[kernel-sec-discuss] r2124 - active
Moritz Muehlenhoff
jmm at alioth.debian.org
Thu Jan 6 16:02:31 UTC 2011
Author: jmm
Date: 2011-01-06 16:02:29 +0000 (Thu, 06 Jan 2011)
New Revision: 2124
Modified:
active/CVE-2010-3875
active/CVE-2010-3876
active/CVE-2010-3877
active/CVE-2010-3880
active/CVE-2010-4342
active/CVE-2010-4343
active/CVE-2010-4346
active/CVE-2010-4526
active/CVE-2010-4529
Log:
updates for upcoming stable update and current SVN status of -30
Modified: active/CVE-2010-3875
===================================================================
--- active/CVE-2010-3875 2011-01-05 15:57:52 UTC (rev 2123)
+++ active/CVE-2010-3875 2011-01-06 16:02:29 UTC (rev 2124)
@@ -6,6 +6,6 @@
Bugs:
upstream: released (2.6.37-rc2) [fe10ae5]
2.6.32-upstream-stable: needed "dannf poked davem about sending to stable on 2010.11.20"
-linux-2.6: needed
+linux-2.6: pending (2.6.32-30)
2.6.26-lenny-security: released (2.6.26-26lenny1) [bugfix/all/net-ax25-fix-information-leak-to-userland.patch]
2.6.32-squeeze-security: pending (2.6.32-30)
Modified: active/CVE-2010-3876
===================================================================
--- active/CVE-2010-3876 2011-01-05 15:57:52 UTC (rev 2123)
+++ active/CVE-2010-3876 2011-01-06 16:02:29 UTC (rev 2124)
@@ -6,6 +6,6 @@
Bugs:
upstream: released (2.6.37-rc2) [6728664]
2.6.32-upstream-stable: needed "dannf poked davem about it on 2010.11.20"
-linux-2.6: needed
+linux-2.6: pending (2.6.32-30)
2.6.26-lenny-security: released (2.6.26-26lenny1) [bugfix/all/net-packet-fix-information-leak-to-userland.patch]
2.6.32-squeeze-security: pending (2.6.32-30)
Modified: active/CVE-2010-3877
===================================================================
--- active/CVE-2010-3877 2011-01-05 15:57:52 UTC (rev 2123)
+++ active/CVE-2010-3877 2011-01-06 16:02:29 UTC (rev 2124)
@@ -6,6 +6,6 @@
Bugs:
upstream: released (2.6.37-rc2) [88f8a5e3e7defccd3925cabb1ee4d3994e5cdb52]
2.6.32-upstream-stable: needed
-linux-2.6: needed
+linux-2.6: pending (2.6.32-30)
2.6.26-lenny-security: released (2.6.26-26lenny1) [bugfix/all/net-tipc-fix-information-leak-to-userland.patch]
2.6.32-squeeze-security: pending (2.6.32-30)
Modified: active/CVE-2010-3880
===================================================================
--- active/CVE-2010-3880 2011-01-05 15:57:52 UTC (rev 2123)
+++ active/CVE-2010-3880 2011-01-06 16:02:29 UTC (rev 2124)
@@ -7,6 +7,6 @@
Bugs:
upstream: released (2.6.37-rc2) [22e76c8]
2.6.32-upstream-stable: needed
-linux-2.6: needed
+linux-2.6: pending (2.6.32-30)
2.6.26-lenny-security: released (2.6.26-26lenny1) [bugfix/all/inet_diag-make-sure-we-actually-run-the-same-bytecode-we-audited.patch]
2.6.32-squeeze-security: pending (2.6.32-30)
Modified: active/CVE-2010-4342
===================================================================
--- active/CVE-2010-4342 2011-01-05 15:57:52 UTC (rev 2123)
+++ active/CVE-2010-4342 2011-01-06 16:02:29 UTC (rev 2124)
@@ -7,6 +7,6 @@
Bugs:
upstream: released (2.6.37) [4e085e76cbe558b79b54cbab772f61185879bc64]
2.6.32-upstream-stable: needed
-linux-2.6: needed
+linux-2.6: pending (2.6.32-30)
2.6.26-lenny-security: needed
2.6.32-squeeze-security: pending (2.6.32-30)
Modified: active/CVE-2010-4343
===================================================================
--- active/CVE-2010-4343 2011-01-05 15:57:52 UTC (rev 2123)
+++ active/CVE-2010-4343 2011-01-06 16:02:29 UTC (rev 2124)
@@ -4,7 +4,7 @@
Notes:
Bugs:
upstream: released (2.6.35) [7873ca4e4401f0ecd8868bf1543113467e6bae61]
-2.6.32-upstream-stable: needed
-linux-2.6: needed
+2.6.32-upstream-stable: pending (2.6.32.28)
+linux-2.6: pending (2.6.32-30)
2.6.26-lenny-security: N/A "Brocade driver introduced in 2.6.32"
2.6.32-squeeze-security: pending (2.6.32-30)
Modified: active/CVE-2010-4346
===================================================================
--- active/CVE-2010-4346 2011-01-05 15:57:52 UTC (rev 2123)
+++ active/CVE-2010-4346 2011-01-06 16:02:29 UTC (rev 2124)
@@ -6,7 +6,7 @@
Notes:
Bugs:
upstream: released (2.6.37) [462e635e5b73ba9a4c03913b77138cd57ce4b050]
-2.6.32-upstream-stable: needed
-linux-2.6: needed
+2.6.32-upstream-stable: pending (2.6.32.28)
+linux-2.6: pending (2.6.32-30)
2.6.26-lenny-security:
-2.6.32-squeeze-security: needed
+2.6.32-squeeze-security: pending (2.6.32-30)
Modified: active/CVE-2010-4526
===================================================================
--- active/CVE-2010-4526 2011-01-05 15:57:52 UTC (rev 2123)
+++ active/CVE-2010-4526 2011-01-06 16:02:29 UTC (rev 2124)
@@ -4,7 +4,7 @@
Notes:
Bugs:
upstream: released (2.6.34) [50b5d6ad63821cea324a5a7a19854d4de1a0a819]
-2.6.32-upstream-stable: needed
-linux-2.6: needed
+2.6.32-upstream-stable: pending (2.6.32.28)
+linux-2.6: pending (2.6.32-30)
2.6.26-lenny-security: needed
-2.6.32-squeeze-security: needed
+2.6.32-squeeze-security: pending (2.6.32-30)
Modified: active/CVE-2010-4529
===================================================================
--- active/CVE-2010-4529 2011-01-05 15:57:52 UTC (rev 2123)
+++ active/CVE-2010-4529 2011-01-06 16:02:29 UTC (rev 2124)
@@ -1,10 +1,11 @@
Candidate: CVE-2010-4529
Description: irda: prevent integer underflow in IRLMP_ENUMDEVICES
References:
+ http://www.openwall.com/lists/oss-security/2010/12/23/1
Notes:
Bugs:
upstream: released (2.6.37) [fdac1e0697356ac212259f2147aa60c72e334861]
-2.6.32-upstream-stable: needed
-linux-2.6: pending (2.6.32-30)
+2.6.32-upstream-stable: needed "davem has it queued for stable"
+linux-2.6: pending (2.6.32-30) [bugfix/all/irda-prevent-integer-underflow-in-IRLMP_ENUMDEVICES.patch]
2.6.26-lenny-security:
2.6.32-squeeze-security: pending (2.6.32-30) [bugfix/all/irda-prevent-integer-underflow-in-IRLMP_ENUMDEVICES.patch]
More information about the kernel-sec-discuss
mailing list