[kernel-sec-discuss] r2492 - active
Moritz Muehlenhoff
jmm at alioth.debian.org
Mon Sep 12 07:51:14 UTC 2011
Author: jmm
Date: 2011-09-12 07:51:13 +0000 (Mon, 12 Sep 2011)
New Revision: 2492
Added:
active/CVE-2011-3353
Modified:
active/CVE-2011-2494
Log:
new kernel issue
Modified: active/CVE-2011-2494
===================================================================
--- active/CVE-2011-2494 2011-09-11 23:08:06 UTC (rev 2491)
+++ active/CVE-2011-2494 2011-09-12 07:51:13 UTC (rev 2492)
@@ -3,8 +3,8 @@
https://patchwork.kernel.org/patch/916042/
Notes:
Bugs:
-upstream: needed "no upstream fix as of 2011.08.08"
+upstream: needed "no upstream fix as of 2011.09.08"
2.6.32-upstream-stable:
-sid: needed "no upstream fix as of 2011.08.08"
-2.6.26-lenny-security: needed "no upstream fix as of 2011.08.08"
-2.6.32-squeeze-security: needed "no upstream fix as of 2011.08.08"
+sid: needed "no upstream fix as of 2011.09.08"
+2.6.26-lenny-security: needed "no upstream fix as of 2011.09.08"
+2.6.32-squeeze-security: needed "no upstream fix as of 2011.09.08"
Added: active/CVE-2011-3353
===================================================================
--- active/CVE-2011-3353 (rev 0)
+++ active/CVE-2011-3353 2011-09-12 07:51:13 UTC (rev 2492)
@@ -0,0 +1,12 @@
+Description: fuse: check size of FUSE_NOTIFY_INVAL_ENTRY message
+References:
+ http://permalink.gmane.org/gmane.linux.kernel.commits.head/313266
+ http://sourceforge.net/mailarchive/forum.php?thread_name=87liut4i7w.fsf%40tucsk.pomaz.szeredi.hu&forum_name=fuse-devel
+Notes:
+ jmm> Fixed in c2183d1e9b3f313dd8ba2b1b0197c8d9fb86a7ae
+Bugs:
+upstream:
+2.6.32-upstream-stable:
+sid:
+2.6.26-lenny-security:
+2.6.32-squeeze-security:
More information about the kernel-sec-discuss
mailing list