[USN-395-1] Linux kernel vulnerabilities

Oliver Grawert ogra at ubuntu.com
Fri Dec 15 10:07:47 UTC 2006


hi,
Am Donnerstag, den 14.12.2006, 15:07 -0500 schrieb Chuck Peters:
> On 12/13/06, Martin Pitt <martin.pitt at canonical.com> wrote:
> > ===========================================================
> > Ubuntu Security Notice USN-395-1          December 13, 2006
> ===========================================================
> > Details follow:
> >
> > Mark Dowd discovered that the netfilter iptables module did not
> > correcly handle fragmented packets. By sending specially crafted
> > packets, a remote attacker could exploit this to bypass firewall
> > rules. This has only be fixed for Ubuntu 6.10; the corresponding fix
> > for Ubuntu 5.10 and 6.06 will follow soon. (CVE-2006-4572)
> 
> Any ETA or suggested work arounds for dapper users?
just make sure you have dapper-security enabled in your repositories,
the updated linux-image package should come down the drain soon (as the
mail says)

ciao
	oli
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 189 bytes
Desc: Dies ist ein digital signierter Nachrichtenteil
URL: <https://lists.ubuntu.com/archives/ubuntu-users/attachments/20061215/8e6b9b6f/attachment.sig>


More information about the ubuntu-users mailing list