[kernel] r6742 - patch-tracking
Dann Frazier
dannf at costa.debian.org
Mon May 29 01:58:51 UTC 2006
Author: dannf
Date: Mon May 29 01:58:49 2006
New Revision: 6742
Modified:
patch-tracking/CVE-2006-1864
Log:
2.4 upstream status + description
Modified: patch-tracking/CVE-2006-1864
==============================================================================
--- patch-tracking/CVE-2006-1864 (original)
+++ patch-tracking/CVE-2006-1864 Mon May 29 01:58:49 2006
@@ -1,9 +1,15 @@
Candidate: CVE-2006-1864
-References: smbfs chroot issue
+References:
+ CONFIRM:https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=189435
+ URL:http://www.trustix.org/errata/2006/0026
+ URL:http://www.securityfocus.com/bid/17735
Description:
+ Directory traversal vulnerability in smbfs in Linux 2.6.16 and earlier allows
+ local users to escape chroot restrictions for an SMB-mounted filesystem via
+ "..\\" sequences, a similar vulnerability to CVE-2006-1863.
Notes:
Bugs:
-upstream: released (2.6.16.11)
+upstream: pending (2.4.33-pre4), released (2.6.16.11)
linux-2.6: released (2.6.16-10)
2.6.8-sarge-security: pending (2.6.8-16sarge3)
2.4.27-sarge-security: pending (2.4.27-10sarge3)
More information about the Kernel-svn-changes
mailing list