Debians sikkerhedsbulletin
DSA-922-1 kernel-source-2.6.8 -- flere sårbarheder
- Rapporteret den:
- 14. dec 2005
- Berørte pakker:
- kernel-source-2.6.8
- Sårbar:
- Ja
- Referencer i sikkerhedsdatabaser:
- I Debians fejlsporingssystem: Fejl 309308, Fejl 311164, Fejl 321401, Fejl 322237, Fejl 322339.
I Bugtraq-databasen (hos SecurityFocus): BugTraq-id 14477, BugTraq-id 15527, BugTraq-id 15528, BugTraq-id 15533.
I Mitres CVE-ordbog: CVE-2004-2302, CVE-2005-0756, CVE-2005-0757, CVE-2005-1265, CVE-2005-1761, CVE-2005-1762, CVE-2005-1763, CVE-2005-1765, CVE-2005-1767, CVE-2005-2456, CVE-2005-2458, CVE-2005-2459, CVE-2005-2548, CVE-2005-2801, CVE-2005-2872, CVE-2005-3105, CVE-2005-3106, CVE-2005-3107, CVE-2005-3108, CVE-2005-3109, CVE-2005-3110, CVE-2005-3271, CVE-2005-3272, CVE-2005-3273, CVE-2005-3274, CVE-2005-3275, CVE-2005-3276. - Yderligere oplysninger:
-
Flere lokale og fjerne sårbarheder er opdaget i Linux-kernen, de kan føre til lammelsesangreb (denial of service) eller udførelse af vilkårlig kode. Projektet Common Vulnerabilities and Exposures har fundet frem til følgende problemer:
- CVE-2004-2302
En race condition i sysfs-filsystemet tillod at lokale brugere læste kernehukommelse og forårsagede et lammelsesangreb (dvs. denial of service; crash).
- CVE-2005-0756
Alexander Nyberg har opdaget af systemkaldet ptrace() ikke på korrekt vis kontrollerer adresser på amd64-arkitekturen, hvilket kunne udnyttes af en lokal angriber til at crashe kernen.
- CVE-2005-0757
Et problem i offset-håndteringen i xattr-filsystemkoden til ext3, er opdaget. Det kunne gøre det muligt for brugere på 64 bit-systemer, der havde adgang til et ext3-filsystem med udvidede attributter, at få kernen til at crashe.
- CVE-2005-1265
Chris Wright har opdaget at funktionen mmap() kunne oprette ulovlige memory map, hvilket kunne udnyttes af en lokal bruger til at crashe kernen eller potentielt udføre vilkårlig kode.
- CVE-2005-1761
En sårbarhed på arkitekturen IA-64 kunne gøre det muligt for lokale angribere at overskrive kernehukommelse og crashe kernen.
- CVE-2005-1762
En sårbarhed er opdaget i systemkaldet ptrace() på amd64-arkitekturen, hvilket gjorde det muligt for lokale angribere at få kernen til crashe.
- CVE-2005-1763
Et bufferoverløb i systemkaldet ptrace på 64 bit-arkitekturer, gjorde det muligt for lokale brugere at skrive bytes ind i vilkårlig kernehukommelse.
- CVE-2005-1765
Zou Nan Hai har opdaget at en lokal bruger kunne få kernen til at hænge på amd64-arkitekturen efter at have kaldt syscall() med særligt fremstillede parametre.
- CVE-2005-1767
En sårbarhed er opdaget i fejlhåndteringen af staksegmenter, hvilket kunne gøre det muligt for lokale angribere at forårsage en stak-undtagelse, der medførte at kernen crashede under visse omstændigheder.
- CVE-2005-2456
Balazs Scheidler har opdaget at en lokal angriber kunne kalde setsockopt() med en ugyldig xfrm_user-policymeddelelse, hvilket fik kernen til at skrive ud over et arrays gærnser, medførende et crash.
- CVE-2005-2458
Vladimir Volovich har opdaget en fejl i zlib-rutinerne, som også er at finde i Linux-kernen. Fjernangribere kunne crashe kernen.
- CVE-2005-2459
Endun en sårbarhed er opdaget i zlib-rutinerne, som også er at finde i Linux-kernen. Fjernangribere kunne crashe kernen.
- CVE-2005-2548
Peter Sandstrom har bemærket at snmpwalk fra en fjern værtsmaskine, kunne forårsage et lammelsesangreb (dvs. denial of service; kerne-oops fra en null-dereference) via visse UDP-pakker, der førte til et funktionskald med de forkerte parametre.
- CVE-2005-2801
Andreas Gruenbacher har opdaget en fejl i ext2- og ext3-filsystemerne. Når dataområder skulle deles mellem two inoder, blev der ikke undersøgt om alle oplysninger var ens, hvilket kunne blotlægge forkerte ACL'er til filer.
- CVE-2005-2872
Chad Walstrom har opdaget at kernemodulet ipt_recent på 64 bit-processorer så som AMD64 ows remote attackers to cause a denial of service (kernel panic) via certain attacks such as SSH brute force.
- CVE-2005-3105
mprotect-koden på Itanium IA-64 Montecito-processorer vedligeholder ikke korrekt cache-sammenhæng som krævet af arkitekturen, hvilket gjorde det muligt for lokale brugere at forårsage et lammelsesangreb (denial of service) og muligvis ødelægge data ved at ændre PTE-beskyttelser.
- CVE-2005-3106
En race condition i trådhåndteringen kunne gøre det muligt for lokale brugere at forårsage et lammelsesangreb (dvs. denial of service; deadlock), når tråde deler hukommelse og venter på en tråd, der netop har udført en exec.
- CVE-2005-3107
Når en tråd blev sporet af en anden tråd som deler det samme memory map som en lokal bruger, kunne det forårsage et lammelsesangreb (dvs. denial of service; deadlock) ved at gennemtvinge et core dump, når den sporede tråd var i tilstanden TASK_TRACED.
- CVE-2005-3108
En fejl i systemkaldet ioremap() er opdaget på amd64-arkitekturen, hvilket kunne gøre det muligt for lokale brugere at forårsage et lammelsesangreb (denial of service) eller en informationslækage, når et opslag på en ikke-eksisterende hukommelsesside blev udført.
- CVE-2005-3109
Modulerne HFS og HFS+ (hfsplus) gjorde det muligt for lokale angribere at forårsage et lammelsesangreb (dvs. denial of service; oops) ved at anvende hfsplus til at mounte et filesystem, som ikke er hfsplus.
- CVE-2005-3110
En race ondition i netfiltermodulet ebtables på stærkt belastede SMP-systemer, kunne gøre det muligt for fjernangribere at forårsage et lammelsesangreb (dvs. denial of service; crash).
- CVE-2005-3271
Roland McGrath har opdaget at exec() ikke korrekt tømmer posix-timere i multitrådede miljøer, hvilket medførte en ressourcelækage, og kunne gøre det muligt for et stort antal lokale brugere at forårsage et lammelsesangreb (denial of service) ved at anvende flere posix-timerere end angivet i den enkelte brugers kvote.
- CVE-2005-3272
Kernen tillod at fjernangribere kunne forgifte bridge forwarding-tabellen vha. frames der allerede var blevet smidt væk ved filtrering, hvilket kunne få bridgen til at videresende forfalskede pakker.
- CVE-2005-3273
ioctl til amatørradioprotokollen ROSE, kontrollerer ikke på korrekt vis parametrene, når der opsættes en ny router, hvilket gjorde det muligt for angribere at udløse out-of-bounds-fejl.
- CVE-2005-3274
En race condition på SMP-systemer, gjorde det muligt for lokale brugere at forårsage et lammelsesangreb (dvs. denial of service; en null-dereference) ved at få en connection-timer til at udløbe, mens connection-tabellen blev tømt, før den nødvendige lock var etableret.
- CVE-2005-3275
En fejl i NAT-koden tillod at fjernangribere kunne forårsage et lammelsesangreb (dvs. denial of service; hukommelseskorruption) ved at få to pakker til den samme protokol, til at blive NAT'et på samme tid, hvilket medførte hukommelseskorruption.
- CVE-2005-3276
En manglende hukommelsesoprydning i thread-håndteringsrutinerne før kopiering af data til userspace, tillod at en brugerproces kunne få adgang til følsomme oplysninger.
Denne opdatering indeholder også en række rettelser af problemer, der siden har vist sig ikke at have nogen sikkerhedsrelevans.
Følgende matriks forklarer hvilke kerneversioner til hvilke arkitekturer, der retter de ovennævnte problemer:
Debian 3.1 (sarge) Kildekode 2.6.8-16sarge1 Alpha-arkitekturen 2.6.8-16sarge1 AMD64-arkitekturen 2.6.8-16sarge1 HP Precision-arkitekturen 2.6.8-6sarge1 Intel IA-32-arkitekturen 2.6.8-16sarge1 Intel IA-64-arkitekturen 2.6.8-14sarge1 Motorola 680x0-arkitekturen 2.6.8-4sarge1 PowerPC-arkitekturen 2.6.8-12sarge1 IBM S/390-arkitekturen 2.6.8-5sarge1 Sun Sparc-arkitekturen 2.6.8-15sarge1 Vi anbefaler at du omgående opgraderer din kernel-pakke og genstarter maskinen.
- CVE-2004-2302
- Rettet i:
-
Debian GNU/Linux 3.1 (sarge)
- Kildekode:
- http://security.debian.org/pool/updates/main/k/kernel-source-2.6.8/kernel-source-2.6.8_2.6.8-16sarge1.dsc
- http://security.debian.org/pool/updates/main/k/kernel-source-2.6.8/kernel-source-2.6.8_2.6.8-16sarge1.diff.gz
- http://security.debian.org/pool/updates/main/k/kernel-source-2.6.8/kernel-source-2.6.8_2.6.8.orig.tar.gz
- http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-alpha/kernel-image-2.6.8-alpha_2.6.8-16sarge1.dsc
- http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-alpha/kernel-image-2.6.8-alpha_2.6.8-16sarge1.tar.gz
- http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-amd64/kernel-image-2.6.8-amd64_2.6.8-16sarge1.dsc
- http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-amd64/kernel-image-2.6.8-amd64_2.6.8-16sarge1.tar.gz
- http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-hppa/kernel-image-2.6.8-hppa_2.6.8-6sarge1.dsc
- http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-hppa/kernel-image-2.6.8-hppa_2.6.8-6sarge1.tar.gz
- http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-i386/kernel-image-2.6.8-i386_2.6.8-16sarge1.dsc
- http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-i386/kernel-image-2.6.8-i386_2.6.8-16sarge1.tar.gz
- http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-ia64/kernel-image-2.6.8-ia64_2.6.8-14sarge1.dsc
- http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-ia64/kernel-image-2.6.8-ia64_2.6.8-14sarge1.tar.gz
- http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-m68k/kernel-image-2.6.8-m68k_2.6.8-4sarge1.dsc
- http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-m68k/kernel-image-2.6.8-m68k_2.6.8-4sarge1.tar.gz
- http://security.debian.org/pool/updates/main/k/kernel-patch-powerpc-2.6.8/kernel-patch-powerpc-2.6.8_2.6.8-12sarge1.dsc
- http://security.debian.org/pool/updates/main/k/kernel-patch-powerpc-2.6.8/kernel-patch-powerpc-2.6.8_2.6.8-12sarge1.tar.gz
- http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-s390/kernel-image-2.6.8-s390_2.6.8-5sarge1.dsc
- http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-s390/kernel-image-2.6.8-s390_2.6.8-5sarge1.tar.gz
- http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-sparc/kernel-image-2.6.8-sparc_2.6.8-15sarge1.dsc
- http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-sparc/kernel-image-2.6.8-sparc_2.6.8-15sarge1.tar.gz
- http://security.debian.org/pool/updates/main/k/kernel-source-2.6.8/kernel-source-2.6.8_2.6.8-16sarge1.diff.gz
- Arkitekturuafhængig komponent:
- http://security.debian.org/pool/updates/main/k/kernel-source-2.6.8/kernel-doc-2.6.8_2.6.8-16sarge1_all.deb
- http://security.debian.org/pool/updates/main/k/kernel-source-2.6.8/kernel-patch-debian-2.6.8_2.6.8-16sarge1_all.deb
- http://security.debian.org/pool/updates/main/k/kernel-source-2.6.8/kernel-source-2.6.8_2.6.8-16sarge1_all.deb
- http://security.debian.org/pool/updates/main/k/kernel-source-2.6.8/kernel-tree-2.6.8_2.6.8-16sarge1_all.deb
- http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-s390/kernel-patch-2.6.8-s390_2.6.8-5sarge1_all.deb
- http://security.debian.org/pool/updates/main/k/kernel-source-2.6.8/kernel-patch-debian-2.6.8_2.6.8-16sarge1_all.deb
- Alpha:
- http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-alpha/kernel-headers-2.6.8-2_2.6.8-16sarge1_alpha.deb
- http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-alpha/kernel-headers-2.6.8-2-generic_2.6.8-16sarge1_alpha.deb
- http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-alpha/kernel-headers-2.6.8-2-smp_2.6.8-16sarge1_alpha.deb
- http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-alpha/kernel-image-2.6.8-2-generic_2.6.8-16sarge1_alpha.deb
- http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-alpha/kernel-image-2.6.8-2-smp_2.6.8-16sarge1_alpha.deb
- http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-alpha/kernel-headers-2.6.8-2-generic_2.6.8-16sarge1_alpha.deb
- AMD64:
- http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-amd64/kernel-headers-2.6.8-11_2.6.8-16sarge1_amd64.deb
- http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-amd64/kernel-headers-2.6.8-11-amd64-generic_2.6.8-16sarge1_amd64.deb
- http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-amd64/kernel-headers-2.6.8-11-amd64-k8_2.6.8-16sarge1_amd64.deb
- http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-amd64/kernel-headers-2.6.8-11-amd64-k8-smp_2.6.8-16sarge1_amd64.deb
- http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-amd64/kernel-headers-2.6.8-11-em64t-p4_2.6.8-16sarge1_amd64.deb
- http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-amd64/kernel-headers-2.6.8-11-em64t-p4-smp_2.6.8-16sarge1_amd64.deb
- http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-amd64/kernel-image-2.6.8-11-amd64-generic_2.6.8-16sarge1_amd64.deb
- http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-amd64/kernel-image-2.6.8-11-amd64-k8_2.6.8-16sarge1_amd64.deb
- http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-amd64/kernel-image-2.6.8-11-amd64-k8-smp_2.6.8-16sarge1_amd64.deb
- http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-amd64/kernel-image-2.6.8-11-em64t-p4_2.6.8-16sarge1_amd64.deb
- http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-amd64/kernel-image-2.6.8-11-em64t-p4-smp_2.6.8-16sarge1_amd64.deb
- http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-amd64/kernel-headers-2.6.8-11-amd64-generic_2.6.8-16sarge1_amd64.deb
- HPPA:
- http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-hppa/kernel-headers-2.6.8-2_2.6.8-6sarge1_hppa.deb
- http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-hppa/kernel-headers-2.6.8-2-32_2.6.8-6sarge1_hppa.deb
- http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-hppa/kernel-headers-2.6.8-2-32-smp_2.6.8-6sarge1_hppa.deb
- http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-hppa/kernel-headers-2.6.8-2-64_2.6.8-6sarge1_hppa.deb
- http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-hppa/kernel-headers-2.6.8-2-64-smp_2.6.8-6sarge1_hppa.deb
- http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-hppa/kernel-image-2.6.8-2-32_2.6.8-6sarge1_hppa.deb
- http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-hppa/kernel-image-2.6.8-2-32-smp_2.6.8-6sarge1_hppa.deb
- http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-hppa/kernel-image-2.6.8-2-64_2.6.8-6sarge1_hppa.deb
- http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-hppa/kernel-image-2.6.8-2-64-smp_2.6.8-6sarge1_hppa.deb
- http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-hppa/kernel-headers-2.6.8-2-32_2.6.8-6sarge1_hppa.deb
- Intel IA-32:
- http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-amd64/kernel-headers-2.6.8-11_2.6.8-16sarge1_i386.deb
- http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-amd64/kernel-headers-2.6.8-11-amd64-generic_2.6.8-16sarge1_i386.deb
- http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-amd64/kernel-headers-2.6.8-11-amd64-k8_2.6.8-16sarge1_i386.deb
- http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-amd64/kernel-headers-2.6.8-11-amd64-k8-smp_2.6.8-16sarge1_i386.deb
- http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-amd64/kernel-headers-2.6.8-11-em64t-p4_2.6.8-16sarge1_i386.deb
- http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-amd64/kernel-headers-2.6.8-11-em64t-p4-smp_2.6.8-16sarge1_i386.deb
- http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-amd64/kernel-image-2.6.8-11-amd64-generic_2.6.8-16sarge1_i386.deb
- http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-amd64/kernel-image-2.6.8-11-amd64-k8_2.6.8-16sarge1_i386.deb
- http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-amd64/kernel-image-2.6.8-11-amd64-k8-smp_2.6.8-16sarge1_i386.deb
- http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-amd64/kernel-image-2.6.8-11-em64t-p4_2.6.8-16sarge1_i386.deb
- http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-amd64/kernel-image-2.6.8-11-em64t-p4-smp_2.6.8-16sarge1_i386.deb
- http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-i386/kernel-headers-2.6.8-2_2.6.8-16sarge1_i386.deb
- http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-i386/kernel-headers-2.6.8-2-386_2.6.8-16sarge1_i386.deb
- http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-i386/kernel-headers-2.6.8-2-686_2.6.8-16sarge1_i386.deb
- http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-i386/kernel-headers-2.6.8-2-686-smp_2.6.8-16sarge1_i386.deb
- http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-i386/kernel-headers-2.6.8-2-k7_2.6.8-16sarge1_i386.deb
- http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-i386/kernel-headers-2.6.8-2-k7-smp_2.6.8-16sarge1_i386.deb
- http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-i386/kernel-image-2.6.8-2-386_2.6.8-16sarge1_i386.deb
- http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-i386/kernel-image-2.6.8-2-686_2.6.8-16sarge1_i386.deb
- http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-i386/kernel-image-2.6.8-2-686-smp_2.6.8-16sarge1_i386.deb
- http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-i386/kernel-image-2.6.8-2-k7_2.6.8-16sarge1_i386.deb
- http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-i386/kernel-image-2.6.8-2-k7-smp_2.6.8-16sarge1_i386.deb
- http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-ia64/kernel-headers-2.6-itanium_2.6.8-14sarge1_ia64.deb
- http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-ia64/kernel-headers-2.6-itanium-smp_2.6.8-14sarge1_ia64.deb
- http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-ia64/kernel-headers-2.6-mckinley_2.6.8-14sarge1_ia64.deb
- http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-ia64/kernel-headers-2.6-mckinley-smp_2.6.8-14sarge1_ia64.deb
- http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-ia64/kernel-headers-2.6.8-2_2.6.8-14sarge1_ia64.deb
- http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-ia64/kernel-headers-2.6.8-2-itanium_2.6.8-14sarge1_ia64.deb
- http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-ia64/kernel-headers-2.6.8-2-itanium-smp_2.6.8-14sarge1_ia64.deb
- http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-ia64/kernel-headers-2.6.8-2-mckinley_2.6.8-14sarge1_ia64.deb
- http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-ia64/kernel-headers-2.6.8-2-mckinley-smp_2.6.8-14sarge1_ia64.deb
- http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-ia64/kernel-image-2.6-itanium_2.6.8-14sarge1_ia64.deb
- http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-ia64/kernel-image-2.6-itanium-smp_2.6.8-14sarge1_ia64.deb
- http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-ia64/kernel-image-2.6-mckinley_2.6.8-14sarge1_ia64.deb
- http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-ia64/kernel-image-2.6-mckinley-smp_2.6.8-14sarge1_ia64.deb
- http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-ia64/kernel-image-2.6.8-2-itanium_2.6.8-14sarge1_ia64.deb
- http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-ia64/kernel-image-2.6.8-2-itanium-smp_2.6.8-14sarge1_ia64.deb
- http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-ia64/kernel-image-2.6.8-2-mckinley_2.6.8-14sarge1_ia64.deb
- http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-ia64/kernel-image-2.6.8-2-mckinley-smp_2.6.8-14sarge1_ia64.deb
- http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-amd64/kernel-headers-2.6.8-11-amd64-generic_2.6.8-16sarge1_i386.deb
- Motorola 680x0:
- http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-m68k/kernel-image-2.6.8-amiga_2.6.8-4sarge1_m68k.deb
- http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-m68k/kernel-image-2.6.8-atari_2.6.8-4sarge1_m68k.deb
- http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-m68k/kernel-image-2.6.8-bvme6000_2.6.8-4sarge1_m68k.deb
- http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-m68k/kernel-image-2.6.8-hp_2.6.8-4sarge1_m68k.deb
- http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-m68k/kernel-image-2.6.8-mac_2.6.8-4sarge1_m68k.deb
- http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-m68k/kernel-image-2.6.8-mvme147_2.6.8-4sarge1_m68k.deb
- http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-m68k/kernel-image-2.6.8-mvme16x_2.6.8-4sarge1_m68k.deb
- http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-m68k/kernel-image-2.6.8-q40_2.6.8-4sarge1_m68k.deb
- http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-m68k/kernel-image-2.6.8-sun3_2.6.8-4sarge1_m68k.deb
- http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-m68k/kernel-image-2.6.8-atari_2.6.8-4sarge1_m68k.deb
- PowerPC:
- http://security.debian.org/pool/updates/main/k/kernel-patch-powerpc-2.6.8/kernel-build-2.6.8-power3_2.6.8-12sarge1_powerpc.deb
- http://security.debian.org/pool/updates/main/k/kernel-patch-powerpc-2.6.8/kernel-build-2.6.8-power3-smp_2.6.8-12sarge1_powerpc.deb
- http://security.debian.org/pool/updates/main/k/kernel-patch-powerpc-2.6.8/kernel-build-2.6.8-power4_2.6.8-12sarge1_powerpc.deb
- http://security.debian.org/pool/updates/main/k/kernel-patch-powerpc-2.6.8/kernel-build-2.6.8-power4-smp_2.6.8-12sarge1_powerpc.deb
- http://security.debian.org/pool/updates/main/k/kernel-patch-powerpc-2.6.8/kernel-build-2.6.8-powerpc_2.6.8-12sarge1_powerpc.deb
- http://security.debian.org/pool/updates/main/k/kernel-patch-powerpc-2.6.8/kernel-build-2.6.8-powerpc-smp_2.6.8-12sarge1_powerpc.deb
- http://security.debian.org/pool/updates/main/k/kernel-patch-powerpc-2.6.8/kernel-headers-2.6.8_2.6.8-12sarge1_powerpc.deb
- http://security.debian.org/pool/updates/main/k/kernel-patch-powerpc-2.6.8/kernel-image-2.6.8-power3_2.6.8-12sarge1_powerpc.deb
- http://security.debian.org/pool/updates/main/k/kernel-patch-powerpc-2.6.8/kernel-image-2.6.8-power3-smp_2.6.8-12sarge1_powerpc.deb
- http://security.debian.org/pool/updates/main/k/kernel-patch-powerpc-2.6.8/kernel-image-2.6.8-power4_2.6.8-12sarge1_powerpc.deb
- http://security.debian.org/pool/updates/main/k/kernel-patch-powerpc-2.6.8/kernel-image-2.6.8-power4-smp_2.6.8-12sarge1_powerpc.deb
- http://security.debian.org/pool/updates/main/k/kernel-patch-powerpc-2.6.8/kernel-image-2.6.8-powerpc_2.6.8-12sarge1_powerpc.deb
- http://security.debian.org/pool/updates/main/k/kernel-patch-powerpc-2.6.8/kernel-image-2.6.8-powerpc-smp_2.6.8-12sarge1_powerpc.deb
- http://security.debian.org/pool/updates/main/k/kernel-patch-powerpc-2.6.8/kernel-build-2.6.8-power3-smp_2.6.8-12sarge1_powerpc.deb
- IBM S/390:
- http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-s390/kernel-headers-2.6.8-2_2.6.8-5sarge1_s390.deb
- http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-s390/kernel-image-2.6.8-2-s390_2.6.8-5sarge1_s390.deb
- http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-s390/kernel-image-2.6.8-2-s390-tape_2.6.8-5sarge1_s390.deb
- http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-s390/kernel-image-2.6.8-2-s390x_2.6.8-5sarge1_s390.deb
- http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-s390/kernel-image-2.6.8-2-s390_2.6.8-5sarge1_s390.deb
- Sun Sparc:
- http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-sparc/kernel-build-2.6.8-2_2.6.8-15sarge1_sparc.deb
- http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-sparc/kernel-headers-2.6.8-2_2.6.8-15sarge1_sparc.deb
- http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-sparc/kernel-headers-2.6.8-2-sparc32_2.6.8-15sarge1_sparc.deb
- http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-sparc/kernel-headers-2.6.8-2-sparc64_2.6.8-15sarge1_sparc.deb
- http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-sparc/kernel-headers-2.6.8-2-sparc64-smp_2.6.8-15sarge1_sparc.deb
- http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-sparc/kernel-image-2.6.8-2-sparc32_2.6.8-15sarge1_sparc.deb
- http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-sparc/kernel-image-2.6.8-2-sparc64_2.6.8-15sarge1_sparc.deb
- http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-sparc/kernel-image-2.6.8-2-sparc64-smp_2.6.8-15sarge1_sparc.deb
- http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-sparc/kernel-headers-2.6.8-2_2.6.8-15sarge1_sparc.deb
MD5-kontrolsummer for de listede filer findes i den originale sikkerhedsbulletin.
