[kernel-sec-discuss] r1279 - dsa-texts

micah at alioth.debian.org micah at alioth.debian.org
Mon Dec 15 21:21:48 UTC 2008 

Author: micah
Date: 2008-12-15 21:21:48 +0000 (Mon, 15 Dec 2008)
New Revision: 1279

Modified:
   dsa-texts/2.6.18.dfsg.1-23etch1
Log:
some minor formatting tweaks


Modified: dsa-texts/2.6.18.dfsg.1-23etch1
===================================================================
--- dsa-texts/2.6.18.dfsg.1-23etch1	2008-12-14 23:47:46 UTC (rev 1278)
+++ dsa-texts/2.6.18.dfsg.1-23etch1	2008-12-15 21:21:48 UTC (rev 1279)
@@ -19,8 +19,9 @@
 
 CVE-2008-3527
 
-    Tavis Ormandy reported a local DoS and potential privilege escalation
-    in the Virtual Dynamic Shared Objects (vDSO) implementation.
+    Tavis Ormandy reported a local DoS and potential privilege
+    escalation in the Virtual Dynamic Shared Objects (vDSO)
+    implementation.
 
 CVE-2008-3528
 
@@ -75,9 +76,9 @@
 
 CVE-2008-5079
 
-    Hugo Dias reported a DoS condition in the ATM subsystem
-    that can be triggered by a local user by calling the svc_listen
-    function twice on the same socket and reading /proc/net/atm/*vc.
+    Hugo Dias reported a DoS condition in the ATM subsystem that can
+    be triggered by a local user by calling the svc_listen function
+    twice on the same socket and reading /proc/net/atm/*vc.
 
 CVE_2008-5182
 
@@ -98,13 +99,13 @@
 user-mode-linux packages.
 
 Note: Debian 'etch' includes linux kernel packages based upon both the
-2.6.18 and 2.6.24 linux releases.  All known security issues are carefully
-tracked against both packages and both packages will receive security
-updates until security support for Debian 'etch' concludes. However, given
-the high frequency at which low-severity security issues are discovered in
-the kernel and the resource requirements of doing an update, lower severity
-2.6.18 and 2.6.24 updates will typically release in a staggered or "leap-frog"
-fashion.
+2.6.18 and 2.6.24 linux releases.  All known security issues are
+carefully tracked against both packages and both packages will receive
+security updates until security support for Debian 'etch'
+concludes. However, given the high frequency at which low-severity
+security issues are discovered in the kernel and the resource
+requirements of doing an update, lower severity 2.6.18 and 2.6.24
+updates will typically release in a staggered or "leap-frog" fashion.
 
 Upgrade instructions
 --------------------

More information about the kernel-sec-discuss mailing list