[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[SECURITY] [DSA 1504-1] New Linux kernel 2.6.8 packages fix several issues



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ------------------------------------------------------------------------
Debian Security Advisory DSA-1504                  security@xxxxxxxxxx
http://www.debian.org/security/                           dann frazier
February 22, 2008                   http://www.debian.org/security/faq
- ------------------------------------------------------------------------

Package        : kernel-source-2.6.8 (2.6.8-17sarge1)
Vulnerability  : several
Problem-Type   : local
Debian-specific: no
CVE ID         : CVE-2006-5823 CVE-2006-6054 CVE-2006-6058 CVE-2006-7203
                 CVE-2007-1353 CVE-2007-2172 CVE-2007-2525 CVE-2007-3105
                 CVE-2007-3739 CVE-2007-3740 CVE-2007-3848 CVE-2007-4133
                 CVE-2007-4308 CVE-2007-4573 CVE-2007-5093 CVE-2007-6063
                 CVE-2007-6151 CVE-2007-6206 CVE-2007-6694 CVE-2008-0007

Several local and remote vulnerabilities have been discovered in the Linux
kernel that may lead to a denial of service or the execution of arbitrary
code. The Common Vulnerabilities and Exposures project identifies the
following problems:

CVE-2006-5823

    LMH reported a potential local DoS which could be exploited by a malicious
    user with the privileges to mount and read a corrupted cramfs filesystem.

CVE-2006-6054

    LMH reported a potential local DoS which could be exploited by a malicious
    user with the privileges to mount and read a corrupted ext2 filesystem.

CVE-2006-6058

    LMH reported an issue in the minix filesystem that allows local users
    with mount privileges to create a DoS (printk flood) by mounting a
    specially crafted corrupt filesystem.

CVE-2006-7203

    OpenVZ Linux kernel team reported an issue in the smbfs filesystem which
    can be exploited by local users to cause a DoS (oops) during mount.

CVE-2007-1353

    Ilja van Sprundel discovered that kernel memory could be leaked via the
    Bluetooth setsockopt call due to an uninitialized stack buffer. This
    could be used by local attackers to read the contents of sensitive kernel
    memory.

CVE-2007-2172

    Thomas Graf reported a typo in the DECnet protocol handler that could
    be used by a local attacker to overrun an array via crafted packets,
    potentially resulting in a Denial of Service (system crash).
    A similar issue exists in the IPV4 protocol handler and will be fixed
    in a subsequent update.

CVE-2007-2525

    Florian Zumbiehl discovered a memory leak in the PPPOE subsystem caused
    by releasing a socket before PPPIOCGCHAN is called upon it. This could
    be used by a local user to DoS a system by consuming all available memory.

CVE-2007-3105

    The PaX Team discovered a potential buffer overflow in the random number
    generator which may permit local users to cause a denial of service or
    gain additional privileges. This issue is not believed to effect default
    Debian installations where only root has sufficient privileges to exploit
    it.

CVE-2007-3739

    Adam Litke reported a potential local denial of service (oops) on
    powerpc platforms resulting from unchecked VMA expansion into address
    space reserved for hugetlb pages.

CVE-2007-3740

    Steve French reported that CIFS filesystems with CAP_UNIX enabled 
    were not honoring a process' umask which may lead to unintentinally
    relaxed permissions.
    
CVE-2007-3848

    Wojciech Purczynski discovered that pdeath_signal was not being reset
    properly under certain conditions which may allow local users to gain
    privileges by sending arbitrary signals to suid binaries.

CVE-2007-4133

    Hugh Dickins discovered a potential local DoS (panic) in hugetlbfs.
    A misconversion of hugetlb_vmtruncate_list to prio_tree may allow
    local users to trigger a BUG_ON() call in exit_mmap.

CVE-2007-4308

    Alan Cox reported an issue in the aacraid driver that allows unprivileged
    local users to make ioctl calls which should be restricted to admin
    privileges.

CVE-2007-4573

    Wojciech Purczynski discovered a vulnerability that can be exploited
    by a local user to obtain superuser privileges on x86_64 systems.
    This resulted from improper clearing of the high bits of registers
    during ia32 system call emulation. This vulnerability is relevant
    to the Debian amd64 port as well as users of the i386 port who run
    the amd64 linux-image flavour.

CVE-2007-5093

    Alex Smith discovered an issue with the pwc driver for certain webcam
    devices. If the device is removed while a userspace application has it
    open, the driver will wait for userspace to close the device, resulting
    in a blocked USB subsystem. This issue is of low security impact as
    it requires the attacker to either have physical access to the system
    or to convince a user with local access to remove the device on their
    behalf.
    
CVE-2007-6063

    Venustech AD-LAB discovered a a buffer overflow in the isdn ioctl
    handling, exploitable by a local user.

CVE-2007-6151

    ADLAB discovered a possible memory overrun in the ISDN subsystem that
    may permit a local user to overwrite kernel memory leading by issuing
    ioctls with unterminated data.

CVE-2007-6206

    Blake Frantz discovered that when a core file owned by a non-root user
    exists, and a root-owned process dumps core over it, the core file
    retains its original ownership. This could be used by a local user to
    gain access to sensitive information.

CVE-2007-6694

    Cyrill Gorcunov reported a NULL pointer dereference in code specific
    to the CHRP PowerPC platforms. Local users could exploit this issue
    to achieve a Denial of Service (DoS).

CVE-2008-0007

    Nick Piggin of SuSE discovered a number of issues in subsystems which
    register a fault handler for memory mapped areas. This issue can be
    exploited by local users to achieve a Denial of Service (DoS) and possibly
    execute arbitrary code.

The following matrix lists additional packages that were rebuilt for
compatibility with or to take advantage of this update:

                                 Debian 3.1 (sarge)
     kernel-image-2.6.8-alpha    2.6.8-17sarge1
     kernel-image-2.6.8-amd64    2.6.8-17sarge1
     kernel-image-2.6.8-hppa     2.6.8-7sarge1
     kernel-image-2.6.8-i386     2.6.8-17sarge1
     kernel-image-2.6.8-ia64     2.6.8-15sarge1
     kernel-image-2.6.8-m68k     2.6.8-5sarge1
     kernel-image-2.6.8-s390     2.6.8-6sarge1
     kernel-image-2.6.8-sparc    2.6.8-16sarge1
     kernel-patch-powerpc-2.6.8  2.6.8-13sarge1
     fai-kernels                 1.9.1sarge8

We recommend that you upgrade your kernel package immediately and reboot
the machine. If you have built a custom kernel from the kernel source
package, you will need to rebuild to take advantage of these fixes.

Upgrade Instructions
- --------------------

wget url
        will fetch the file for you
dpkg -i file.deb
        will install the referenced file.

If you are using the apt-get package manager, use the line for
sources.list as given below:

apt-get update
        will update the internal database
apt-get upgrade
        will install corrected packages

Debian 3.1 (oldstable)
- ----------------------

Oldstable updates are available for alpha, amd64, hppa, i386, ia64, m68k, powerpc, s390 and sparc.

Source archives:

  http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-s390/kernel-image-2.6.8-s390_2.6.8-6sarge1.dsc
    Size/MD5 checksum:      846 4503eeaf9e1a21a9f220e2d9c31e0123
  http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-ia64/kernel-image-2.6.8-ia64_2.6.8-15sarge1.dsc
    Size/MD5 checksum:     1191 bfba4b91bbd166d14d0bace5ac137715
  http://security.debian.org/pool/updates/main/k/kernel-source-2.6.8/kernel-source-2.6.8_2.6.8-17sarge1.diff.gz
    Size/MD5 checksum:  1124155 d0e37e157fd2c4a9889222377ae6a956
  http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-s390/kernel-image-2.6.8-s390_2.6.8-6sarge1.tar.gz
    Size/MD5 checksum:    18572 fffdd006af1f26150eb6131f10c14c8f
  http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-hppa/kernel-image-2.6.8-hppa_2.6.8-7sarge1.tar.gz
    Size/MD5 checksum:    73206 97e4fadb9612c1a9ce969a0cbdc663f4
  http://security.debian.org/pool/updates/main/f/fai-kernels/fai-kernels_1.9.1sarge8.dsc
    Size/MD5 checksum:      621 fd5cf0a4b08aadf72cedb8029390fdeb
  http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-amd64/kernel-image-2.6.8-amd64_2.6.8-17sarge1.dsc
    Size/MD5 checksum:     1103 27f8b65b1acae74eac82f6484edbc5e5
  http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-alpha/kernel-image-2.6.8-alpha_2.6.8-17sarge1.tar.gz
    Size/MD5 checksum:    44625 4e68e046835cd0dce3ba2dc096f21924
  http://security.debian.org/pool/updates/main/k/kernel-patch-powerpc-2.6.8/kernel-patch-powerpc-2.6.8_2.6.8-13sarge1.tar.gz
    Size/MD5 checksum:    32565 406db278e655291be89254da5a4e15f8
  http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-hppa/kernel-image-2.6.8-hppa_2.6.8-7sarge1.dsc
    Size/MD5 checksum:     1013 defcdc70dd9d969ddfaed2819b341758
  http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-ia64/kernel-image-2.6.8-ia64_2.6.8-15sarge1.tar.gz
    Size/MD5 checksum:    69734 a5e62e3da21f1e89e1c7f76508de9673
  http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-amd64/kernel-image-2.6.8-amd64_2.6.8-17sarge1.tar.gz
    Size/MD5 checksum:    82008 c90b3a12c9bf77807d0d5c3ab6cf1567
  http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-m68k/kernel-image-2.6.8-m68k_2.6.8-5sarge1.tar.gz
    Size/MD5 checksum:    22997 75027ce480514543ad6d565d43890a3e
  http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-sparc/kernel-image-2.6.8-sparc_2.6.8-16sarge1.tar.gz
    Size/MD5 checksum:    32414 676fdb7a2c0cb66cd6c13a75b836f755
  http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-sparc/kernel-image-2.6.8-sparc_2.6.8-16sarge1.dsc
    Size/MD5 checksum:     1036 088234b948dd74a6c869f743a5346a54
  http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-alpha/kernel-image-2.6.8-alpha_2.6.8-17sarge1.dsc
    Size/MD5 checksum:      812 e12f4f68ee249f53bab5b4752d6b2795
  http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-i386/kernel-image-2.6.8-i386_2.6.8-17sarge1.tar.gz
    Size/MD5 checksum:    96384 bd4d726f97468d6cca1139cf80b1342a
  http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-i386/kernel-image-2.6.8-i386_2.6.8-17sarge1.dsc
    Size/MD5 checksum:     1047 80bb021a47b74d6b1e486c2bba6c55b8
  http://security.debian.org/pool/updates/main/k/kernel-source-2.6.8/kernel-source-2.6.8_2.6.8-17sarge1.dsc
    Size/MD5 checksum:     1002 0a956bc9d48251885d52d4b4d4b07310
  http://security.debian.org/pool/updates/main/k/kernel-patch-powerpc-2.6.8/kernel-patch-powerpc-2.6.8_2.6.8-13sarge1.dsc
    Size/MD5 checksum:     1071 39e866b6617c57f4acf7e06d3b7ae82e
  http://security.debian.org/pool/updates/main/f/fai-kernels/fai-kernels_1.9.1sarge8.tar.gz
    Size/MD5 checksum:    32434 ee1ef40c64f09bcdc25d9c9b7ea325e0
  http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-m68k/kernel-image-2.6.8-m68k_2.6.8-5sarge1.dsc
    Size/MD5 checksum:      874 9db0c07fe9a8cc114a82f3d4f8a209a9
  http://security.debian.org/pool/updates/main/k/kernel-source-2.6.8/kernel-source-2.6.8_2.6.8.orig.tar.gz
    Size/MD5 checksum: 43929719 0393c05ffa4770c3c5178b74dc7a4282

Architecture independent packages:

  http://security.debian.org/pool/updates/main/k/kernel-source-2.6.8/kernel-source-2.6.8_2.6.8-17sarge1_all.deb
    Size/MD5 checksum: 34955480 ece884d31c0a9bd290d467f00973252e
  http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-s390/kernel-patch-2.6.8-s390_2.6.8-6sarge1_all.deb
    Size/MD5 checksum:    16650 2304fae6c3d145826acea1403133ef98
  http://security.debian.org/pool/updates/main/k/kernel-source-2.6.8/kernel-tree-2.6.8_2.6.8-17sarge1_all.deb
    Size/MD5 checksum:    39758 12ee237ef5816a9c1f87697a0397802a
  http://security.debian.org/pool/updates/main/k/kernel-source-2.6.8/kernel-doc-2.6.8_2.6.8-17sarge1_all.deb
    Size/MD5 checksum:  6190062 e7e672dd30a416f98fb8dd3ead7e938b
  http://security.debian.org/pool/updates/main/k/kernel-source-2.6.8/kernel-patch-debian-2.6.8_2.6.8-17sarge1_all.deb
    Size/MD5 checksum:  1194926 dfc3e12e6e7739c91c17e150a7242fa2

alpha architecture (DEC Alpha)

  http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-alpha/kernel-headers-2.6.8-4-generic_2.6.8-17sarge1_alpha.deb
    Size/MD5 checksum:   238146 8dd62b8c39cceeedd5efaa4b2eee4582
  http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-alpha/kernel-headers-2.6.8-4-smp_2.6.8-17sarge1_alpha.deb
    Size/MD5 checksum:   232626 0f789080227336bd274f4ddacc4a749b
  http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-alpha/kernel-headers-2.6.8-4_2.6.8-17sarge1_alpha.deb
    Size/MD5 checksum:  2765374 6f857f2bc6f2f0d5a94a98ae814c4e87
  http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-alpha/kernel-image-2.6.8-4-smp_2.6.8-17sarge1_alpha.deb
    Size/MD5 checksum: 20094120 e0a3941fdaa513458f54b78e5b3ebd41
  http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-alpha/kernel-image-2.6.8-4-generic_2.6.8-17sarge1_alpha.deb
    Size/MD5 checksum: 20242970 0944d9b857e2383f2748fab122de3a5d

amd64 architecture (AMD x86_64 (AMD64))

  http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-amd64/kernel-headers-2.6.8-13-em64t-p4-smp_2.6.8-17sarge1_amd64.deb
    Size/MD5 checksum:   225228 fc7e590bc877da3505ee3442409bf8ee
  http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-amd64/kernel-headers-2.6.8-13-em64t-p4_2.6.8-17sarge1_amd64.deb
    Size/MD5 checksum:   228186 4663c6daf166b5559e408795f44d84f5
  http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-amd64/kernel-image-2.6.8-13-amd64-generic_2.6.8-17sarge1_amd64.deb
    Size/MD5 checksum: 12579110 41c47936fe7cd1bb8e28177cf282e957
  http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-amd64/kernel-headers-2.6.8-13-amd64-generic_2.6.8-17sarge1_amd64.deb
    Size/MD5 checksum:   231428 dfdf341727fcca4af9ff41f7f0046e1b
  http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-amd64/kernel-image-2.6.8-13-amd64-k8-smp_2.6.8-17sarge1_amd64.deb
    Size/MD5 checksum: 13238846 51bca8a45157f119dc001e786e325cca
  http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-amd64/kernel-image-2.6.8-13-em64t-p4-smp_2.6.8-17sarge1_amd64.deb
    Size/MD5 checksum: 13063162 14486d83aee59b7616ff63de003340ac
  http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-amd64/kernel-image-2.6.8-13-amd64-k8_2.6.8-17sarge1_amd64.deb
    Size/MD5 checksum: 13275762 767dcb70ca259ff0dc07f6cb8351a83d
  http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-amd64/kernel-headers-2.6.8-13_2.6.8-17sarge1_amd64.deb
    Size/MD5 checksum:  2728264 db7534ded22b911afffa5413d540dbbd
  http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-amd64/kernel-headers-2.6.8-13-amd64-k8-smp_2.6.8-17sarge1_amd64.deb
    Size/MD5 checksum:   226722 33c904e9fd0a2f754f0d5aed640a3bd3
  http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-amd64/kernel-headers-2.6.8-13-amd64-k8_2.6.8-17sarge1_amd64.deb
    Size/MD5 checksum:   230322 917d95bec917d2a7588867f81d88a2e9
  http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-amd64/kernel-image-2.6.8-13-em64t-p4_2.6.8-17sarge1_amd64.deb
    Size/MD5 checksum: 13082028 78be67d79a13baba4a6c798624f7f818

hppa architecture (HP PA RISC)

  http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-hppa/kernel-headers-2.6.8-4_2.6.8-7sarge1_hppa.deb
    Size/MD5 checksum:  2820206 0a14c1185bcde28d0a97eaeef9e11e3f
  http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-hppa/kernel-image-2.6.8-4-64_2.6.8-7sarge1_hppa.deb
    Size/MD5 checksum: 17550802 fabf823c16fcb3e0bbf69d0081faafd8
  http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-hppa/kernel-headers-2.6.8-4-64-smp_2.6.8-7sarge1_hppa.deb
    Size/MD5 checksum:   219244 ff1d717d7b3d1db40c96d15b96b8a447
  http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-hppa/kernel-image-2.6.8-4-64-smp_2.6.8-7sarge1_hppa.deb
    Size/MD5 checksum: 18374164 e088d77a7e64efa4d825416f94fd5db6
  http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-hppa/kernel-headers-2.6.8-4-32-smp_2.6.8-7sarge1_hppa.deb
    Size/MD5 checksum:   220054 5e8db88176af86cf5d5968dac2816ac6
  http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-hppa/kernel-image-2.6.8-4-32-smp_2.6.8-7sarge1_hppa.deb
    Size/MD5 checksum: 17020158 1e3f2fc9f9764e1823054df8abde860c
  http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-hppa/kernel-headers-2.6.8-4-32_2.6.8-7sarge1_hppa.deb
    Size/MD5 checksum:   220598 e3419d467dc69e90e2db720c519268d3
  http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-hppa/kernel-image-2.6.8-4-32_2.6.8-7sarge1_hppa.deb
    Size/MD5 checksum: 16110870 cb91278b4861aa27da3555e3ae05a842
  http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-hppa/kernel-headers-2.6.8-4-64_2.6.8-7sarge1_hppa.deb
    Size/MD5 checksum:   219758 ff98c244a5777bf1cb9d3aa42e92035b

i386 architecture (Intel ia32)

  http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-i386/kernel-headers-2.6.8-4-k7-smp_2.6.8-17sarge1_i386.deb
    Size/MD5 checksum:   258700 b406cff5cdfce0b1ebb0999b940bcf77
  http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-i386/kernel-image-2.6.8-4-386_2.6.8-17sarge1_i386.deb
    Size/MD5 checksum: 14079400 b3034d3d756026061d6d1ae64f7670ac
  http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-amd64/kernel-headers-2.6.8-13-amd64-k8-smp_2.6.8-17sarge1_i386.deb
    Size/MD5 checksum:   226622 89ab2fe13383be55139f779983e76f56
  http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-amd64/kernel-headers-2.6.8-13-em64t-p4_2.6.8-17sarge1_i386.deb
    Size/MD5 checksum:   228124 0232808c2f4af4679ff387fd5aef30c2
  http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-amd64/kernel-image-2.6.8-13-amd64-k8-smp_2.6.8-17sarge1_i386.deb
    Size/MD5 checksum: 13238830 83c9fa536a5039d9b7faaedd55c0d2df
  http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-amd64/kernel-image-2.6.8-13-em64t-p4-smp_2.6.8-17sarge1_i386.deb
    Size/MD5 checksum: 13208166 7d76aba45eeea785e68e144c93f8fa55
  http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-amd64/kernel-headers-2.6.8-13-amd64-generic_2.6.8-17sarge1_i386.deb
    Size/MD5 checksum:   231474 a9af96e38de18058a0bbb855ed0193f3
  http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-i386/kernel-image-2.6.8-4-686_2.6.8-17sarge1_i386.deb
    Size/MD5 checksum: 15558172 1ef83fe26c46d25f209cb0a76140c0e3
  http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-amd64/kernel-image-2.6.8-13-em64t-p4_2.6.8-17sarge1_i386.deb
    Size/MD5 checksum: 13236626 fad30247937094d606a01d53a2eff086
  http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-amd64/kernel-headers-2.6.8-13_2.6.8-17sarge1_i386.deb
    Size/MD5 checksum:  2728376 e2538d185c863ac7adf9dd41ac73f83d
  http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-i386/kernel-image-2.6.8-4-686-smp_2.6.8-17sarge1_i386.deb
    Size/MD5 checksum: 15397692 580feea340f69d04fafcd052268bb314
  http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-i386/kernel-image-2.6.8-4-k7-smp_2.6.8-17sarge1_i386.deb
    Size/MD5 checksum: 15173410 f477356acda36ec633c3bee285794377
  http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-i386/kernel-headers-2.6.8-4_2.6.8-17sarge1_i386.deb
    Size/MD5 checksum:  2784978 76f4162d37d785b5e0648435936774f6
  http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-i386/kernel-headers-2.6.8-4-386_2.6.8-17sarge1_i386.deb
    Size/MD5 checksum:   263456 3ddcc23d88f64f8a185c3a3dc4ae3402
  http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-amd64/kernel-headers-2.6.8-13-em64t-p4-smp_2.6.8-17sarge1_i386.deb
    Size/MD5 checksum:   225052 c266db2ed1f497b91c8202c2e9511bd3
  http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-i386/kernel-image-2.6.8-4-k7_2.6.8-17sarge1_i386.deb
    Size/MD5 checksum: 15282426 bce3bfbc0e6aede5dc503b37935b050a
  http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-amd64/kernel-headers-2.6.8-13-amd64-k8_2.6.8-17sarge1_i386.deb
    Size/MD5 checksum:   230266 2172a8e3ff5107cb582b5a31111b904b
  http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-i386/kernel-headers-2.6.8-4-686-smp_2.6.8-17sarge1_i386.deb
    Size/MD5 checksum:   258222 e02e548b571117fa3a0b68add40c3893
  http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-i386/kernel-headers-2.6.8-4-686_2.6.8-17sarge1_i386.deb
    Size/MD5 checksum:   260930 a4765a3da36be625c104281daecc29d2
  http://security.debian.org/pool/updates/main/f/fai-kernels/fai-kernels_1.9.1sarge8_i386.deb
    Size/MD5 checksum: 12010766 5c06b0a78b203b2032aa327839fa9795
  http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-i386/kernel-headers-2.6.8-4-k7_2.6.8-17sarge1_i386.deb
    Size/MD5 checksum:   260956 5bf06a1619132b0624299735caf26879
  http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-amd64/kernel-image-2.6.8-13-amd64-generic_2.6.8-17sarge1_i386.deb
    Size/MD5 checksum: 12579278 f6c685f628478fcc8f37257a6e71aedd
  http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-amd64/kernel-image-2.6.8-13-amd64-k8_2.6.8-17sarge1_i386.deb
    Size/MD5 checksum: 13276128 541fc888c5aa5dee5e186185d1f2256f

ia64 architecture (Intel ia64)

  http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-ia64/kernel-image-2.6.8-4-itanium_2.6.8-15sarge1_ia64.deb
    Size/MD5 checksum: 21496770 8336b695564c2eb6d8dc98a13c3b4e1a
  http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-ia64/kernel-headers-2.6.8-4-itanium-smp_2.6.8-15sarge1_ia64.deb
    Size/MD5 checksum:   205878 2f8285b89e03dee6c71f9d8079d13499
  http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-ia64/kernel-image-2.6-mckinley-smp_2.6.8-15sarge1_ia64.deb
    Size/MD5 checksum:    12228 b69b46b5a764b898baaf3ba3ad056d5f
  http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-ia64/kernel-image-2.6-mckinley_2.6.8-15sarge1_ia64.deb
    Size/MD5 checksum:    12162 3d5dfd32448f8cb967dd1ce9549789af
  http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-ia64/kernel-headers-2.6.8-4_2.6.8-15sarge1_ia64.deb
    Size/MD5 checksum:  3104422 af94110dd2e8401a975315dd93aaa28b
  http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-ia64/kernel-headers-2.6-mckinley_2.6.8-15sarge1_ia64.deb
    Size/MD5 checksum:    12172 618961c987120133ee1c999e4cf5f62f
  http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-ia64/kernel-headers-2.6-mckinley-smp_2.6.8-15sarge1_ia64.deb
    Size/MD5 checksum:    12236 7ca412f9885d85f92340423de43e284f
  http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-ia64/kernel-headers-2.6-itanium_2.6.8-15sarge1_ia64.deb
    Size/MD5 checksum:    12140 031a5db578a7291bf25c13b7be4b4ec6
  http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-ia64/kernel-headers-2.6.8-4-itanium_2.6.8-15sarge1_ia64.deb
    Size/MD5 checksum:   206340 85610c56d71469abb003503c9395f639
  http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-ia64/kernel-headers-2.6.8-4-mckinley_2.6.8-15sarge1_ia64.deb
    Size/MD5 checksum:   206076 62768e32c962c2f1f2f19c0062800557
  http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-ia64/kernel-headers-2.6-itanium-smp_2.6.8-15sarge1_ia64.deb
    Size/MD5 checksum:    12202 a4a24b0e48c4f6c2c3d8ab17fc6fe4ae
  http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-ia64/kernel-image-2.6.8-4-mckinley_2.6.8-15sarge1_ia64.deb
    Size/MD5 checksum: 21417820 daa90c69a36eb5baf3231fed495766e1
  http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-ia64/kernel-headers-2.6.8-4-mckinley-smp_2.6.8-15sarge1_ia64.deb
    Size/MD5 checksum:   205672 e5befe9b90d7f8d43ed7e1dfff89851c
  http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-ia64/kernel-image-2.6.8-4-itanium-smp_2.6.8-15sarge1_ia64.deb
    Size/MD5 checksum: 22158208 8a186facbb3023845284531d27c01486
  http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-ia64/kernel-image-2.6-itanium_2.6.8-15sarge1_ia64.deb
    Size/MD5 checksum:    12136 fe3ae95000fba99026557e9f3110eef9
  http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-ia64/kernel-image-2.6.8-4-mckinley-smp_2.6.8-15sarge1_ia64.deb
    Size/MD5 checksum: 22174026 de343e5cddd6936ec435cdc87d5ab689
  http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-ia64/kernel-image-2.6-itanium-smp_2.6.8-15sarge1_ia64.deb
    Size/MD5 checksum:    12200 75abbf3dc640b0765b0f510c0c783ecb

m68k architecture (Motorola Mc680x0)

  http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-m68k/kernel-image-2.6.8-sun3_2.6.8-5sarge1_m68k.deb
    Size/MD5 checksum:  2997446 90b62190daab090dd211b2e2fa76e634
  http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-m68k/kernel-image-2.6.8-mvme16x_2.6.8-5sarge1_m68k.deb
    Size/MD5 checksum:  3053150 9876f36e6cbad66ac690362955b3ee6c
  http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-m68k/kernel-image-2.6.8-q40_2.6.8-5sarge1_m68k.deb
    Size/MD5 checksum:  3111618 38fdf55f9f32aa26df0b3001fd6b77a2
  http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-m68k/kernel-image-2.6.8-amiga_2.6.8-5sarge1_m68k.deb
    Size/MD5 checksum:  3311580 052d54a9c2e6eab73cf870634aaf78e3
  http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-m68k/kernel-image-2.6.8-hp_2.6.8-5sarge1_m68k.deb
    Size/MD5 checksum:  2992404 cd498a3a110af341e7052fb06ec8b0bc
  http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-m68k/kernel-image-2.6.8-mac_2.6.8-5sarge1_m68k.deb
    Size/MD5 checksum:  3178962 1160ae756c286e7e2845cbeb1326c3bb
  http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-m68k/kernel-image-2.6.8-mvme147_2.6.8-5sarge1_m68k.deb
    Size/MD5 checksum:  2982482 677c66d0af2580084d6d061bfd63ffd4
  http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-m68k/kernel-image-2.6.8-bvme6000_2.6.8-5sarge1_m68k.deb
    Size/MD5 checksum:  3018000 89321aa5c34c8c9c95a61a86d0337699
  http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-m68k/kernel-image-2.6.8-atari_2.6.8-5sarge1_m68k.deb
    Size/MD5 checksum:  3105192 0a020af9116bd8ac96d2c3eb054b6840

powerpc architecture (PowerPC)

  http://security.debian.org/pool/updates/main/k/kernel-patch-powerpc-2.6.8/kernel-headers-2.6.8-4_2.6.8-13sarge1_powerpc.deb
    Size/MD5 checksum:  5153168 2f57ad5241d60f31e262541b1b9bf08a
  http://security.debian.org/pool/updates/main/k/kernel-patch-powerpc-2.6.8/kernel-image-2.6.8-4-power3-smp_2.6.8-13sarge1_powerpc.deb
    Size/MD5 checksum: 13953866 46a1861b3cd33737bdd60a0f72f397c4
  http://security.debian.org/pool/updates/main/k/kernel-patch-powerpc-2.6.8/kernel-image-2.6.8-4-power3_2.6.8-13sarge1_powerpc.deb
    Size/MD5 checksum: 13599558 0ddb46fa72e94a9018eccfd3d2f0b40c
  http://security.debian.org/pool/updates/main/k/kernel-patch-powerpc-2.6.8/kernel-image-2.6.8-4-powerpc-smp_2.6.8-13sarge1_powerpc.deb
    Size/MD5 checksum: 13873214 f012b664fbc58bfcdfbba594d38bc855
  http://security.debian.org/pool/updates/main/k/kernel-patch-powerpc-2.6.8/kernel-image-2.6.8-4-power4-smp_2.6.8-13sarge1_powerpc.deb
    Size/MD5 checksum: 13943782 153a4ba86086ae315977b069a3c8fa3c
  http://security.debian.org/pool/updates/main/k/kernel-patch-powerpc-2.6.8/kernel-build-2.6.8-4-power3_2.6.8-13sarge1_powerpc.deb
    Size/MD5 checksum:   412788 719ae014adea5b6a7c3c36b2b0e268ed
  http://security.debian.org/pool/updates/main/k/kernel-patch-powerpc-2.6.8/kernel-build-2.6.8-4-powerpc_2.6.8-13sarge1_powerpc.deb
    Size/MD5 checksum:   412382 228e63e6d49179b0dc802b903b1b52e4
  http://security.debian.org/pool/updates/main/k/kernel-patch-powerpc-2.6.8/kernel-build-2.6.8-4-power4-smp_2.6.8-13sarge1_powerpc.deb
    Size/MD5 checksum:   411974 bcf255c3858b2d9a01bbbb2b7c25aff2
  http://security.debian.org/pool/updates/main/k/kernel-patch-powerpc-2.6.8/kernel-image-2.6.8-4-powerpc_2.6.8-13sarge1_powerpc.deb
    Size/MD5 checksum: 13616728 e6762f501e5422e23f023b79037a8ca5
  http://security.debian.org/pool/updates/main/k/kernel-patch-powerpc-2.6.8/kernel-build-2.6.8-4-power4_2.6.8-13sarge1_powerpc.deb
    Size/MD5 checksum:   412034 0334c1128e3e843ebc68963633480ba4
  http://security.debian.org/pool/updates/main/k/kernel-patch-powerpc-2.6.8/kernel-build-2.6.8-4-powerpc-smp_2.6.8-13sarge1_powerpc.deb
    Size/MD5 checksum:   412136 a761c81f7e2c38637fecefeb197f8a5b
  http://security.debian.org/pool/updates/main/k/kernel-patch-powerpc-2.6.8/kernel-build-2.6.8-4-power3-smp_2.6.8-13sarge1_powerpc.deb
    Size/MD5 checksum:   412708 584de35626e4445772f28341560aae76
  http://security.debian.org/pool/updates/main/k/kernel-patch-powerpc-2.6.8/kernel-image-2.6.8-4-power4_2.6.8-13sarge1_powerpc.deb
    Size/MD5 checksum: 13583634 0f334a6487d58f02b75f9102641d4541

s390 architecture (IBM S/390)

  http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-s390/kernel-image-2.6.8-4-s390x_2.6.8-6sarge1_s390.deb
    Size/MD5 checksum:  3199350 2dec14becfc609e1414a00a726a78153
  http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-s390/kernel-image-2.6.8-4-s390_2.6.8-6sarge1_s390.deb
    Size/MD5 checksum:  2992448 d90f45f8f995286690ed2c460f5f418b
  http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-s390/kernel-headers-2.6.8-4_2.6.8-6sarge1_s390.deb
    Size/MD5 checksum:  5092100 c603b5b67a2e4be7b92fc909a64493cd
  http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-s390/kernel-image-2.6.8-4-s390-tape_2.6.8-6sarge1_s390.deb
    Size/MD5 checksum:  1150168 8cf8f4a0193c71df9a27b3362b868cc5

sparc architecture (Sun SPARC/UltraSPARC)

  http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-sparc/kernel-image-2.6.8-4-sparc64-smp_2.6.8-16sarge1_sparc.deb
    Size/MD5 checksum:  7645904 2c30dc864de96d05d0a3426b36c26d3a
  http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-sparc/kernel-headers-2.6.8-4_2.6.8-16sarge1_sparc.deb
    Size/MD5 checksum:  2896286 54cdf0c85119d5a049164705e54a24d9
  http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-sparc/kernel-image-2.6.8-4-sparc32_2.6.8-16sarge1_sparc.deb
    Size/MD5 checksum:  4563634 2df1caceab9295aca03f8efb9abfa33a
  http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-sparc/kernel-image-2.6.8-4-sparc64_2.6.8-16sarge1_sparc.deb
    Size/MD5 checksum:  7449244 1833928627fd502581b283c8d508b423
  http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-sparc/kernel-headers-2.6.8-4-sparc32_2.6.8-16sarge1_sparc.deb
    Size/MD5 checksum:   116254 ccfa57772f57fc041c7e2f52fc09216c
  http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-sparc/kernel-headers-2.6.8-4-sparc64-smp_2.6.8-16sarge1_sparc.deb
    Size/MD5 checksum:   151548 0170da5a8e3a7179073a6ee42fe41b27
  http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-sparc/kernel-build-2.6.8-4_2.6.8-16sarge1_sparc.deb
    Size/MD5 checksum:    10856 5866644f6a69cd14120b2f27b936097e
  http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-sparc/kernel-headers-2.6.8-4-sparc64_2.6.8-16sarge1_sparc.deb
    Size/MD5 checksum:   150948 ed82830f3020847472660683d0a8b5cd

  These files will probably be moved into the oldstable distribution on
  its next update.

- ---------------------------------------------------------------------------------
For apt-get: deb http://security.debian.org/ stable/updates main
For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main
Mailing list: debian-security-announce@xxxxxxxxxxxxxxxx
Package info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)

iD8DBQFHvz3RhuANDBmkLRkRApVbAJ9d6wqvYEi8ewaJll1OtoMK1n945QCeLY4u
NcwTnhEcZs8czVzN6M2RXoE=
=69WA
-----END PGP SIGNATURE-----