Debian 10222 Published by

The Debian Security Team published a new security update for Debian GNU/Linux. Here the announcement:



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ------------------------------------------------------------------------
Debian Security Advisory DSA-1504 security@debian.org
http://www.debian.org/security/ dann frazier
February 22, 2008 http://www.debian.org/security/faq
- ------------------------------------------------------------------------

Package : kernel-source-2.6.8 (2.6.8-17sarge1)
Vulnerability : several
Problem-Type : local
Debian-specific: no
CVE ID : CVE-2006-5823 CVE-2006-6054 CVE-2006-6058 CVE-2006-7203
CVE-2007-1353 CVE-2007-2172 CVE-2007-2525 CVE-2007-3105
CVE-2007-3739 CVE-2007-3740 CVE-2007-3848 CVE-2007-4133
CVE-2007-4308 CVE-2007-4573 CVE-2007-5093 CVE-2007-6063
CVE-2007-6151 CVE-2007-6206 CVE-2007-6694 CVE-2008-0007

Several local and remote vulnerabilities have been discovered in the Linux
kernel that may lead to a denial of service or the execution of arbitrary
code. The Common Vulnerabilities and Exposures project identifies the
following problems:

CVE-2006-5823

LMH reported a potential local DoS which could be exploited by a malicious
user with the privileges to mount and read a corrupted cramfs filesystem.

CVE-2006-6054

LMH reported a potential local DoS which could be exploited by a malicious
user with the privileges to mount and read a corrupted ext2 filesystem.

CVE-2006-6058

LMH reported an issue in the minix filesystem that allows local users
with mount privileges to create a DoS (printk flood) by mounting a
specially crafted corrupt filesystem.

CVE-2006-7203

OpenVZ Linux kernel team reported an issue in the smbfs filesystem which
can be exploited by local users to cause a DoS (oops) during mount.

CVE-2007-1353

Ilja van Sprundel discovered that kernel memory could be leaked via the
Bluetooth setsockopt call due to an uninitialized stack buffer. This
could be used by local attackers to read the contents of sensitive kernel
memory.

CVE-2007-2172

Thomas Graf reported a typo in the DECnet protocol handler that could
be used by a local attacker to overrun an array via crafted packets,
potentially resulting in a Denial of Service (system crash).
A similar issue exists in the IPV4 protocol handler and will be fixed
in a subsequent update.

CVE-2007-2525

Florian Zumbiehl discovered a memory leak in the PPPOE subsystem caused
by releasing a socket before PPPIOCGCHAN is called upon it. This could
be used by a local user to DoS a system by consuming all available memory.

CVE-2007-3105

The PaX Team discovered a potential buffer overflow in the random number
generator which may permit local users to cause a denial of service or
gain additional privileges. This issue is not believed to effect default
Debian installations where only root has sufficient privileges to exploit
it.

CVE-2007-3739

Adam Litke reported a potential local denial of service (oops) on
powerpc platforms resulting from unchecked VMA expansion into address
space reserved for hugetlb pages.

CVE-2007-3740

Steve French reported that CIFS filesystems with CAP_UNIX enabled
were not honoring a process' umask which may lead to unintentinally
relaxed permissions.

CVE-2007-3848

Wojciech Purczynski discovered that pdeath_signal was not being reset
properly under certain conditions which may allow local users to gain
privileges by sending arbitrary signals to suid binaries.

CVE-2007-4133

Hugh Dickins discovered a potential local DoS (panic) in hugetlbfs.
A misconversion of hugetlb_vmtruncate_list to prio_tree may allow
local users to trigger a BUG_ON() call in exit_mmap.

CVE-2007-4308

Alan Cox reported an issue in the aacraid driver that allows unprivileged
local users to make ioctl calls which should be restricted to admin
privileges.

CVE-2007-4573

Wojciech Purczynski discovered a vulnerability that can be exploited
by a local user to obtain superuser privileges on x86_64 systems.
This resulted from improper clearing of the high bits of registers
during ia32 system call emulation. This vulnerability is relevant
to the Debian amd64 port as well as users of the i386 port who run
the amd64 linux-image flavour.

CVE-2007-5093

Alex Smith discovered an issue with the pwc driver for certain webcam
devices. If the device is removed while a userspace application has it
open, the driver will wait for userspace to close the device, resulting
in a blocked USB subsystem. This issue is of low security impact as
it requires the attacker to either have physical access to the system
or to convince a user with local access to remove the device on their
behalf.

CVE-2007-6063

Venustech AD-LAB discovered a a buffer overflow in the isdn ioctl
handling, exploitable by a local user.

CVE-2007-6151

ADLAB discovered a possible memory overrun in the ISDN subsystem that
may permit a local user to overwrite kernel memory leading by issuing
ioctls with unterminated data.

CVE-2007-6206

Blake Frantz discovered that when a core file owned by a non-root user
exists, and a root-owned process dumps core over it, the core file
retains its original ownership. This could be used by a local user to
gain access to sensitive information.

CVE-2007-6694

Cyrill Gorcunov reported a NULL pointer dereference in code specific
to the CHRP PowerPC platforms. Local users could exploit this issue
to achieve a Denial of Service (DoS).

CVE-2008-0007

Nick Piggin of SuSE discovered a number of issues in subsystems which
register a fault handler for memory mapped areas. This issue can be
exploited by local users to achieve a Denial of Service (DoS) and possibly
execute arbitrary code.

The following matrix lists additional packages that were rebuilt for
compatibility with or to take advantage of this update:

Debian 3.1 (sarge)
kernel-image-2.6.8-alpha 2.6.8-17sarge1
kernel-image-2.6.8-amd64 2.6.8-17sarge1
kernel-image-2.6.8-hppa 2.6.8-7sarge1
kernel-image-2.6.8-i386 2.6.8-17sarge1
kernel-image-2.6.8-ia64 2.6.8-15sarge1
kernel-image-2.6.8-m68k 2.6.8-5sarge1
kernel-image-2.6.8-s390 2.6.8-6sarge1
kernel-image-2.6.8-sparc 2.6.8-16sarge1
kernel-patch-powerpc-2.6.8 2.6.8-13sarge1
fai-kernels 1.9.1sarge8

We recommend that you upgrade your kernel package immediately and reboot
the machine. If you have built a custom kernel from the kernel source
package, you will need to rebuild to take advantage of these fixes.

Upgrade Instructions
- --------------------

wget url
will fetch the file for you
dpkg -i file.deb
will install the referenced file.

If you are using the apt-get package manager, use the line for
sources.list as given below:

apt-get update
will update the internal database
apt-get upgrade
will install corrected packages

Debian 3.1 (oldstable)
- ----------------------

Oldstable updates are available for alpha, amd64, hppa, i386, ia64, m68k, powerpc, s390 and sparc.

Source archives:

http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-s390/kernel-image-2.6.8-s390_2.6.8-6sarge1.dsc
Size/MD5 checksum: 846 4503eeaf9e1a21a9f220e2d9c31e0123
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-ia64/kernel-image-2.6.8-ia64_2.6.8-15sarge1.dsc
Size/MD5 checksum: 1191 bfba4b91bbd166d14d0bace5ac137715
http://security.debian.org/pool/updates/main/k/kernel-source-2.6.8/kernel-source-2.6.8_2.6.8-17sarge1.diff.gz
Size/MD5 checksum: 1124155 d0e37e157fd2c4a9889222377ae6a956
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-s390/kernel-image-2.6.8-s390_2.6.8-6sarge1.tar.gz
Size/MD5 checksum: 18572 fffdd006af1f26150eb6131f10c14c8f
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-hppa/kernel-image-2.6.8-hppa_2.6.8-7sarge1.tar.gz
Size/MD5 checksum: 73206 97e4fadb9612c1a9ce969a0cbdc663f4
http://security.debian.org/pool/updates/main/f/fai-kernels/fai-kernels_1.9.1sarge8.dsc
Size/MD5 checksum: 621 fd5cf0a4b08aadf72cedb8029390fdeb
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-amd64/kernel-image-2.6.8-amd64_2.6.8-17sarge1.dsc
Size/MD5 checksum: 1103 27f8b65b1acae74eac82f6484edbc5e5
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-alpha/kernel-image-2.6.8-alpha_2.6.8-17sarge1.tar.gz
Size/MD5 checksum: 44625 4e68e046835cd0dce3ba2dc096f21924
http://security.debian.org/pool/updates/main/k/kernel-patch-powerpc-2.6.8/kernel-patch-powerpc-2.6.8_2.6.8-13sarge1.tar.gz
Size/MD5 checksum: 32565 406db278e655291be89254da5a4e15f8
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-hppa/kernel-image-2.6.8-hppa_2.6.8-7sarge1.dsc
Size/MD5 checksum: 1013 defcdc70dd9d969ddfaed2819b341758
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-ia64/kernel-image-2.6.8-ia64_2.6.8-15sarge1.tar.gz
Size/MD5 checksum: 69734 a5e62e3da21f1e89e1c7f76508de9673
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-amd64/kernel-image-2.6.8-amd64_2.6.8-17sarge1.tar.gz
Size/MD5 checksum: 82008 c90b3a12c9bf77807d0d5c3ab6cf1567
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-m68k/kernel-image-2.6.8-m68k_2.6.8-5sarge1.tar.gz
Size/MD5 checksum: 22997 75027ce480514543ad6d565d43890a3e
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-sparc/kernel-image-2.6.8-sparc_2.6.8-16sarge1.tar.gz
Size/MD5 checksum: 32414 676fdb7a2c0cb66cd6c13a75b836f755
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-sparc/kernel-image-2.6.8-sparc_2.6.8-16sarge1.dsc
Size/MD5 checksum: 1036 088234b948dd74a6c869f743a5346a54
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-alpha/kernel-image-2.6.8-alpha_2.6.8-17sarge1.dsc
Size/MD5 checksum: 812 e12f4f68ee249f53bab5b4752d6b2795
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-i386/kernel-image-2.6.8-i386_2.6.8-17sarge1.tar.gz
Size/MD5 checksum: 96384 bd4d726f97468d6cca1139cf80b1342a
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-i386/kernel-image-2.6.8-i386_2.6.8-17sarge1.dsc
Size/MD5 checksum: 1047 80bb021a47b74d6b1e486c2bba6c55b8
http://security.debian.org/pool/updates/main/k/kernel-source-2.6.8/kernel-source-2.6.8_2.6.8-17sarge1.dsc
Size/MD5 checksum: 1002 0a956bc9d48251885d52d4b4d4b07310
http://security.debian.org/pool/updates/main/k/kernel-patch-powerpc-2.6.8/kernel-patch-powerpc-2.6.8_2.6.8-13sarge1.dsc
Size/MD5 checksum: 1071 39e866b6617c57f4acf7e06d3b7ae82e
http://security.debian.org/pool/updates/main/f/fai-kernels/fai-kernels_1.9.1sarge8.tar.gz
Size/MD5 checksum: 32434 ee1ef40c64f09bcdc25d9c9b7ea325e0
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-m68k/kernel-image-2.6.8-m68k_2.6.8-5sarge1.dsc
Size/MD5 checksum: 874 9db0c07fe9a8cc114a82f3d4f8a209a9
http://security.debian.org/pool/updates/main/k/kernel-source-2.6.8/kernel-source-2.6.8_2.6.8.orig.tar.gz
Size/MD5 checksum: 43929719 0393c05ffa4770c3c5178b74dc7a4282

Architecture independent packages:

http://security.debian.org/pool/updates/main/k/kernel-source-2.6.8/kernel-source-2.6.8_2.6.8-17sarge1_all.deb
Size/MD5 checksum: 34955480 ece884d31c0a9bd290d467f00973252e
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-s390/kernel-patch-2.6.8-s390_2.6.8-6sarge1_all.deb
Size/MD5 checksum: 16650 2304fae6c3d145826acea1403133ef98
http://security.debian.org/pool/updates/main/k/kernel-source-2.6.8/kernel-tree-2.6.8_2.6.8-17sarge1_all.deb
Size/MD5 checksum: 39758 12ee237ef5816a9c1f87697a0397802a
http://security.debian.org/pool/updates/main/k/kernel-source-2.6.8/kernel-doc-2.6.8_2.6.8-17sarge1_all.deb
Size/MD5 checksum: 6190062 e7e672dd30a416f98fb8dd3ead7e938b
http://security.debian.org/pool/updates/main/k/kernel-source-2.6.8/kernel-patch-debian-2.6.8_2.6.8-17sarge1_all.deb
Size/MD5 checksum: 1194926 dfc3e12e6e7739c91c17e150a7242fa2

alpha architecture (DEC Alpha)

http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-alpha/kernel-headers-2.6.8-4-generic_2.6.8-17sarge1_alpha.deb
Size/MD5 checksum: 238146 8dd62b8c39cceeedd5efaa4b2eee4582
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-alpha/kernel-headers-2.6.8-4-smp_2.6.8-17sarge1_alpha.deb
Size/MD5 checksum: 232626 0f789080227336bd274f4ddacc4a749b
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-alpha/kernel-headers-2.6.8-4_2.6.8-17sarge1_alpha.deb
Size/MD5 checksum: 2765374 6f857f2bc6f2f0d5a94a98ae814c4e87
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-alpha/kernel-image-2.6.8-4-smp_2.6.8-17sarge1_alpha.deb
Size/MD5 checksum: 20094120 e0a3941fdaa513458f54b78e5b3ebd41
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-alpha/kernel-image-2.6.8-4-generic_2.6.8-17sarge1_alpha.deb
Size/MD5 checksum: 20242970 0944d9b857e2383f2748fab122de3a5d

amd64 architecture (AMD x86_64 (AMD64))

http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-amd64/kernel-headers-2.6.8-13-em64t-p4-smp_2.6.8-17sarge1_amd64.deb
Size/MD5 checksum: 225228 fc7e590bc877da3505ee3442409bf8ee
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-amd64/kernel-headers-2.6.8-13-em64t-p4_2.6.8-17sarge1_amd64.deb
Size/MD5 checksum: 228186 4663c6daf166b5559e408795f44d84f5
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-amd64/kernel-image-2.6.8-13-amd64-generic_2.6.8-17sarge1_amd64.deb
Size/MD5 checksum: 12579110 41c47936fe7cd1bb8e28177cf282e957
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-amd64/kernel-headers-2.6.8-13-amd64-generic_2.6.8-17sarge1_amd64.deb
Size/MD5 checksum: 231428 dfdf341727fcca4af9ff41f7f0046e1b
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-amd64/kernel-image-2.6.8-13-amd64-k8-smp_2.6.8-17sarge1_amd64.deb
Size/MD5 checksum: 13238846 51bca8a45157f119dc001e786e325cca
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-amd64/kernel-image-2.6.8-13-em64t-p4-smp_2.6.8-17sarge1_amd64.deb
Size/MD5 checksum: 13063162 14486d83aee59b7616ff63de003340ac
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-amd64/kernel-image-2.6.8-13-amd64-k8_2.6.8-17sarge1_amd64.deb
Size/MD5 checksum: 13275762 767dcb70ca259ff0dc07f6cb8351a83d
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-amd64/kernel-headers-2.6.8-13_2.6.8-17sarge1_amd64.deb
Size/MD5 checksum: 2728264 db7534ded22b911afffa5413d540dbbd
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-amd64/kernel-headers-2.6.8-13-amd64-k8-smp_2.6.8-17sarge1_amd64.deb
Size/MD5 checksum: 226722 33c904e9fd0a2f754f0d5aed640a3bd3
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-amd64/kernel-headers-2.6.8-13-amd64-k8_2.6.8-17sarge1_amd64.deb
Size/MD5 checksum: 230322 917d95bec917d2a7588867f81d88a2e9
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-amd64/kernel-image-2.6.8-13-em64t-p4_2.6.8-17sarge1_amd64.deb
Size/MD5 checksum: 13082028 78be67d79a13baba4a6c798624f7f818

hppa architecture (HP PA RISC)

http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-hppa/kernel-headers-2.6.8-4_2.6.8-7sarge1_hppa.deb
Size/MD5 checksum: 2820206 0a14c1185bcde28d0a97eaeef9e11e3f
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-hppa/kernel-image-2.6.8-4-64_2.6.8-7sarge1_hppa.deb
Size/MD5 checksum: 17550802 fabf823c16fcb3e0bbf69d0081faafd8
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-hppa/kernel-headers-2.6.8-4-64-smp_2.6.8-7sarge1_hppa.deb
Size/MD5 checksum: 219244 ff1d717d7b3d1db40c96d15b96b8a447
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-hppa/kernel-image-2.6.8-4-64-smp_2.6.8-7sarge1_hppa.deb
Size/MD5 checksum: 18374164 e088d77a7e64efa4d825416f94fd5db6
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-hppa/kernel-headers-2.6.8-4-32-smp_2.6.8-7sarge1_hppa.deb
Size/MD5 checksum: 220054 5e8db88176af86cf5d5968dac2816ac6
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-hppa/kernel-image-2.6.8-4-32-smp_2.6.8-7sarge1_hppa.deb
Size/MD5 checksum: 17020158 1e3f2fc9f9764e1823054df8abde860c
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-hppa/kernel-headers-2.6.8-4-32_2.6.8-7sarge1_hppa.deb
Size/MD5 checksum: 220598 e3419d467dc69e90e2db720c519268d3
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-hppa/kernel-image-2.6.8-4-32_2.6.8-7sarge1_hppa.deb
Size/MD5 checksum: 16110870 cb91278b4861aa27da3555e3ae05a842
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-hppa/kernel-headers-2.6.8-4-64_2.6.8-7sarge1_hppa.deb
Size/MD5 checksum: 219758 ff98c244a5777bf1cb9d3aa42e92035b

i386 architecture (Intel ia32)

http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-i386/kernel-headers-2.6.8-4-k7-smp_2.6.8-17sarge1_i386.deb
Size/MD5 checksum: 258700 b406cff5cdfce0b1ebb0999b940bcf77
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-i386/kernel-image-2.6.8-4-386_2.6.8-17sarge1_i386.deb
Size/MD5 checksum: 14079400 b3034d3d756026061d6d1ae64f7670ac
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-amd64/kernel-headers-2.6.8-13-amd64-k8-smp_2.6.8-17sarge1_i386.deb
Size/MD5 checksum: 226622 89ab2fe13383be55139f779983e76f56
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-amd64/kernel-headers-2.6.8-13-em64t-p4_2.6.8-17sarge1_i386.deb
Size/MD5 checksum: 228124 0232808c2f4af4679ff387fd5aef30c2
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-amd64/kernel-image-2.6.8-13-amd64-k8-smp_2.6.8-17sarge1_i386.deb
Size/MD5 checksum: 13238830 83c9fa536a5039d9b7faaedd55c0d2df
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-amd64/kernel-image-2.6.8-13-em64t-p4-smp_2.6.8-17sarge1_i386.deb
Size/MD5 checksum: 13208166 7d76aba45eeea785e68e144c93f8fa55
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-amd64/kernel-headers-2.6.8-13-amd64-generic_2.6.8-17sarge1_i386.deb
Size/MD5 checksum: 231474 a9af96e38de18058a0bbb855ed0193f3
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-i386/kernel-image-2.6.8-4-686_2.6.8-17sarge1_i386.deb
Size/MD5 checksum: 15558172 1ef83fe26c46d25f209cb0a76140c0e3
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-amd64/kernel-image-2.6.8-13-em64t-p4_2.6.8-17sarge1_i386.deb
Size/MD5 checksum: 13236626 fad30247937094d606a01d53a2eff086
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-amd64/kernel-headers-2.6.8-13_2.6.8-17sarge1_i386.deb
Size/MD5 checksum: 2728376 e2538d185c863ac7adf9dd41ac73f83d
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-i386/kernel-image-2.6.8-4-686-smp_2.6.8-17sarge1_i386.deb
Size/MD5 checksum: 15397692 580feea340f69d04fafcd052268bb314
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-i386/kernel-image-2.6.8-4-k7-smp_2.6.8-17sarge1_i386.deb
Size/MD5 checksum: 15173410 f477356acda36ec633c3bee285794377
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-i386/kernel-headers-2.6.8-4_2.6.8-17sarge1_i386.deb
Size/MD5 checksum: 2784978 76f4162d37d785b5e0648435936774f6
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-i386/kernel-headers-2.6.8-4-386_2.6.8-17sarge1_i386.deb
Size/MD5 checksum: 263456 3ddcc23d88f64f8a185c3a3dc4ae3402
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-amd64/kernel-headers-2.6.8-13-em64t-p4-smp_2.6.8-17sarge1_i386.deb
Size/MD5 checksum: 225052 c266db2ed1f497b91c8202c2e9511bd3
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-i386/kernel-image-2.6.8-4-k7_2.6.8-17sarge1_i386.deb
Size/MD5 checksum: 15282426 bce3bfbc0e6aede5dc503b37935b050a
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-amd64/kernel-headers-2.6.8-13-amd64-k8_2.6.8-17sarge1_i386.deb
Size/MD5 checksum: 230266 2172a8e3ff5107cb582b5a31111b904b
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-i386/kernel-headers-2.6.8-4-686-smp_2.6.8-17sarge1_i386.deb
Size/MD5 checksum: 258222 e02e548b571117fa3a0b68add40c3893
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-i386/kernel-headers-2.6.8-4-686_2.6.8-17sarge1_i386.deb
Size/MD5 checksum: 260930 a4765a3da36be625c104281daecc29d2
http://security.debian.org/pool/updates/main/f/fai-kernels/fai-kernels_1.9.1sarge8_i386.deb
Size/MD5 checksum: 12010766 5c06b0a78b203b2032aa327839fa9795
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-i386/kernel-headers-2.6.8-4-k7_2.6.8-17sarge1_i386.deb
Size/MD5 checksum: 260956 5bf06a1619132b0624299735caf26879
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-amd64/kernel-image-2.6.8-13-amd64-generic_2.6.8-17sarge1_i386.deb
Size/MD5 checksum: 12579278 f6c685f628478fcc8f37257a6e71aedd
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-amd64/kernel-image-2.6.8-13-amd64-k8_2.6.8-17sarge1_i386.deb
Size/MD5 checksum: 13276128 541fc888c5aa5dee5e186185d1f2256f

ia64 architecture (Intel ia64)

http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-ia64/kernel-image-2.6.8-4-itanium_2.6.8-15sarge1_ia64.deb
Size/MD5 checksum: 21496770 8336b695564c2eb6d8dc98a13c3b4e1a
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-ia64/kernel-headers-2.6.8-4-itanium-smp_2.6.8-15sarge1_ia64.deb
Size/MD5 checksum: 205878 2f8285b89e03dee6c71f9d8079d13499
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-ia64/kernel-image-2.6-mckinley-smp_2.6.8-15sarge1_ia64.deb
Size/MD5 checksum: 12228 b69b46b5a764b898baaf3ba3ad056d5f
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-ia64/kernel-image-2.6-mckinley_2.6.8-15sarge1_ia64.deb
Size/MD5 checksum: 12162 3d5dfd32448f8cb967dd1ce9549789af
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-ia64/kernel-headers-2.6.8-4_2.6.8-15sarge1_ia64.deb
Size/MD5 checksum: 3104422 af94110dd2e8401a975315dd93aaa28b
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-ia64/kernel-headers-2.6-mckinley_2.6.8-15sarge1_ia64.deb
Size/MD5 checksum: 12172 618961c987120133ee1c999e4cf5f62f
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-ia64/kernel-headers-2.6-mckinley-smp_2.6.8-15sarge1_ia64.deb
Size/MD5 checksum: 12236 7ca412f9885d85f92340423de43e284f
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-ia64/kernel-headers-2.6-itanium_2.6.8-15sarge1_ia64.deb
Size/MD5 checksum: 12140 031a5db578a7291bf25c13b7be4b4ec6
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-ia64/kernel-headers-2.6.8-4-itanium_2.6.8-15sarge1_ia64.deb
Size/MD5 checksum: 206340 85610c56d71469abb003503c9395f639
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-ia64/kernel-headers-2.6.8-4-mckinley_2.6.8-15sarge1_ia64.deb
Size/MD5 checksum: 206076 62768e32c962c2f1f2f19c0062800557
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-ia64/kernel-headers-2.6-itanium-smp_2.6.8-15sarge1_ia64.deb
Size/MD5 checksum: 12202 a4a24b0e48c4f6c2c3d8ab17fc6fe4ae
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-ia64/kernel-image-2.6.8-4-mckinley_2.6.8-15sarge1_ia64.deb
Size/MD5 checksum: 21417820 daa90c69a36eb5baf3231fed495766e1
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-ia64/kernel-headers-2.6.8-4-mckinley-smp_2.6.8-15sarge1_ia64.deb
Size/MD5 checksum: 205672 e5befe9b90d7f8d43ed7e1dfff89851c
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-ia64/kernel-image-2.6.8-4-itanium-smp_2.6.8-15sarge1_ia64.deb
Size/MD5 checksum: 22158208 8a186facbb3023845284531d27c01486
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-ia64/kernel-image-2.6-itanium_2.6.8-15sarge1_ia64.deb
Size/MD5 checksum: 12136 fe3ae95000fba99026557e9f3110eef9
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-ia64/kernel-image-2.6.8-4-mckinley-smp_2.6.8-15sarge1_ia64.deb
Size/MD5 checksum: 22174026 de343e5cddd6936ec435cdc87d5ab689
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-ia64/kernel-image-2.6-itanium-smp_2.6.8-15sarge1_ia64.deb
Size/MD5 checksum: 12200 75abbf3dc640b0765b0f510c0c783ecb

m68k architecture (Motorola Mc680x0)

http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-m68k/kernel-image-2.6.8-sun3_2.6.8-5sarge1_m68k.deb
Size/MD5 checksum: 2997446 90b62190daab090dd211b2e2fa76e634
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-m68k/kernel-image-2.6.8-mvme16x_2.6.8-5sarge1_m68k.deb
Size/MD5 checksum: 3053150 9876f36e6cbad66ac690362955b3ee6c
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-m68k/kernel-image-2.6.8-q40_2.6.8-5sarge1_m68k.deb
Size/MD5 checksum: 3111618 38fdf55f9f32aa26df0b3001fd6b77a2
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-m68k/kernel-image-2.6.8-amiga_2.6.8-5sarge1_m68k.deb
Size/MD5 checksum: 3311580 052d54a9c2e6eab73cf870634aaf78e3
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-m68k/kernel-image-2.6.8-hp_2.6.8-5sarge1_m68k.deb
Size/MD5 checksum: 2992404 cd498a3a110af341e7052fb06ec8b0bc
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-m68k/kernel-image-2.6.8-mac_2.6.8-5sarge1_m68k.deb
Size/MD5 checksum: 3178962 1160ae756c286e7e2845cbeb1326c3bb
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-m68k/kernel-image-2.6.8-mvme147_2.6.8-5sarge1_m68k.deb
Size/MD5 checksum: 2982482 677c66d0af2580084d6d061bfd63ffd4
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-m68k/kernel-image-2.6.8-bvme6000_2.6.8-5sarge1_m68k.deb
Size/MD5 checksum: 3018000 89321aa5c34c8c9c95a61a86d0337699
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-m68k/kernel-image-2.6.8-atari_2.6.8-5sarge1_m68k.deb
Size/MD5 checksum: 3105192 0a020af9116bd8ac96d2c3eb054b6840

powerpc architecture (PowerPC)

http://security.debian.org/pool/updates/main/k/kernel-patch-powerpc-2.6.8/kernel-headers-2.6.8-4_2.6.8-13sarge1_powerpc.deb
Size/MD5 checksum: 5153168 2f57ad5241d60f31e262541b1b9bf08a
http://security.debian.org/pool/updates/main/k/kernel-patch-powerpc-2.6.8/kernel-image-2.6.8-4-power3-smp_2.6.8-13sarge1_powerpc.deb
Size/MD5 checksum: 13953866 46a1861b3cd33737bdd60a0f72f397c4
http://security.debian.org/pool/updates/main/k/kernel-patch-powerpc-2.6.8/kernel-image-2.6.8-4-power3_2.6.8-13sarge1_powerpc.deb
Size/MD5 checksum: 13599558 0ddb46fa72e94a9018eccfd3d2f0b40c
http://security.debian.org/pool/updates/main/k/kernel-patch-powerpc-2.6.8/kernel-image-2.6.8-4-powerpc-smp_2.6.8-13sarge1_powerpc.deb
Size/MD5 checksum: 13873214 f012b664fbc58bfcdfbba594d38bc855
http://security.debian.org/pool/updates/main/k/kernel-patch-powerpc-2.6.8/kernel-image-2.6.8-4-power4-smp_2.6.8-13sarge1_powerpc.deb
Size/MD5 checksum: 13943782 153a4ba86086ae315977b069a3c8fa3c
http://security.debian.org/pool/updates/main/k/kernel-patch-powerpc-2.6.8/kernel-build-2.6.8-4-power3_2.6.8-13sarge1_powerpc.deb
Size/MD5 checksum: 412788 719ae014adea5b6a7c3c36b2b0e268ed
http://security.debian.org/pool/updates/main/k/kernel-patch-powerpc-2.6.8/kernel-build-2.6.8-4-powerpc_2.6.8-13sarge1_powerpc.deb
Size/MD5 checksum: 412382 228e63e6d49179b0dc802b903b1b52e4
http://security.debian.org/pool/updates/main/k/kernel-patch-powerpc-2.6.8/kernel-build-2.6.8-4-power4-smp_2.6.8-13sarge1_powerpc.deb
Size/MD5 checksum: 411974 bcf255c3858b2d9a01bbbb2b7c25aff2
http://security.debian.org/pool/updates/main/k/kernel-patch-powerpc-2.6.8/kernel-image-2.6.8-4-powerpc_2.6.8-13sarge1_powerpc.deb
Size/MD5 checksum: 13616728 e6762f501e5422e23f023b79037a8ca5
http://security.debian.org/pool/updates/main/k/kernel-patch-powerpc-2.6.8/kernel-build-2.6.8-4-power4_2.6.8-13sarge1_powerpc.deb
Size/MD5 checksum: 412034 0334c1128e3e843ebc68963633480ba4
http://security.debian.org/pool/updates/main/k/kernel-patch-powerpc-2.6.8/kernel-build-2.6.8-4-powerpc-smp_2.6.8-13sarge1_powerpc.deb
Size/MD5 checksum: 412136 a761c81f7e2c38637fecefeb197f8a5b
http://security.debian.org/pool/updates/main/k/kernel-patch-powerpc-2.6.8/kernel-build-2.6.8-4-power3-smp_2.6.8-13sarge1_powerpc.deb
Size/MD5 checksum: 412708 584de35626e4445772f28341560aae76
http://security.debian.org/pool/updates/main/k/kernel-patch-powerpc-2.6.8/kernel-image-2.6.8-4-power4_2.6.8-13sarge1_powerpc.deb
Size/MD5 checksum: 13583634 0f334a6487d58f02b75f9102641d4541

s390 architecture (IBM S/390)

http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-s390/kernel-image-2.6.8-4-s390x_2.6.8-6sarge1_s390.deb
Size/MD5 checksum: 3199350 2dec14becfc609e1414a00a726a78153
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-s390/kernel-image-2.6.8-4-s390_2.6.8-6sarge1_s390.deb
Size/MD5 checksum: 2992448 d90f45f8f995286690ed2c460f5f418b
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-s390/kernel-headers-2.6.8-4_2.6.8-6sarge1_s390.deb
Size/MD5 checksum: 5092100 c603b5b67a2e4be7b92fc909a64493cd
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-s390/kernel-image-2.6.8-4-s390-tape_2.6.8-6sarge1_s390.deb
Size/MD5 checksum: 1150168 8cf8f4a0193c71df9a27b3362b868cc5

sparc architecture (Sun SPARC/UltraSPARC)

http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-sparc/kernel-image-2.6.8-4-sparc64-smp_2.6.8-16sarge1_sparc.deb
Size/MD5 checksum: 7645904 2c30dc864de96d05d0a3426b36c26d3a
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-sparc/kernel-headers-2.6.8-4_2.6.8-16sarge1_sparc.deb
Size/MD5 checksum: 2896286 54cdf0c85119d5a049164705e54a24d9
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-sparc/kernel-image-2.6.8-4-sparc32_2.6.8-16sarge1_sparc.deb
Size/MD5 checksum: 4563634 2df1caceab9295aca03f8efb9abfa33a
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-sparc/kernel-image-2.6.8-4-sparc64_2.6.8-16sarge1_sparc.deb
Size/MD5 checksum: 7449244 1833928627fd502581b283c8d508b423
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-sparc/kernel-headers-2.6.8-4-sparc32_2.6.8-16sarge1_sparc.deb
Size/MD5 checksum: 116254 ccfa57772f57fc041c7e2f52fc09216c
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-sparc/kernel-headers-2.6.8-4-sparc64-smp_2.6.8-16sarge1_sparc.deb
Size/MD5 checksum: 151548 0170da5a8e3a7179073a6ee42fe41b27
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-sparc/kernel-build-2.6.8-4_2.6.8-16sarge1_sparc.deb
Size/MD5 checksum: 10856 5866644f6a69cd14120b2f27b936097e
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-sparc/kernel-headers-2.6.8-4-sparc64_2.6.8-16sarge1_sparc.deb
Size/MD5 checksum: 150948 ed82830f3020847472660683d0a8b5cd

These files will probably be moved into the oldstable distribution on
its next update.

- ---------------------------------------------------------------------------------
For apt-get: deb http://security.debian.org/ stable/updates main
For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main
Mailing list: debian-security-announce@lists.debian.org
Package info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)

iD8DBQFHvz3RhuANDBmkLRkRApVbAJ9d6wqvYEi8ewaJll1OtoMK1n945QCeLY4u
NcwTnhEcZs8czVzN6M2RXoE=
=69WA
-----END PGP SIGNATURE-----