[kernel-sec-discuss] r2286 - active

Wed May 4 15:33:10 UTC 2011

Author: jmm
Date: 2011-05-04 15:33:06 +0000 (Wed, 04 May 2011)
New Revision: 2286

Removed:
   active/CVE-2010-af_unix-recursion
Modified:
   active/CVE-2010-4249
   active/CVE-2011-1017
   active/CVE-2011-1494
   active/CVE-2011-1577
   active/CVE-2011-1748
Log:
updates, remove old temp entry already tracked


Modified: active/CVE-2010-4249
===================================================================

--- active/CVE-2010-4249	2011-05-03 05:57:25 UTC (rev 2285)
+++ active/CVE-2010-4249	2011-05-04 15:33:06 UTC (rev 2286)
@@ -32,7 +32,7 @@
 2.6.32-upstream-stable: needed
 linux-2.6: released (2.6.32-30) [bugfix/all/af_unix-limit-unix_tot_inflight.patch, bugfix/all/scm-lower-SCM_MAX_FD.patch]
 2.6.26-lenny-security: released (2.6.26-26lenny2) [bugfix/all/af_unix-limit-unix_tot_inflight.patch, bugfix/all/scm-lower-SCM_MAX_FD.patch]
-2.6.32-squeeze-security: released (2.6.32-30) [bugfix/all/af_unix-limit-unix_tot_inflight.patch, bugfix/all/scm-lower-SCM_MAX_FD.patch]
+2.6.32-squeeze-security: released (2.6.32-30) [bugfix/all/af_unix-limit-unix_tot_inflight.patch, bugfix/all/scm-lower-SCM_MAX_FD.patch, bugfix/all/af_unix-limit-recursion-level.patch]
 
 
 

Deleted: active/CVE-2010-af_unix-recursion
===================================================================
--- active/CVE-2010-af_unix-recursion	2011-05-03 05:57:25 UTC (rev 2285)
+++ active/CVE-2010-af_unix-recursion	2011-05-04 15:33:06 UTC (rev 2286)
@@ -1,12 +0,0 @@
-Candidate:
-Description:
-References:
- https://lkml.org/lkml/2010/11/25/8
-Notes:
- dannf> similar reproducer to CVE-2010-4249
-Bugs:
-upstream: released [25888e3]
-2.6.32-upstream-stable:
-linux-2.6:
-2.6.26-lenny-security:
-2.6.32-squeeze-security: pending (2.6.32-31) [bugfix/all/af_unix-limit-recursion-level.patch]

Modified: active/CVE-2011-1017
===================================================================
--- active/CVE-2011-1017	2011-05-03 05:57:25 UTC (rev 2285)
+++ active/CVE-2011-1017	2011-05-04 15:33:06 UTC (rev 2286)
@@ -3,9 +3,8 @@
 References:
  http://www.pre-cert.de/advisories/PRE-SA-2011-01.txt
 Notes:
- jmm> Fixed in c340b1d640001c8c9ecff74f68fd90422ae2448a
 Bugs:
-upstream: needed
+upstream: released (2.6.39-rc4) [c340b1d640001c8c9ecff74f68fd90422ae2448a]
 2.6.32-upstream-stable: needed
 linux-2.6: needed 
 2.6.26-lenny-security: needed 

Modified: active/CVE-2011-1494
===================================================================
--- active/CVE-2011-1494	2011-05-03 05:57:25 UTC (rev 2285)
+++ active/CVE-2011-1494	2011-05-04 15:33:06 UTC (rev 2286)
@@ -4,7 +4,7 @@
  jmm> http://marc.info/?l=linux-scsi&m=130202237006310&w=2
  jmm> The /dev file is owned by root as standard, so shouldn't be an issue
  jmm> for sane installations
- jmm> no upstream fix as of 2011-04-18
+ jmm> no upstream fix as of 2011-04-28
 Notes:
 Bugs:
 upstream: pending (2.6.39-rc6) [a1f74ae82d133ebb2aabb19d181944b4e83e9960]

Modified: active/CVE-2011-1577
===================================================================
--- active/CVE-2011-1577	2011-05-03 05:57:25 UTC (rev 2285)
+++ active/CVE-2011-1577	2011-05-04 15:33:06 UTC (rev 2286)
@@ -4,7 +4,7 @@
  http://www.pre-cert.de/advisories/PRE-SA-2011-03.txt
  http://www.spinics.net/lists/mm-commits/msg83274.html
 Notes:
- jmm> No upstream fix as of 2011-04-18
+ jmm> No upstream fix as of 2011-04-28
 Bugs:
 upstream: needed
 2.6.32-upstream-stable: needed

Modified: active/CVE-2011-1748
===================================================================
--- active/CVE-2011-1748	2011-05-03 05:57:25 UTC (rev 2285)
+++ active/CVE-2011-1748	2011-05-04 15:33:06 UTC (rev 2286)
@@ -3,6 +3,7 @@
 References:
  http://permalink.gmane.org/gmane.linux.network/192974
 Notes:
+ jmm> no upstream fix as of 2011-04-28
 Bugs:
 upstream: pending (2.6.39-rc6) [10022a6c66e199d8f61d9044543f38785713cbbd]
 2.6.32-upstream-stable: needed


