MoKB reports the following Denial of Service vulnerability in the 2.6.x tree of the Linux kernel. The NTFS filesystem module of the Linux 2.6.x kernel fails to properly handle corrupted data structures, leading to an exploitable denial of service condition. This issue is similar to that explained in MOKB-05-11-2006.
CVE-2006-6060 posted: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6060
hppa-sources: Gmsoft, bump to 2.6.19. Patch is not available. mips-sources: Kumba, bump to 2.6.19. Patch is not available. rsbac-sources: Kang, bump to 2.6.19. Patch is not available. systrace-sources: Lcars, bump to 2.6.19. Patch is not available. usermode-sources: Dang, bump to 2.6.19. Patch is not available. xen-sources: Someone (hehe), bump to 2.6.19. Patch is not available. If any of you have significant trouble performing this bump in the ~arch tree, please comment on this bug.
There is not yet a UML patchset for 2.6.19. This makes it a bit difficult for me to bump there... I'll try to forward-port the 2.6.18 patch, but historically this has been really difficult, so no promises.
hppa-sources-2.6.19.1 commited.
Fixed in genpatches-2.6.18-8 (gentoo-sources-2.6.18-r6)
*** Bug 158782 has been marked as a duplicate of this bug. ***
usermode-sources-2.6.18-r1 added.
rsbac-sources-2.6.19 is in cvs (~arch)
Thanks, this is fixed in xen-sources-2.6.16.28-r2, which will hit the tree in a few hours (just waiting for the mirrors to update before I commit the ebuild).
All done.