[Secure-testing-team] kernel update
Moritz Muehlenhoff
jmm at inutil.org
Thu Sep 15 09:03:57 UTC 2005
Joey Hess wrote:
> Now that 2.6.12 is finally in testing and work is well underway to
> remove 2.6.8, I think we can switch to tracking security holes in the
> new kernel now. There are several items listed as unfixed in 2.6.8, would
> it be possible for someone to double check if any of these also still
> apply to 2.6.12?
For many of these the fix is confirmed to be in mainline, but for a
few I could only find references to advisories from Red Hat and SuSE,
so we should double-check this.
> # kernel-image-2.6.8-i386 (unfixed; bug #309308) for CAN-2005-2548
Fixed in linux-2.6
> # kernel-source-2.6.8 (unfixed; bug #295949) for CAN-2005-0449
This one is the infamous ABI breaking kernel vulnerability.
Probably fixed in mainline?
> # kernel-source-2.6.8 (unfixed; bug #322339) for CAN-2004-2302
Fixed in linux-2.6
> # kernel-source-2.6.8 2.6.8-16sarge1 needed, have 2.6.8-16 for CAN-2005-1765,
Fixed in linux-2.6
> CAN-2005-1763,
Double-check.
Couldn't find a reference yet that it's fixed in mainline.
> CAN-2005-1762,
Fixed in linux-2.6.
> CAN-2005-1761,
Fixed in linux-2.6.
> CAN-2005-0757,
Double-check.
Couldn't find a reference yet that it's fixed in mainline.
> CAN-2005-0756
Double-check.
Couldn't find a reference yet that it's fixed in mainline.
> # kernel-source-2.6.8 2.6.8-16sarge2 needed, have 2.6.8-16 for CAN-2005-2555
Fixed in linux-2.6.
> # kernel-source-2.6.8 2.6.8-17 needed, have 2.6.8-16 for CAN-2005-1765, CAN-2005-1763, CAN-2005-1762, CAN-2005-1761, CAN-2005-1265, CAN-2005-0757, CAN-2005-0756
These are all duplications from the above, so already fixed as well.
Cheers,
Moritz
More information about the Secure-testing-team
mailing list