The issues that is resolved in this upgrade are as follows:
Version 3 Fixes:
============
- a flaw in network IGMP processing that a allowed a remote user on the local network to cause a denial of service (disabling of multicast reports) if the system is running multicast applications (CVE-2002-2185, moderate)
- a flaw in remap_page_range() with O_DIRECT writes that allowed a local user to cause a denial of service (crash) (CVE-2004-1057, important)
- a flaw in exec() handling on some 64-bit architectures that allowed a local user to cause a denial of service (crash) (CVE-2005-2708, important)
- a flaw in procfs handling during unloading of modules that allowed a local user to cause a denial of service or potentially gain privileges
(CVE-2005-2709, moderate)
- a flaw in IPv6 network UDP port hash table lookups that allowed a local user to cause a denial of service (hang) (CVE-2005-2973, important)
- a flaw in 32-bit-compat handling of the TIOCGDEV ioctl that allowed a local user to cause a denial of service (crash) (CVE-2005-3044, important)
- a network buffer info leak using the orinoco driver that allowed a remote user to possibly view uninitialized data (CVE-2005-3180, important)
- a flaw in IPv4 network TCP and UDP netfilter handling that allowed a local user to cause a denial of service (crash) (CVE-2005-3275, important)
- a flaw in the IPv6 flowlabel code that allowed a local user to cause a denial of service (crash) (CVE-2005-3806, important)
- a flaw in network ICMP processing that allowed a local user to cause a denial of service (memory exhaustion) (CVE-2005-3848, important)
- a flaw in file lease time-out handling that allowed a local user to cause a denial of service (log file overflow) (CVE-2005-3857, moderate)
- a flaw in network IPv6 xfrm handling that allowed a local user to cause a denial of service (memory exhaustion) (CVE-2005-3858, important)
Version 4 Fixes:
============
- a flaw in network IGMP processing that a allowed a remote user on the local network to cause a denial of service (disabling of multicast reports) if the system is running multicast applications (CVE-2002-2185, moderate)
- a flaw which allowed a local user to write to firmware on read-only opened /dev/cdrom devices (CVE-2004-1190, moderate)
- a flaw in gzip/zlib handling internal to the kernel that may allow a local user to cause a denial of service (crash) (CVE-2005-2458, low)
- a flaw in procfs handling during unloading of modules that allowed a local user to cause a denial of service or potentially gain privileges
(CVE-2005-2709, moderate)
- a flaw in the SCSI procfs interface that allowed a local user to cause a denial of service (crash) (CVE-2005-2800, moderate)
- a flaw in 32-bit-compat handling of the TIOCGDEV ioctl that allowed a local user to cause a denial of service (crash) (CVE-2005-3044, important)
- a race condition when threads share memory mapping that allowed local users to cause a denial of service (deadlock) (CVE-2005-3106, important)
- a flaw when trying to mount a non-hfsplus filesystem using hfsplus that allowed local users to cause a denial of service (crash) (CVE-2005-3109, moderate)
- a minor info leak with the get_thread_area() syscall that allowed a local user to view uninitialized kernel stack data (CVE-2005-3276, low)
- a flaw in mq_open system call that allowed a local user to cause a denial of service (crash) (CVE-2005-3356, important)
- a flaw in set_mempolicy that allowed a local user on some 64-bit architectures to cause a denial of service (crash) (CVE-2005-3358, important)
- a flaw in the auto-reap of child processes that allowed a local user to cause a denial of service (crash) (CVE-2005-3784, important)
- a flaw in the IPv6 flowlabel code that allowed a local user to cause a denial of service (crash) (CVE-2005-3806, important)
- a flaw in network ICMP processing that allowed a local user to cause a denial of service (memory exhaustion) (CVE-2005-3848, important)
- a flaw in file lease time-out handling that allowed a local user to cause a denial of service (log file overflow) (CVE-2005-3857, moderate)
- a flaw in network IPv6 xfrm handling that allowed a local user to cause a denial of service (memory exhaustion) (CVE-2005-3858, important)
- a flaw in procfs handling that allowed a local user to read kernel memory (CVE-2005-4605, important)
PHP 4.4.2 Fixes:
=============
This is a bug fix release, which addresses some security problems too. The major points that this release corrects are:
- Prevent header injection by limiting each header to a single line.
- Possible XSS inside error reporting functionality.
- Missing safe_mode/open_basedir checks into cURL extension.
- Apache 2 regression with sub-request handling on non-Linux systems.
- key() and current() regression related to references.
This release also fixes about 30 other defects.
For a full list of changes in PHP 4.4.2, please refer to the Changelog here: http://www.php.net/ChangeLog-4.php#4.4.2
ClamAV 0.88 Fixes:
===============
A possible heap overflow in the UPX code has been fixed. General improvements include better zip and mail processing, and support for a self-protection mode. The security of the UPX, FSG and Petite modules has been improved.
http://murabba.com/support/index.php...ouncement&id=6