[kernel] r5025 - patch-tracking
Moritz Muehlenhoff
jmm-guest at costa.debian.org
Sat Dec 17 18:22:55 UTC 2005
Author: jmm-guest
Date: Sat Dec 17 18:22:48 2005
New Revision: 5025
Added:
patch-tracking/CVE-2004-0887
patch-tracking/CVE-2004-1069
Modified:
patch-tracking/CVE-2005-0204
patch-tracking/CVE-2005-1761
patch-tracking/CVE-2005-2801
patch-tracking/CVE-2005-2872
patch-tracking/CVE-2005-3180
patch-tracking/CVE-2005-3274
patch-tracking/CVE-2005-3848
patch-tracking/CVE-2005-3858
Log:
two new tracked issues
some more annotations
Added: patch-tracking/CVE-2004-0887
==============================================================================
--- (empty file)
+++ patch-tracking/CVE-2004-0887 Sat Dec 17 18:22:48 2005
@@ -0,0 +1,21 @@
+Candidate: CVE-2004-0887
+References:
+ http://www.novell.com/linux/security/advisories/2004_37_kernel.html
+ http://www.securityfocus.com/bid/11489
+ http://xforce.iss.net/xforce/xfdb/17801
+Description:
+ SUSE Linux Enterprise Server 9 on the S/390 platform does not properly
+ handle a certain privileged instruction, which allows local users to
+ gain root privileges.
+Notes:
+Bugs:
+upstream:
+2.6.14:
+2.6.8-sarge-security: released (2.6.8-10)
+2.4.27-sarge-security:
+2.4.19-woody-security:
+2.4.18-woody-security:
+2.4.17-woody-security:
+2.4.16-woody-security:
+2.4.17-woody-security-hppa:
+2.4.17-woody-security-ia64:
Added: patch-tracking/CVE-2004-1069
==============================================================================
--- (empty file)
+++ patch-tracking/CVE-2004-1069 Sat Dec 17 18:22:48 2005
@@ -0,0 +1,23 @@
+Candidate: CVE-2004-1069
+References:
+ http://marc.theaimsgroup.com/?l=linux-kernel&m=110045613004761
+ http://www.mandrakesoft.com/security/advisories?name=MDKSA-2005:022
+ http://marc.theaimsgroup.com/?l=bugtraq&m=110306397320336&w=2
+ http://xforce.iss.net/xforce/xfdb/18312
+Description:
+ Race condition in SELinux 2.6.x through 2.6.9 allows local users to
+ cause a denial of service (kernel crash) via SOCK_SEQPACKET unix
+ domain sockets, which are not properly handled in the sock_dgram_sendmsg
+ function.
+Notes:
+Bugs:
+upstream:
+2.6.14:
+2.6.8-sarge-security: released (2.6.8-11)
+2.4.27-sarge-security: N/A
+2.4.19-woody-security: N/A
+2.4.18-woody-security: N/A
+2.4.17-woody-security: N/A
+2.4.16-woody-security: N/A
+2.4.17-woody-security-hppa: N/A
+2.4.17-woody-security-ia64: N/A
Modified: patch-tracking/CVE-2005-0204
==============================================================================
--- patch-tracking/CVE-2005-0204 (original)
+++ patch-tracking/CVE-2005-0204 Sat Dec 17 18:22:48 2005
@@ -7,11 +7,13 @@
architectures, allows local users to write to privileged IO ports via the OUTS
instruction.
Notes:
+ jmm> 190_outs-2.diff had regressions
Bugs: 296700
upstream:
2.6.14: N/A
2.6.8-sarge-security: released (2.6.8-14) [outs.dpatch]
2.4.27-sarge-security: released (2.4.27-9) [143_outs.diff]
+2.4.27-sid: released (2.4.27-12) [190_outs-2.diff]
2.6.8: released (2.6.8-14) [outs.dpatch]
2.4.19-woody-security:
2.4.18-woody-security:
Modified: patch-tracking/CVE-2005-1761
==============================================================================
--- patch-tracking/CVE-2005-1761 (original)
+++ patch-tracking/CVE-2005-1761 Sat Dec 17 18:22:48 2005
@@ -11,7 +11,7 @@
Bugs:
upstream: released (2.6.12.1)
2.6.14: N/A
-2.6.8-sarge-security: released (2.6.8-16sarge1) [arch-x86_64-private-tss.dpatch, arch-x86_64-nmi.dpatch]
+2.6.8-sarge-security: released (2.6.8-16sarge1) [arch-x86_64-private-tss.dpatch, arch-x86_64-nmi.dpatch, arch-ia64-ptrace-getregs-putregs.dpatch]
2.4.27-sarge-security:
2.4.19-woody-security:
2.4.18-woody-security:
Modified: patch-tracking/CVE-2005-2801
==============================================================================
--- patch-tracking/CVE-2005-2801 (original)
+++ patch-tracking/CVE-2005-2801 Sat Dec 17 18:22:48 2005
@@ -15,6 +15,7 @@
upstream: released (2.6.11)
2.6.8-sarge-security: released (2.6.8-16-sarge1) [fs_ext2_ext3_xattr-sharing.dpatch]
2.4.27-sarge-security: released (2.4.27-10sarge1) [178_fs_ext2_ext3_xattr-sharing.diff]
+2.4.27-sid: released (2.4.27-12) [178_fs_ext2_ext3_xattr-sharing.diff]
2.6.14: N/A
2.4.19-woody-security:
2.4.18-woody-security:
Modified: patch-tracking/CVE-2005-2872
==============================================================================
--- patch-tracking/CVE-2005-2872 (original)
+++ patch-tracking/CVE-2005-2872 Sat Dec 17 18:22:48 2005
@@ -20,7 +20,7 @@
upstream: released (2.6.12)
2.6.8-sarge: pending [net-ipv4-netfilter-ip_recent-last_pkts.dpatch]
2.6.8-sarge-security: released (2.6.8-16sarge1) [net-ipv4-netfilter-ip_recent-last_pkts.dpatch]
-2.4.27-sid/sarge: released (2.4.27-11) [179_net-ipv4-netfilter-ip_recent-last_pkts.diff]
+2.4.27-sid/sarge: released (2.4.27-12) [179_net-ipv4-netfilter-ip_recent-last_pkts.diff]
2.4.27-sarge-security: released (2.4.27-10sarge1) [179_net-ipv4-netfilter-ip_recent-last_pkts.diff]
2.6.14: N/A
2.4.19-woody-security:
Modified: patch-tracking/CVE-2005-3180
==============================================================================
--- patch-tracking/CVE-2005-3180 (original)
+++ patch-tracking/CVE-2005-3180 Sat Dec 17 18:22:48 2005
@@ -18,7 +18,7 @@
2.6.12: pending [orinoco-info-leak.patch]
2.6.8-sarge: pending [orinoco-info-leak.dpatch]
2.6.8-sarge-security: pending (2.6.8-16sarge2) [orinoco-info-leak.dpatch]
-2.4.27-sid/sarge: pending [192_orinoco-info-leak.diff]
+2.4.27-sid/sarge: released (2.4.27-12) [192_orinoco-info-leak.diff]
2.4.27-sarge-security: pending [192_orinoco-info-leak.diff]
2.6.14:
2.6.8:
Modified: patch-tracking/CVE-2005-3274
==============================================================================
--- patch-tracking/CVE-2005-3274 (original)
+++ patch-tracking/CVE-2005-3274 Sat Dec 17 18:22:48 2005
@@ -14,7 +14,7 @@
upstream: released (2.6.13, 2.4.32-pre2)
2.6.13: N/A
2.6.12:
-2.6.8-sarge-security: released (2.6.8-16sarge1)
+2.6.8-sarge-security: released (2.6.8-16sarge1) [net-ipv4-ipvs-conn_tab-race.dpatch]
2.4.27-sarge-security: pending (2.4.27-10sarge1)
2.6.14:
2.6.8:
Modified: patch-tracking/CVE-2005-3848
==============================================================================
--- patch-tracking/CVE-2005-3848 (original)
+++ patch-tracking/CVE-2005-3848 Sat Dec 17 18:22:48 2005
@@ -22,9 +22,9 @@
2.6.13:
2.6.12:
2.6.8-sarge:
-2.6.8-sarge-security: pending [fix-dst-leak-in-icmp_push_reply.dpatch]
+2.6.8-sarge-security: pending (2.6.8-16sarge2) [fix-dst-leak-in-icmp_push_reply.dpatch]
2.4.27-sid/sarge: N/A
-2.4.27-sarge-security: N/A
+2.4.27-sarge-security: released (2.4.27-12)
2.6.14:
2.6.8:
2.4.19-woody-security: N/A
Modified: patch-tracking/CVE-2005-3858
==============================================================================
--- patch-tracking/CVE-2005-3858 (original)
+++ patch-tracking/CVE-2005-3858 Sat Dec 17 18:22:48 2005
@@ -13,7 +13,8 @@
upstream: released (2.6.12.6, 2.6.13)
2.6.14: N/A
2.6.8-sarge-security: pending (2.6.8-16sarge2)
-2.4.27-sarge-security:
+2.4.27-sarge-security:
+2.4.27-sid: released (2.4.27-12) [189_ipv6-skb-leak.diff]
2.6.8:
2.4.19-woody-security:
2.4.18-woody-security:
More information about the Kernel-svn-changes
mailing list