MD5 checksum: 3852294 0b6ccfb76fed8400f453953d7421c2a6 http://security.debian.org/pool/updates/main/k/kernel-patch-2.4.27-mips/kernel-image-2.4.27-r4k-ip22_2.4.27-10.sarge3.040815-1_+mips.deb Size/MD5 checksum: 3849540 57d70bee7ad3a52c2e41296a4b660748 http://security.debian.org/pool/updates/main/k/kernel-patch-2.4.27-mips/kernel-headers-2.4.27_2.4.27-10.sarge3.040815-1_mips.de+b Size/MD5 checksum: 4681678 76bfca90e34781e213f64d92e412f7d2 http://security.debian.org/pool/updates/main/k/kernel-patch-2.4.27-mips/kernel-image-2.4.27-sb1-swarm-bn_2.4.27-10.sarge3.04081+5-1_mips.deb Size/MD5 checksum: 7177648 16b29faa543ea16b0f0b1e4b79bcca92 http://security.debian.org/pool/updates/main/k/kernel-patch-2.4.27-mips/mips-tools_2.4.27-10.sarge3.040815-1_mips.deb Size/MD5 checksum: 19330 f81dbe5f0089f55ccffdb5160fc14529 Little endian MIPS architecture: http://security.debian.org/pool/updates/main/k/kernel-patch-2.4.27-mips/kernel-image-2.4.27-sb1-swarm-bn_2.4.27-10.sarge3.04081+5-1_mipsel.deb Size/MD5 checksum: 7040154 219d79c89034cc245aaedcc09c077253 http://security.debian.org/pool/updates/main/k/kernel-patch-2.4.27-mips/mips-tools_2.4.27-10.sarge3.040815-1_mipsel.deb Size/MD5 checksum: 19372 f882ee84e76926b99370922778731da6 http://security.debian.org/pool/updates/main/k/kernel-patch-2.4.27-mips/kernel-image-2.4.27-r3k-kn02_2.4.27-10.sarge3.040815-1_+mipsel.deb Size/MD5 checksum: 3031408 2e21dc55f4e6c7d8e31485cab88b52a9 http://security.debian.org/pool/updates/main/k/kernel-patch-2.4.27-mips/kernel-image-2.4.27-r4k-kn04_2.4.27-10.sarge3.040815-1_+mipsel.deb Size/MD5 checksum: 2991822 83720b4706c20d32513fdc764e19a3db http://security.debian.org/pool/updates/main/k/kernel-patch-2.4.27-mips/kernel-headers-2.4.27_2.4.27-10.sarge3.040815-1_mipsel.+deb Size/MD5 checksum: 4686362 1e70d957d920f262ad64af693ead756d http://security.debian.org/pool/updates/main/k/kernel-patch-2.4.27-mips/kernel-image-2.4.27-r5k-cobalt_2.4.27-10.sarge3.040815-+1_mipsel.deb Size/MD5 checksum: 4102944 4dcc900ca58f7d7e69f0020bb3237dda http://security.debian.org/pool/updates/main/k/kernel-patch-2.4.27-mips/kernel-image-2.4.27-r5k-lasat_2.4.27-10.sarge3.040815-1+_mipsel.deb Size/MD5 checksum: 2137112 45fe0699fea23090cc4bc9368c6060e9 http://security.debian.org/pool/updates/main/k/kernel-patch-2.4.27-mips/kernel-image-2.4.27-xxs1500_2.4.27-10.sarge3.040815-1_m+ipsel.deb Size/MD5 checksum: 4670600 64746373b5c99a31c486fb360ec9048c PowerPC architecture: http://security.debian.org/pool/updates/main/k/kernel-patch-powerpc-2.4.27/kernel-build-2.4.27-powerpc_2.4.27-10sarge3_powerpc.+deb Size/MD5 checksum: 155366 c357bb9b9fe6ce282b9bba63a0bdaec4 http://security.debian.org/pool/updates/main/k/kernel-patch-powerpc-2.4.27/kernel-image-2.4.27-powerpc_2.4.27-10sarge3_powerpc.+deb Size/MD5 checksum: 13478728 3e7a96afb9b6bb0618a69d490d3df3e6 http://security.debian.org/pool/updates/main/k/kernel-patch-powerpc-2.4.27/kernel-headers-2.4.27-powerpc_2.4.27-10sarge3_powerp+c.deb Size/MD5 checksum: 4800960 668fb5a82d4ac36e66da1abff65e531f http://security.debian.org/pool/updates/main/k/kernel-patch-powerpc-2.4.27/kernel-image-2.4.27-powerpc-small_2.4.27-10sarge3_po+werpc.deb Size/MD5 checksum: 12750476 7f6aa3d1cc7c8990cf5ca2d8f5d5c128 http://security.debian.org/pool/updates/main/k/kernel-patch-powerpc-2.4.27/kernel-patch-2.4.27-powerpc_2.4.27-10sarge3_powerpc.+deb Size/MD5 checksum: 9868 61edb2922c82b932b5a51aabd4e3e962 http://security.debian.org/pool/updates/main/k/kernel-patch-powerpc-2.4.27/kernel-patch-2.4.27-apus_2.4.27-10sarge3_powerpc.deb Size/MD5 checksum: 66712 0f1a666913413ccac067b519949b64be http://security.debian.org/pool/updates/main/k/kernel-patch-powerpc-2.4.27/kernel-headers-2.4.27-apus_2.4.27-10sarge3_powerpc.d+eb Size/MD5 checksum: 4683234 1dc1ed36b3052d676aece64519c79067 http://security.debian.org/pool/updates/main/k/kernel-patch-powerpc-2.4.27/kernel-build-2.4.27-nubus_2.4.27-10sarge3_powerpc.de+b Size/MD5 checksum: 141276 627427945710a84e25f9a6e81cf52871 http://security.debian.org/pool/updates/main/k/kernel-patch-powerpc-2.4.27/kernel-image-2.4.27-nubus_2.4.27-10sarge3_powerpc.de+b Size/MD5 checksum: 1817290 168aae93e0888603a192acfb55c17ea4 http://security.debian.org/pool/updates/main/k/kernel-patch-powerpc-2.4.27/kernel-image-2.4.27-apus_2.4.27-10sarge3_powerpc.deb Size/MD5 checksum: 2499398 6c3464992e5fd4f0c76bd6e456603b69 http://security.debian.org/pool/updates/main/k/kernel-patch-powerpc-2.4.27/kernel-build-2.4.27-powerpc-smp_2.4.27-10sarge3_powe+rpc.deb Size/MD5 checksum: 155380 29ef8c314e3ff4ad80a159e336f30cdd http://security.debian.org/pool/updates/main/k/kernel-patch-powerpc-2.4.27/kernel-build-2.4.27-apus_2.4.27-10sarge3_powerpc.deb Size/MD5 checksum: 141508 23beb8633e1bc6c71cd7c85549ddc547 http://security.debian.org/pool/updates/main/k/kernel-patch-powerpc-2.4.27/kernel-headers-2.4.27-nubus_2.4.27-10sarge3_powerpc.+deb Size/MD5 checksum: 4693350 489de2e942db258045c9a759940ae7a7 http://security.debian.org/pool/updates/main/k/kernel-patch-powerpc-2.4.27/kernel-patch-2.4.27-nubus_2.4.27-10sarge3_powerpc.de+b Size/MD5 checksum: 9944 b5f469592bb45ae907c251aa762e5cdb http://security.debian.org/pool/updates/main/k/kernel-patch-powerpc-2.4.27/kernel-image-2.4.27-powerpc-smp_2.4.27-10sarge3_powe+rpc.deb Size/MD5 checksum: 13785644 b44ad17d6469962e8ad89a36e0069b0a http://security.debian.org/pool/updates/main/k/kernel-patch-powerpc-2.4.27/kernel-build-2.4.27-powerpc-small_2.4.27-10sarge3_po+werpc.deb Size/MD5 checksum: 155614 df66fe84dfcd04edc663ecfc295d5a60 IBM S/390 architecture: http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-s390/kernel-image-2.4.27-3-s390-tape_2.4.27-2sarge3_s390.deb Size/MD5 checksum: 993502 707589c970f190bed95035dad442b9d3 http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-s390/kernel-headers-2.4.27-3_2.4.27-2sarge3_s390.deb Size/MD5 checksum: 4578888 53c705bdfebbd3e6985807f041e94612 http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-s390/kernel-image-2.4.27-3-s390x_2.4.27-2sarge3_s390.deb Size/MD5 checksum: 2970498 9c2e84a24bb629db2544929cf19f2087 http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-s390/kernel-image-2.4.27-3-s390_2.4.27-2sarge3_s390.deb Size/MD5 checksum: 2778530 d7d6115aa9292ff635476cd2b17bf499 Sun Sparc architecture: http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-sparc/kernel-headers-2.4.27-3_2.4.27-9sarge3_sparc.deb Size/MD5 checksum: 2024732 192d85db979604781d849025a1f44ef2 http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-sparc/kernel-image-2.4.27-3-sparc64-smp_2.4.27-9sarge3_sparc+.deb Size/MD5 checksum: 6546074 5865128021dbbc98f9a6c20e6fc574d9 http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-sparc/kernel-image-2.4.27-3-sparc64_2.4.27-9sarge3_sparc.deb Size/MD5 checksum: 6379672 b308de13ac8b140e4a4d06ccd500b9e6 http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-sparc/kernel-image-2.4.27-3-sparc32-smp_2.4.27-9sarge3_sparc+.deb Size/MD5 checksum: 3787334 543e98f2a917fbc57bf8a02c580491eb http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-sparc/kernel-headers-2.4.27-3-sparc32-smp_2.4.27-9sarge3_spa+rc.deb Size/MD5 checksum: 165654 db2c3fd02eb51afbc1ccc98152a25784 http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-sparc/kernel-headers-2.4.27-3-sparc64_2.4.27-9sarge3_sparc.d+eb Size/MD5 checksum: 202328 7df862f501733bef8450ba2bacc97b2a http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-sparc/kernel-headers-2.4.27-3-sparc64-smp_2.4.27-9sarge3_spa+rc.deb Size/MD5 checksum: 203806 5f0bc79951ced443e6ef009010b679f2 http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-sparc/kernel-headers-2.4.27-3-sparc32_2.4.27-9sarge3_sparc.d+eb Size/MD5 checksum: 163860 ccb65e6e653600dfdbe81fb9f0839789 http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-sparc/kernel-build-2.4.27-3_2.4.27-9sarge3_sparc.deb Size/MD5 checksum: 9496 00a3aaa8a2c3cb84274e1155d0663fd1 http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-sparc/kernel-image-2.4.27-3-sparc32_2.4.27-9sarge3_sparc.deb Size/MD5 checksum: 3601802 050ad637bd78c94c8819e553a50b51ae These files will probably be moved into the stable distribution on its next update. - --------------------------------------------------------------------------------- For apt-get: deb http://security.debian.org/ stable/updates main For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main Mailing list: debian-security-announce at lists.debian.org Package info: `apt-cache show ' and http://packages.debian.org/ ====================================================================== ========================================================= Les serveurs de référence du CERT-Renater http://www.urec.fr/securite http://www.cru.fr/securite http://www.renater.fr ========================================================= + CERT-RENATER | tel : 01-53-94-20-44 + + 151 bd de l'Hopital | fax : 01-53-94-20-41 + + 75013 Paris | email: certsvp@renater.fr + =========================================================