please remove me from this distribution list
On Mon, Jul 28, 2014 at 11:42 PM, Salvatore Bonaccorso <car...@debian.org> wrote: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA512 > > - ------------------------------------------------------------------------- > Debian Security Advisory DSA-2992-1 secur...@debian.org > http://www.debian.org/security/ Salvatore Bonaccorso > July 29, 2014 http://www.debian.org/security/faq > - ------------------------------------------------------------------------- > > Package : linux > CVE ID : CVE-2014-3534 CVE-2014-4667 CVE-2014-4943 > Debian Bug : 728705 > > Several vulnerabilities have been discovered in the Linux kernel that > may lead to a denial of service or privilege escalation: > > CVE-2014-3534 > > Martin Schwidefsky of IBM discovered that the ptrace subsystem does > not properly sanitize the psw mask value. On s390 systems, an > unprivileged local user could use this flaw to set address space > control bits to kernel space combination and thus gain read/write > access to kernel memory. > > CVE-2014-4667 > > Gopal Reddy Kodudula of Nokia Siemens Networks discovered that the > sctp_association_free function does not properly manage a certain > backlog value, which allows remote attackers to cause a denial of > service (socket outage) via a crafted SCTP packet. > > CVE-2014-4943 > > Sasha Levin discovered a flaw in the Linux kernel's point-to-point > protocol (PPP) when used with the Layer Two Tunneling Protocol > (L2TP). An unprivileged local user could use this flaw for privilege > escalation. > > For the stable distribution (wheezy), these problems have been fixed in > version 3.2.60-1+deb7u3. > > For the unstable distribution (sid), these problems have been fixed in > version 3.14.13-2. > > We recommend that you upgrade your linux packages. > > Further information about Debian Security Advisories, how to apply > these updates to your system and frequently asked questions can be > found at: http://www.debian.org/security/ > > Mailing list: debian-security-annou...@lists.debian.org > -----BEGIN PGP SIGNATURE----- > Version: GnuPG v1 > > iQIcBAEBCgAGBQJT1zuqAAoJEAVMuPMTQ89EFZEP+gMpesreXSVTK6H/WKOxAQty > 2Job+gY43NY21tSzKZUbatJIhhq+9a4BPzspZuV66h35ITmI+DzhyKNQnUUdrrUu > h8pt81OixydxGKifFCldbfjDucy5Tm6Akn8iPlOWgMTNGHWDLhNCy2yZw3cG4CMd > vv9NRu++kPQBxJ2rpt8DcWuU133xNJwS/VSOlUk4z6A535TEAngOggnfGj2Y+4Xp > MmBuGW+PohmXhhbE64WM3KX2vmC38p/hpXQt/PfbGypJkeiTkJLjYCpCLhwEpKch > fzfcjC34EcZt//Jnbg4Nqu0/SVwEf1fsbL+ETGBE1HoKciXJg8eUnZMA2+UKlrIl > ud2EHEObGyly1FSdKvD7CXIH1I+krCtPO8oSQHeiH0kbMyWOm3s7HcV6YMsOc3K7 > Vl2oH3mXWjY+zLOZfjaTGeG/5M07sjM12TGZ6UpuhazcRn7YHys+SgxCM3ic4aW+ > nANCT/e2CZS53Gg5UvrmHnFjwela3pk8fVyVgaS/27lxbYql4IrydW0Gsc1x+TEb > ArisHmbWhG0HJnrEOY3fay7bZ8XjmKnALr/f7HxtSkYDG1VcwKi3oR8B6SGcefdO > jSCS+KXU4I11cYg5qfHiTC5VuWfGJOEKlGkFO4G8GcKR0FNnsluJ/G//6fgUeqQ/ > jaUiUlTQMFdNhomFFIy4 > =hzfh > -----END PGP SIGNATURE----- > > > -- > To UNSUBSCRIBE, email to debian-security-announce-requ...@lists.debian.org > with a subject of "unsubscribe". Trouble? Contact > listmas...@lists.debian.org > Archive: https://lists.debian.org/e1xc16m-0003ua...@master.debian.org > > >
