Date: Mon, 7 Jun 1999 20:05:07 -0700
From: debian-security-announce@LISTS.DEBIAN.ORG
Reply-To: security@debian.org
Subject: Subject: [SECURITY] New version of kernel-image for sparc fixes              DoS attack

-----BEGIN PGP SIGNED MESSAGE-----

As is widely known by now the Linux 2.2.x kernels had a problem with
parsing IP options, which made them susceptible to a DoS attack.

The Debian GNU/Linux 2.1 release for the Sun sparc architecture uses such
a kernel. If you are using such a system and haven't upgraded the
kernel yourself, we recommend that you upgrade your kernel-image package
immediately.  If you have a sun4u system please use kernel-image-2.2.9-sun4u,
otherwise use the normal kernel-image-2.2.9 package.

wget url
        will fetch the file for you
dpkg -i file.deb
        will install the referenced file.

Debian GNU/Linux 2.1 alias slink
- --------------------------------

  This version of Debian was released only for Intel, the Motorola
  680x0, the alpha and the Sun sparc architecture.

  Sun Sparc architecture:
    http://security.debian.org/dists/stable/updates/binary-sparc/kernel-headers-2.2.9_2.2.9-2_sparc.deb
      MD5 checksum: 2d8724b357c1444741f2fdd626e38615
    http://security.debian.org/dists/stable/updates/binary-sparc/kernel-image-2.2.9-sun4u_2.2.9-2_sparc.deb
      MD5 checksum: bbff1631f05124fed467d833276f8d68
    http://security.debian.org/dists/stable/updates/binary-sparc/kernel-image-2.2.9_2.2.9-2_sparc.deb
      MD5 checksum: 7c9e15ae2c7de1d84928660b964906ad

  These files will be copied into
  ftp://ftp.debian.org/debian/dists/stable/*/binary-sparc/ soon.

Please note you can also use apt to always get the latest security
updates. To do so add the following line to /etc/apt/sources.list:

  deb http://security.debian.org/ stable updates


- --
Debian GNU/Linux      .    Security Managers     .   security@debian.org
              debian-security-announce@lists.debian.org
  Christian Hudon     .     Wichert Akkerman     .     Martin Schulze
<chrish@debian.org>   .   <wakkerma@debian.org>  .   <joey@debian.org>

-----BEGIN PGP SIGNATURE-----
Version: 2.6.3ia
Charset: noconv

iQB1AwUBN1xhp6jZR/ntlUftAQHsKQL+NFpuuWWM2zJVTqLh0/0eIXIggpEaTpch
E/1wVfw59s+YmifKWupA9XYMy6ayjab6YDSnUHoD5drvKmWVLQEOdwJN58bbwWhy
EB69UmUtGi86aKZ5791u4Kn9nWLfWw1C
=PVkK
-----END PGP SIGNATURE-----


--
To UNSUBSCRIBE, email to debian-security-announce-request@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org