| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Wed, 29 Nov 2006 11:51:03 -0800
From: Chris Wright <chrisw@...s-sol.org>
To: linux-kernel@...r.kernel.org
Cc: Andrew Morton <akpm@...l.org>, torvalds@...l.org, stable@...nel.org
Subject: Linux 2.6.18.4
We (the -stable team) are announcing the release of the 2.6.18.4 kernel.
This has just a single security fix (CVE-2006-5751) for the network
bridge code in it. An unprivileged local user could potentially write
to kernel memory without this fix.
The diffstat and short summary of the fixes are below.
I'll also be replying to this message with a copy of the patch between
2.6.18.3 and 2.6.18.4, as it is small enough to do so.
The updated 2.6.18.y git tree can be found at:
git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-2.6.18.y.git
and can be browsed at the normal kernel.org git web browser:
www.kernel.org/git/
thanks,
-chris
--------
Makefile | 2 +-
net/bridge/br_ioctl.c | 9 +++++----
2 files changed, 6 insertions(+), 5 deletions(-)
Summary of changes from v2.6.18.3 to v2.6.18.4
============================================
Chris Wright:
bridge: fix possible overflow in get_fdb_entries (CVE-2006-5751)
Linux 2.6.18.4
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists