-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Format: 1.8
Date: Sat, 27 Nov 2010 10:02:00 -0700
Source: user-mode-linux
Binary: user-mode-linux
Architecture: source i386
Version: 2.6.26-1um-2+26lenny1
Distribution: stable-security
Urgency: high
Maintainer: User Mode Linux Maintainers <pkg-uml-pkgs@lists.alioth.debian.org>
Changed-By: dann frazier <dannf@debian.org>
Description: 
 user-mode-linux - User-mode Linux (kernel)
Changes: 
 user-mode-linux (2.6.26-1um-2+26lenny1) stable-security; urgency=high
 .
   * Rebuild against linux-source-2.6.26 (2.6.26-26lenny1):
     * net sched: fix kernel leak in act_police (CVE-2010-3477)
     * aio: check for multiplication overflow in do_io_submit (CVE-2010-3067)
     * cxgb3: prevent reading uninitialized stack memory (CVE-2010-3296)
     * eql: prevent reading uninitialized stack memory (CVE-2010-3297)
     * rose: Fix signedness issues wrt. digi count (CVE-2010-3310)
     * sctp: Do not reset the packet during sctp_packet_config() (CVE-2010-3432)
     * Fix pktcdvd ioctl dev_minor range check (CVE-2010-3437)
     * ALSA: prevent heap corruption in snd_ctl_new() (CVE-2010-3442)
     * thinkpad-acpi: lock down video output state access (CVE-2010-3448)
     * sctp: Fix out-of-bounds reading in sctp_asoc_get_hmac() (CVE-2010-3705)
     * setup_arg_pages: diagnose excessive argument size (CVE-2010-3858)
     * X.25: memory corruption in X.25 facilities parsing (CVE-2010-3873)
     * sys_semctl: fix kernel stack leakage (CVE-2010-4083)
     * ALSA: rme9652: prevent reading uninitialized stack memory
     (CVE-2010-4080, CVE-2010-4081)
     * V4L/DVB: ivtvfb: prevent reading uninitialized stack memory
     (CVE-2010-4079)
     * video/sis: prevent reading uninitialized stack memory (CVE-2010-4078)
     * X.25: Prevent crashing when parsing bad X.25 facilities (CVE-2010-4164)
     * v4l1: fix 32-bit compat microcode loading translation (CVE-2010-2963)
     * net: Mitigate overflow issues
      - Truncate recvfrom and sendto length to INT_MAX.
      - Limit socket I/O iovec total length to INT_MAX.
      - Resolves kernel heap overflow in the TIPC protcol (CVE-2010-3859)
     * net: ax25: fix information leak to userland (CVE-2010-3875)
     * can-bcm: fix minor heap overflow (CVE-2010-3874)
     * net: packet: fix information leak to userland (CVE-2010-3876)
     * net: tipc: fix information leak to userland (CVE-2010-3877)
     * inet_diag: Make sure we actually run the same bytecode we audited
     (CVE-2010-3880)
     * ipc: shm: fix information leak to userland (CVE-2010-4072)
     * ipc: initialize structure memory to zero for compat functions
     (CVE-2010-4073)
     * USB: serial/mos*: prevent reading uninitialized stack memory
     (CVE-2010-4074)
     * [SCSI] gdth: integer overflow in ioctl (CVE-2010-4157)
     * econet: Avoid stack overflow w/ large msgiovlen (CVE-2010-3848)
     * econet: disallow NULL remote addr for sendmsg() (CVE-2010-3849)
     * econet: Add mising CAP_NET_ADMIN check in SIOCSIFADDR (CVE-2010-3850)
Checksums-Sha1: 
 cfd5ce1a676467ebedfa95ef2ee7295bf44f18d2 1921 user-mode-linux_2.6.26-1um-2+26lenny1.dsc
 4c027175aa221935a2012a252812ffa70ddd1841 20365 user-mode-linux_2.6.26-1um-2+26lenny1.diff.gz
 95c42098fb96e9e1dc5f1c40849b8ca4fa1fcc07 5399852 user-mode-linux_2.6.26-1um-2+26lenny1_i386.deb
Checksums-Sha256: 
 d59146eaf020e25f0638622225e4c30fea7bfc27b1337f30ffe2b76819cfb10c 1921 user-mode-linux_2.6.26-1um-2+26lenny1.dsc
 3f36e034573fb5ffd3ad72ea9dd656fa6a38b7f578da4db85c1b18177df579f2 20365 user-mode-linux_2.6.26-1um-2+26lenny1.diff.gz
 267fd01989db73d595d17958612eea0786a2df110c013d11b94cd5ab4e471706 5399852 user-mode-linux_2.6.26-1um-2+26lenny1_i386.deb
Files: 
 34a2a357ee22c98ed81e965b71b21fd2 1921 misc extra user-mode-linux_2.6.26-1um-2+26lenny1.dsc
 726bbb024df640dc6624e1bb1ca2b408 20365 misc extra user-mode-linux_2.6.26-1um-2+26lenny1.diff.gz
 f717310ad2dbb22c392350de7ce5d797 5399852 misc extra user-mode-linux_2.6.26-1um-2+26lenny1_i386.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)

iQIcBAEBCAAGBQJM8VAmAAoJEBv4PF5U/IZAaEgQAITD2v6Mln3hzVjLyIKOEb8v
dJgpBcD9DxkRipoRtn0ta+5b9l0ggY0AcDrDOTRTYY3DavmC5i/lfemgpVCTOdiy
Mg+Lte6nK2YDTYb235o+M2qPaQWHlXKBS/mZRn/rUspf6D+r/QOyeWtO80rZiXpd
pOkIekywt1wC2uFHJASvTSPyy06BQBiIRL+rP1Z3FEh8gVhd2+S2cEQnrDlOVJy5
xvI4Woafz6sTRvX2EtltmOy0fISrQDgX1O5uja5rbAyyR8FSnLwFvDqko/bEKvL8
7r+5y5b+DZmkiPHvOyqZbWIZgol9ygsrHDl1YgspitHL2gubs9vMcsTgr0Le1mid
1wPAyz6FkothKelg1e2H9xGqxhxlSUOphhH4EQCRgY9YJWjDLf0nMoke5rMHV1CA
2nLyOIWhwOaBoQEFt8zo/jiZ8R4DdVyctpzFGeMxhVAnos9LdvZcnB0SE5B9oSQ+
a0BTOm9r68uJ5hTpSeS28MYLb1AsauHcsUvH6luZdGm/rOn+0FX8s5neX5twNp7f
YXedvpbQiJIizl1vA5Cm25dQiO6rvKVyXETBuuF4/TeyDBdVDF2hkUFsFFSAznNM
ojnRfZ4qNlzvu1r31XLqtHgwVGo5vqWbFtlUPLYQ0GIbzpeJ6WhLfKlhBo7w5Yhh
cYDKb73ebVa+lcUut3df
=am57
-----END PGP SIGNATURE-----