[kernel-sec-discuss] r1437 - active

Moritz Muehlenhoff jmm at alioth.debian.org
Wed Jul 29 09:56:59 UTC 2009 

Author: jmm
Date: 2009-07-29 09:56:58 +0000 (Wed, 29 Jul 2009)
New Revision: 1437

Modified:
   active/CVE-2009-1385
   active/CVE-2009-1389
   active/CVE-2009-1630
   active/CVE-2009-1633
   active/CVE-2009-1895
   active/CVE-2009-1914
   active/CVE-2009-1961
   active/CVE-2009-2287
   active/CVE-2009-2406
   active/CVE-2009-2407
Log:
kernel DSAs


Modified: active/CVE-2009-1385
===================================================================
--- active/CVE-2009-1385	2009-07-29 09:51:01 UTC (rev 1436)
+++ active/CVE-2009-1385	2009-07-29 09:56:58 UTC (rev 1437)
@@ -7,7 +7,7 @@
 upstream: released (2.6.30-rc8) [ea30e11970a96cfe5e32c03a29332554573b4a10]
 linux-2.6: released (2.6.30-1)
 2.6.18-etch-security: pending (2.6.18.dfsg.1-24etch3) [bugfix/all/e1000-add-missing-length-check-to-e1000-receive-routine.patch]
-2.6.24-etch-security: pending (2.6.24-6~etchnhalf.8etch2) [bugfix/all/e1000-add-missing-length-check-to-e1000-receive-routine.patch]
+2.6.24-etch-security: released (2.6.24-6~etchnhalf.8etch2) [bugfix/all/e1000-add-missing-length-check-to-e1000-receive-routine.patch]
 2.6.26-lenny-security: released (2.6.26-16) [bugfix/all/e1000-add-missing-length-check-to-e1000-receive-routine.patch]
 2.6.15-dapper-security:
 2.6.22-gutsy-security:

Modified: active/CVE-2009-1389
===================================================================
--- active/CVE-2009-1389	2009-07-29 09:51:01 UTC (rev 1436)
+++ active/CVE-2009-1389	2009-07-29 09:56:58 UTC (rev 1437)
@@ -7,7 +7,7 @@
 upstream:
 linux-2.6:
 2.6.18-etch-security: pending (2.6.18.dfsg.1-24etch3) [bugfix/all/r8169-fix-crash-when-large-packets-are-received.patch]
-2.6.24-etch-security: pending (2.6.24-6~etchnhalf.8etch2) [bugfix/all/r8169-fix-crash-when-large-packets-are-received.patch]
+2.6.24-etch-security: released (2.6.24-6~etchnhalf.8etch2) [bugfix/all/r8169-fix-crash-when-large-packets-are-received.patch]
 2.6.26-lenny-security: released (2.6.26-16) [bugfix/all/r8169-fix-crash-when-large-packets-are-received.patch]
 2.6.15-dapper-security:
 2.6.22-gutsy-security:

Modified: active/CVE-2009-1630
===================================================================
--- active/CVE-2009-1630	2009-07-29 09:51:01 UTC (rev 1436)
+++ active/CVE-2009-1630	2009-07-29 09:56:58 UTC (rev 1437)
@@ -14,7 +14,7 @@
 upstream: released (2.6.30-rc7) [7ee2cb7f32b299c2b06a31fde155457203e4b7dd]
 linux-2.6: released (2.6.30-1)
 2.6.18-etch-security:
-2.6.24-etch-security: pending (2.6.24-6~etchnhalf.8etch2) [bugfix/all/nfs-v4-client-fix-MAY_EXEC-handling.patch]
+2.6.24-etch-security: released (2.6.24-6~etchnhalf.8etch2) [bugfix/all/nfs-v4-client-fix-MAY_EXEC-handling.patch]
 2.6.26-lenny-security: released (2.6.26-15lenny3) [bugfix/all/nfs-v4-client-fix-MAY_EXEC-handling.patch]
 2.6.15-dapper-security:
 2.6.22-gutsy-security:

Modified: active/CVE-2009-1633
===================================================================
--- active/CVE-2009-1633	2009-07-29 09:51:01 UTC (rev 1436)
+++ active/CVE-2009-1633	2009-07-29 09:56:58 UTC (rev 1437)
@@ -10,7 +10,7 @@
 upstream: released (2.6.30-rc5) [27b87fe52baba0a55e9723030e76fce94fabcea4, 7b0c8fcff47a885743125dd843db64af41af5a61, 968460ebd8006d55661dec0fb86712b40d71c413]
 linux-2.6:
 2.6.18-etch-security:
-2.6.24-etch-security: released (2.6.26-15lenny3) [bugfix/all/cifs-fix-unicode-string-area-word-alignment-in-session-setup.patch, bugfix/all/cifs-increase-size-of-tmp_buf-in-cifs_readdir-to-avoid-potential-overflows.patch] "bugfix/all/cifs-rename-cifs_strncpy_to_host-and-fix-buffer-size.patch not applied - affected code not present"
+2.6.24-etch-security: released (2.6.24-6~etchnhalf.8etch2) [bugfix/all/cifs-fix-unicode-string-area-word-alignment-in-session-setup.patch, bugfix/all/cifs-increase-size-of-tmp_buf-in-cifs_readdir-to-avoid-potential-overflows.patch] "bugfix/all/cifs-rename-cifs_strncpy_to_host-and-fix-buffer-size.patch not applied - affected code not present"
 2.6.26-lenny-security: released (2.6.26-15lenny3) [bugfix/all/cifs-fix-unicode-string-area-word-alignment-in-session-setup.patch, bugfix/all/cifs-increase-size-of-tmp_buf-in-cifs_readdir-to-avoid-potential-overflows.patch, bugfix/all/cifs-rename-cifs_strncpy_to_host-and-fix-buffer-size.patch]
 2.6.15-dapper-security:
 2.6.22-gutsy-security:

Modified: active/CVE-2009-1895
===================================================================
--- active/CVE-2009-1895	2009-07-29 09:51:01 UTC (rev 1436)
+++ active/CVE-2009-1895	2009-07-29 09:56:58 UTC (rev 1437)
@@ -7,8 +7,8 @@
 upstream: released (2.6.31-rc3) [f9fabcb58a6d26d6efde842d1703ac7cfa9427b6]
 linux-2.6: released (2.6.30-3) [bugfix/all/personality-fix-PER_CLEAR_ON_SETID.patch]
 2.6.18-etch-security: N/A "mmap_min_addr first published in 2.6.23"
-2.6.24-etch-security: pending (2.6.24-6~etchnhalf.8etch2) [bugfix/all/personality-fix-PER_CLEAR_ON_SETID.patch]
-2.6.26-lenny-security: pending (2.6.26-17lenny1) [bugfix/all/personality-fix-PER_CLEAR_ON_SETID.patch]
+2.6.24-etch-security: released (2.6.24-6~etchnhalf.8etch2) [bugfix/all/personality-fix-PER_CLEAR_ON_SETID.patch]
+2.6.26-lenny-security: released (2.6.26-17lenny1) [bugfix/all/personality-fix-PER_CLEAR_ON_SETID.patch]
 2.6.15-dapper-security:
 2.6.22-gutsy-security:
 2.6.24-hardy-security:

Modified: active/CVE-2009-1914
===================================================================
--- active/CVE-2009-1914	2009-07-29 09:51:01 UTC (rev 1436)
+++ active/CVE-2009-1914	2009-07-29 09:56:58 UTC (rev 1437)
@@ -15,7 +15,7 @@
 upstream: released (2.6.29)
 linux-2.6: released (2.6.29-1)
 2.6.18-etch-security:
-2.6.24-etch-security: pending (2.6.24-6~etchnhalf.8etch2) [bugfix/sparc/sparc64-Fix-crash-with-proc-iomem.patch]
+2.6.24-etch-security: released (2.6.24-6~etchnhalf.8etch2) [bugfix/sparc/sparc64-Fix-crash-with-proc-iomem.patch]
 2.6.26-lenny-security: released (2.6.26-16) [bugfix/sparc/sparc64-Fix-crash-with-proc-iomem.patch]
 2.6.15-dapper-security:
 2.6.22-gutsy-security:

Modified: active/CVE-2009-1961
===================================================================
--- active/CVE-2009-1961	2009-07-29 09:51:01 UTC (rev 1436)
+++ active/CVE-2009-1961	2009-07-29 09:56:58 UTC (rev 1437)
@@ -19,7 +19,7 @@
 upstream: released (2.6.30-rc1) [7bfac9ecf0585962fe13584f5cf526d8c8e76f17]
 linux-2.6: released (2.6.30-1)
 2.6.18-etch-security: N/A "affected code note present"
-2.6.24-etch-security: pending (2.6.24-6~etchnhalf.8etch2) [bugfix/all/ocfs2-splice-deadlock.patch]
+2.6.24-etch-security: released (2.6.24-6~etchnhalf.8etch2) [bugfix/all/ocfs2-splice-deadlock.patch]
 2.6.26-lenny-security: released (2.6.26-16) [bugfix/all/ocfs2-splice-deadlock.patch]
 2.6.15-dapper-security:
 2.6.22-gutsy-security:

Modified: active/CVE-2009-2287
===================================================================
--- active/CVE-2009-2287	2009-07-29 09:51:01 UTC (rev 1436)
+++ active/CVE-2009-2287	2009-07-29 09:56:58 UTC (rev 1437)
@@ -12,7 +12,7 @@
 linux-2.6: released (2.6.30-2) [bugfix/all/stable/2.6.30.1.patch]
 2.6.18-etch-security: N/A "no kvm"
 2.6.24-etch-security:
-2.6.26-lenny-security: pending (2.6.26-17lenny1) [bugfix/x86/kvm-check-for-cr3-validity-in-ioctl_set_sregs.patch]
+2.6.26-lenny-security: released (2.6.26-17lenny1) [bugfix/x86/kvm-check-for-cr3-validity-in-ioctl_set_sregs.patch]
 2.6.15-dapper-security:
 2.6.22-gutsy-security:
 2.6.24-hardy-security:

Modified: active/CVE-2009-2406
===================================================================
--- active/CVE-2009-2406	2009-07-29 09:51:01 UTC (rev 1436)
+++ active/CVE-2009-2406	2009-07-29 09:56:58 UTC (rev 1437)
@@ -11,8 +11,8 @@
 upstream: pending
 linux-2.6: needed
 2.6.18-etch-security:
-2.6.24-etch-security: pending (2.6.24-6~etchnhalf.8etch2) [bugfix/all/ecryptfs-check-tag-11-literal-data-buffer-size.patch]
-2.6.26-lenny-security: pending (2.6.26-17lenny1) [bugfix/all/ecryptfs-check-tag-11-literal-data-buffer-size.patch]
+2.6.24-etch-security: released (2.6.24-6~etchnhalf.8etch2) [bugfix/all/ecryptfs-check-tag-11-literal-data-buffer-size.patch]
+2.6.26-lenny-security: released (2.6.26-17lenny1) [bugfix/all/ecryptfs-check-tag-11-literal-data-buffer-size.patch]
 2.6.15-dapper-security:
 2.6.22-gutsy-security:
 2.6.24-hardy-security:

Modified: active/CVE-2009-2407
===================================================================
--- active/CVE-2009-2407	2009-07-29 09:51:01 UTC (rev 1436)
+++ active/CVE-2009-2407	2009-07-29 09:56:58 UTC (rev 1437)
@@ -11,8 +11,8 @@
 upstream: pending
 linux-2.6: needed
 2.6.18-etch-security: N/A "no ecryptfs"
-2.6.24-etch-security: pending (2.6.24-6~etchnhalf.8etch2) [bugfix/all/ecryptfs-parse_tag_3_packet-check-tag-3-package-encrypted-key-size.patch]
-2.6.26-lenny-security: pending (2.6.26-17lenny1) [bugfix/all/ecryptfs-parse_tag_3_packet-check-tag-3-package-encrypted-key-size.patch]
+2.6.24-etch-security: released (2.6.24-6~etchnhalf.8etch2) [bugfix/all/ecryptfs-parse_tag_3_packet-check-tag-3-package-encrypted-key-size.patch]
+2.6.26-lenny-security: released (2.6.26-17lenny1) [bugfix/all/ecryptfs-parse_tag_3_packet-check-tag-3-package-encrypted-key-size.patch]
 2.6.15-dapper-security:
 2.6.22-gutsy-security:
 2.6.24-hardy-security:

More information about the kernel-sec-discuss mailing list