-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Format: 1.8
Date: Sat, 27 Nov 2010 10:02:00 -0700
Source: user-mode-linux
Binary: user-mode-linux
Architecture: amd64
Version: 2.6.26-1um-2+26lenny1
Distribution: stable-security
Urgency: high
Maintainer: amd64 Builddd Daemon (barber) <buildd_amd64-barber@buildd.debian.org>
Changed-By: dann frazier <dannf@debian.org>
Description: 
 user-mode-linux - User-mode Linux (kernel)
Changes: 
 user-mode-linux (2.6.26-1um-2+26lenny1) stable-security; urgency=high
 .
   * Rebuild against linux-source-2.6.26 (2.6.26-26lenny1):
     * net sched: fix kernel leak in act_police (CVE-2010-3477)
     * aio: check for multiplication overflow in do_io_submit (CVE-2010-3067)
     * cxgb3: prevent reading uninitialized stack memory (CVE-2010-3296)
     * eql: prevent reading uninitialized stack memory (CVE-2010-3297)
     * rose: Fix signedness issues wrt. digi count (CVE-2010-3310)
     * sctp: Do not reset the packet during sctp_packet_config() (CVE-2010-3432)
     * Fix pktcdvd ioctl dev_minor range check (CVE-2010-3437)
     * ALSA: prevent heap corruption in snd_ctl_new() (CVE-2010-3442)
     * thinkpad-acpi: lock down video output state access (CVE-2010-3448)
     * sctp: Fix out-of-bounds reading in sctp_asoc_get_hmac() (CVE-2010-3705)
     * setup_arg_pages: diagnose excessive argument size (CVE-2010-3858)
     * X.25: memory corruption in X.25 facilities parsing (CVE-2010-3873)
     * sys_semctl: fix kernel stack leakage (CVE-2010-4083)
     * ALSA: rme9652: prevent reading uninitialized stack memory
     (CVE-2010-4080, CVE-2010-4081)
     * V4L/DVB: ivtvfb: prevent reading uninitialized stack memory
     (CVE-2010-4079)
     * video/sis: prevent reading uninitialized stack memory (CVE-2010-4078)
     * X.25: Prevent crashing when parsing bad X.25 facilities (CVE-2010-4164)
     * v4l1: fix 32-bit compat microcode loading translation (CVE-2010-2963)
     * net: Mitigate overflow issues
      - Truncate recvfrom and sendto length to INT_MAX.
      - Limit socket I/O iovec total length to INT_MAX.
      - Resolves kernel heap overflow in the TIPC protcol (CVE-2010-3859)
     * net: ax25: fix information leak to userland (CVE-2010-3875)
     * can-bcm: fix minor heap overflow (CVE-2010-3874)
     * net: packet: fix information leak to userland (CVE-2010-3876)
     * net: tipc: fix information leak to userland (CVE-2010-3877)
     * inet_diag: Make sure we actually run the same bytecode we audited
     (CVE-2010-3880)
     * ipc: shm: fix information leak to userland (CVE-2010-4072)
     * ipc: initialize structure memory to zero for compat functions
     (CVE-2010-4073)
     * USB: serial/mos*: prevent reading uninitialized stack memory
     (CVE-2010-4074)
     * [SCSI] gdth: integer overflow in ioctl (CVE-2010-4157)
     * econet: Avoid stack overflow w/ large msgiovlen (CVE-2010-3848)
     * econet: disallow NULL remote addr for sendmsg() (CVE-2010-3849)
     * econet: Add mising CAP_NET_ADMIN check in SIOCSIFADDR (CVE-2010-3850)
Checksums-Sha1: 
 2b6e1e7438e2d23b9a47228e26fa58d324231248 5839250 user-mode-linux_2.6.26-1um-2+26lenny1_amd64.deb
Checksums-Sha256: 
 075c1fa504b708d11794c23c95c75681fb9d882670b79b9336db62e1ccad968c 5839250 user-mode-linux_2.6.26-1um-2+26lenny1_amd64.deb
Files: 
 c9a194ad650e7776a9f3e4162f443486 5839250 misc extra user-mode-linux_2.6.26-1um-2+26lenny1_amd64.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)

iQIcBAEBCAAGBQJM8a66AAoJEBv4PF5U/IZATFMP/1UgqT78sDAEZyfbM+8g0JKx
8qh5nIepduBA92m3LMc0RmY8KSGJ6c03/Mr1ey2hKHjR+E5mT/aC9el+JVRdN+rl
DO/toBnD+eLLh5SJsn97FXILD9I/Y9+J/4eohwYgjfGxh5fsgD9TQV5Z0QYF6wfd
hclEmnPiAGqra5b9BUyXd0ghjHvSFMxFxq+WG1CRBlw4Vn5oSNPGUULgKXnpJTJn
lPV7h7oP4XpvvlNMrkU28GO66YiFSJBKG81kUrZkq8rfSvx98HjcmTIrEeSxJ0j8
ciMFvaV8WDIaCAO+JHaKPxGlKiPvcFBfVpNr+108yo+EaiVAnSrK1M4zlqm1Z15a
s0SuAiCK1uzTN2lK9ACOj7PWI5d+FHkYb7CCWhYgKaqN4EjkSQqhMTE/34EG2w5g
8rNCl6PK6I6JTaT1hOqgRcnPNF/M4U1UmB7QWLEm3FZy8CzT7i75GaNoewhi2ocA
oi9eCFeMog+gmrTp2aqGcGNK7u1rgpcMdmTsqmUS9yb7x4zY13QpNk8a7uzfmXH2
CGzy45xyLFBWxu822sEoAnpGgAaRT8ABMaAsN1UzHBoi2l3+Y2Bi6AkR4SjTAxfM
fY49fuPOe3sqZ299di9h2dBC19PpKpofwlqGMhU0v9GgesnaOQMeyA+A02JLjscG
FUVWvFaigpbFu0cIT53a
=P1JP
-----END PGP SIGNATURE-----