[kernel-sec-discuss] r765 - / active retired scripts
Moritz Muehlenhoff
jmm at alioth.debian.org
Sun Apr 29 20:46:18 UTC 2007
Author: jmm
Date: 2007-04-29 20:46:17 +0000 (Sun, 29 Apr 2007)
New Revision: 765
Added:
ignored/
retired/CVE-2006-1862
Removed:
active/CVE-2006-1862
Modified:
active/CVE-2005-0977
active/CVE-2005-1763
active/CVE-2005-3105
active/CVE-2005-3527
active/CVE-2005-3660
active/CVE-2005-4440
active/CVE-2005-4441
active/CVE-2005-4811
active/CVE-2006-0558
active/CVE-2006-0744
scripts/html-report
Log:
update etch status
retire one RH specific issue
create directory for issues we'll ignore permanently (like design issues)
Modified: active/CVE-2005-0977
===================================================================
--- active/CVE-2005-0977 2007-04-29 20:44:18 UTC (rev 764)
+++ active/CVE-2005-0977 2007-04-29 20:46:17 UTC (rev 765)
@@ -17,3 +17,5 @@
linux-2.6: N/A
2.6.8-sarge-security: released (2.6.8-16) [mm-shmem-truncate.dpatch]
2.4.27-sarge-security: ignored (2.4.27-10sarge3)
+2.6.18-etch-security: N/A
+
Modified: active/CVE-2005-1763
===================================================================
--- active/CVE-2005-1763 2007-04-29 20:44:18 UTC (rev 764)
+++ active/CVE-2005-1763 2007-04-29 20:46:17 UTC (rev 765)
@@ -13,3 +13,5 @@
linux-2.6: N/A
2.6.8-sarge-security: released (2.6.8-16sarge1) [arch-x86_64-kernel-ptrace-boundary-check.dpatch]
2.4.27-sarge-security: ignored (2.4.27-10sarge4)
+2.6.18-etch-security: N/A
+
Modified: active/CVE-2005-3105
===================================================================
--- active/CVE-2005-3105 2007-04-29 20:44:18 UTC (rev 764)
+++ active/CVE-2005-3105 2007-04-29 20:46:17 UTC (rev 765)
@@ -29,3 +29,4 @@
2.6.8-sarge-security: released (2.6.8-16sarge1) [mckinley_icache.dpatch]
2.4.27-sarge-security: ignored (2.4.27-10sarge3)
linux-2.6: N/A
+2.6.18-etch-security: N/A
Modified: active/CVE-2005-3527
===================================================================
--- active/CVE-2005-3527 2007-04-29 20:44:18 UTC (rev 764)
+++ active/CVE-2005-3527 2007-04-29 20:46:17 UTC (rev 765)
@@ -30,3 +30,5 @@
linux-2.6: N/A
2.6.8-sarge-security: ignored (2.6.8-16sarge5)
2.4.27-sarge-security: ignored (2.4.27-10sarge5)
+2.6.18-etch-security: N/A
+
Modified: active/CVE-2005-3660
===================================================================
--- active/CVE-2005-3660 2007-04-29 20:44:18 UTC (rev 764)
+++ active/CVE-2005-3660 2007-04-29 20:46:17 UTC (rev 765)
@@ -17,3 +17,4 @@
linux-2.6:
2.6.8-sarge-security: ignored (2.6.8-16sarge5)
2.4.27-sarge-security: ignored (2.4.27-10sarge4)
+2.6.18-etch-security:
Modified: active/CVE-2005-4440
===================================================================
--- active/CVE-2005-4440 2007-04-29 20:44:18 UTC (rev 764)
+++ active/CVE-2005-4440 2007-04-29 20:46:17 UTC (rev 765)
@@ -37,3 +37,4 @@
linux-2.6:
2.6.8-sarge-security: ignored (2.6.8-16sarge5)
2.4.27-sarge-security: ignored (2.4.27-10sarge4)
+2.6.18-etch-security:
Modified: active/CVE-2005-4441
===================================================================
--- active/CVE-2005-4441 2007-04-29 20:44:18 UTC (rev 764)
+++ active/CVE-2005-4441 2007-04-29 20:46:17 UTC (rev 765)
@@ -41,3 +41,4 @@
linux-2.6:
2.6.8-sarge-security: ignored (2.6.8-16sarge5)
2.4.27-sarge-security: ignored (2.4.27-10sarge4)
+2.6.18-etch-security:
Modified: active/CVE-2005-4811
===================================================================
--- active/CVE-2005-4811 2007-04-29 20:44:18 UTC (rev 764)
+++ active/CVE-2005-4811 2007-04-29 20:46:17 UTC (rev 765)
@@ -20,3 +20,4 @@
2.6.12-breezy-security: released
2.6.15-dapper-security: released
2.6.17-edgy: released
+2.6.18-etch-security: N/A
Modified: active/CVE-2006-0558
===================================================================
--- active/CVE-2006-0558 2007-04-29 20:44:18 UTC (rev 764)
+++ active/CVE-2006-0558 2007-04-29 20:46:17 UTC (rev 765)
@@ -22,3 +22,4 @@
linux-2.6: released (2.6.16-1)
2.6.8-sarge-security: released (2.6.8-16sarge3)
2.4.27-sarge-security: ignored (2.4.27-10sarge4)
+2.6.18-etch-security: N/A
Modified: active/CVE-2006-0744
===================================================================
--- active/CVE-2006-0744 2007-04-29 20:44:18 UTC (rev 764)
+++ active/CVE-2006-0744 2007-04-29 20:46:17 UTC (rev 765)
@@ -12,3 +12,4 @@
linux-2.6: released (2.6.16-7)
2.6.8-sarge-security: released (2.6.8-16sarge3) [em64t-uncanonical-return-addr.dpatch]
2.4.27-sarge-security: ignored (2.4.27-10sarge3)
+2.6.18-etch-security: N/A
Deleted: active/CVE-2006-1862
===================================================================
--- active/CVE-2006-1862 2007-04-29 20:44:18 UTC (rev 764)
+++ active/CVE-2006-1862 2007-04-29 20:46:17 UTC (rev 765)
@@ -1,19 +0,0 @@
-Candidate: CVE-2006-1862
-Description:
- The virtual memory implementation in Linux kernel 2.6.x allows local users to
- cause a denial of service (panic) by running lsof a large number of times in
- a way that produces a heavy system load.
-References:
-Ubuntu-Description:
-Notes:
- jmm> There's some indication that this is RH-specific, needs to be checked
- dannf> Yeah, this code is neither in debian's 2.4.27/2.6.8 or 2.6.16 upstream
- dannf> I also cannot reproduce on debian's 2.6.8 with the test case given in:
- dannf> https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=189031
-Bugs:
-upstream: N/A
-linux-2.6: N/A
-2.6.8-sarge-security: N/A
-2.4.27-sarge-security: N/A
-2.6.15-dapper-security: N/A
-2.6.17-edgy-security: N/A
Copied: retired/CVE-2006-1862 (from rev 764, active/CVE-2006-1862)
Modified: scripts/html-report
===================================================================
--- scripts/html-report 2007-04-29 20:44:18 UTC (rev 764)
+++ scripts/html-report 2007-04-29 20:46:17 UTC (rev 765)
@@ -3,7 +3,7 @@
import os, os.path, sys
import deb822, re
-TrackerDir = ".."
+TrackerDir = "."
## get an unsorted list of tracked issues
def trackedIssues(dir):
More information about the kernel-sec-discuss
mailing list