[kernel-sec-discuss] r2508 - active retired

Moritz Muehlenhoff jmm at alioth.debian.org
Sun Sep 25 18:37:18 UTC 2011 

Author: jmm
Date: 2011-09-25 18:37:17 +0000 (Sun, 25 Sep 2011)
New Revision: 2508

Added:
   retired/CVE-2011-2484
   retired/CVE-2011-2495
   retired/CVE-2011-2928
Removed:
   active/CVE-2011-2484
   active/CVE-2011-2495
   active/CVE-2011-2928
Log:
retire


Deleted: active/CVE-2011-2484
===================================================================
--- active/CVE-2011-2484	2011-09-25 18:37:06 UTC (rev 2507)
+++ active/CVE-2011-2484	2011-09-25 18:37:17 UTC (rev 2508)
@@ -1,10 +0,0 @@
-Description: taskstats local DoS
-References:
- http://lists.openwall.net/linux-kernel/2011/06/16/605
-Notes:
-Bugs:
-upstream: released (3.0-rc5) [26c4caea9d697043cc5a458b96411b86d7f6babd]
-2.6.32-upstream-stable: released (2.6.32.43)
-sid: released (2.6.39-3)
-2.6.26-lenny-security: released (2.6.26-26lenny4) [bugfix/all/taskstats-don-t-allow-duplicate-entries-in-listener-mode.patch]
-2.6.32-squeeze-security: released (2.6.32-35squeeze1) [bugfix/all/taskstats-don-t-allow-duplicate-entries-in-listener-mode.patch]

Deleted: active/CVE-2011-2495
===================================================================
--- active/CVE-2011-2495	2011-09-25 18:37:06 UTC (rev 2507)
+++ active/CVE-2011-2495	2011-09-25 18:37:17 UTC (rev 2508)
@@ -1,10 +0,0 @@
-Description: proc: restrict access to /proc/PID/io
-References:
- https://patchwork.kernel.org/patch/916032/
-Notes:
-Bugs:
-upstream: released (3.0-rc6) [1d1221f375c94ef961ba8574ac4f85c8870ddd51, 293eb1e7772b25a93647c798c7b89bf26c2da2e0]
-2.6.32-upstream-stable: released (2.6.32.44)
-sid: released (3.0.0-1) 
-2.6.26-lenny-security: released (2.6.26-26lenny4) [bugfix/all/proc-restrict-access-to-proc-pid-io.patch]
-2.6.32-squeeze-security: released (2.6.32-35squeeze1) [bugfix/all/proc-restrict-access-to-proc-pid-io.patch, bugfix/all/proc-fix-a-race-in-do_io_accounting.patch]

Deleted: active/CVE-2011-2928
===================================================================
--- active/CVE-2011-2928	2011-09-25 18:37:06 UTC (rev 2507)
+++ active/CVE-2011-2928	2011-09-25 18:37:17 UTC (rev 2508)
@@ -1,10 +0,0 @@
-Description: ZERO_SIZE_PTR dereference for long symlinks in Be FS
-References:
- http://www.pre-cert.de/advisories/PRE-SA-2011-06.txt
-Notes:
-Bugs:
-upstream: pending (3.1-rc3) [338d0f0a6fbc82407864606f5b64b75aeb3c70f2]
-2.6.32-upstream-stable: released (2.6.32.46)
-sid: released (3.0.0-2)
-2.6.26-lenny-security: released (2.6.26-26lenny4) [bugfix/all/befs-validate-length-of-long-symbolic-links.patch]
-2.6.32-squeeze-security: released (2.6.32-35squeeze1) [bugfix/all/befs-validate-length-of-long-symbolic-links.patch]

Copied: retired/CVE-2011-2484 (from rev 2507, active/CVE-2011-2484)
===================================================================
--- retired/CVE-2011-2484	                        (rev 0)
+++ retired/CVE-2011-2484	2011-09-25 18:37:17 UTC (rev 2508)
@@ -0,0 +1,10 @@
+Description: taskstats local DoS
+References:
+ http://lists.openwall.net/linux-kernel/2011/06/16/605
+Notes:
+Bugs:
+upstream: released (3.0-rc5) [26c4caea9d697043cc5a458b96411b86d7f6babd]
+2.6.32-upstream-stable: released (2.6.32.43)
+sid: released (2.6.39-3)
+2.6.26-lenny-security: released (2.6.26-26lenny4) [bugfix/all/taskstats-don-t-allow-duplicate-entries-in-listener-mode.patch]
+2.6.32-squeeze-security: released (2.6.32-35squeeze1) [bugfix/all/taskstats-don-t-allow-duplicate-entries-in-listener-mode.patch]

Copied: retired/CVE-2011-2495 (from rev 2507, active/CVE-2011-2495)
===================================================================
--- retired/CVE-2011-2495	                        (rev 0)
+++ retired/CVE-2011-2495	2011-09-25 18:37:17 UTC (rev 2508)
@@ -0,0 +1,10 @@
+Description: proc: restrict access to /proc/PID/io
+References:
+ https://patchwork.kernel.org/patch/916032/
+Notes:
+Bugs:
+upstream: released (3.0-rc6) [1d1221f375c94ef961ba8574ac4f85c8870ddd51, 293eb1e7772b25a93647c798c7b89bf26c2da2e0]
+2.6.32-upstream-stable: released (2.6.32.44)
+sid: released (3.0.0-1) 
+2.6.26-lenny-security: released (2.6.26-26lenny4) [bugfix/all/proc-restrict-access-to-proc-pid-io.patch]
+2.6.32-squeeze-security: released (2.6.32-35squeeze1) [bugfix/all/proc-restrict-access-to-proc-pid-io.patch, bugfix/all/proc-fix-a-race-in-do_io_accounting.patch]

Copied: retired/CVE-2011-2928 (from rev 2507, active/CVE-2011-2928)
===================================================================
--- retired/CVE-2011-2928	                        (rev 0)
+++ retired/CVE-2011-2928	2011-09-25 18:37:17 UTC (rev 2508)
@@ -0,0 +1,10 @@
+Description: ZERO_SIZE_PTR dereference for long symlinks in Be FS
+References:
+ http://www.pre-cert.de/advisories/PRE-SA-2011-06.txt
+Notes:
+Bugs:
+upstream: pending (3.1-rc3) [338d0f0a6fbc82407864606f5b64b75aeb3c70f2]
+2.6.32-upstream-stable: released (2.6.32.46)
+sid: released (3.0.0-2)
+2.6.26-lenny-security: released (2.6.26-26lenny4) [bugfix/all/befs-validate-length-of-long-symbolic-links.patch]
+2.6.32-squeeze-security: released (2.6.32-35squeeze1) [bugfix/all/befs-validate-length-of-long-symbolic-links.patch]

More information about the kernel-sec-discuss mailing list