[kernel-sec-discuss] r2305 - active

Moritz Muehlenhoff jmm at alioth.debian.org
Mon May 16 08:51:53 UTC 2011 

Author: jmm
Date: 2011-05-16 08:51:46 +0000 (Mon, 16 May 2011)
New Revision: 2305

Modified:
   active/CVE-2011-1016
   active/CVE-2011-1020
   active/CVE-2011-1083
   active/CVE-2011-1161
   active/CVE-2011-1169
   active/CVE-2011-1182
   active/CVE-2011-1476
   active/CVE-2011-1478
   active/CVE-2011-1577
   active/CVE-2011-1593
   active/CVE-2011-1747
   active/CVE-2011-1748
   active/CVE-2011-1770
Log:
various updates


Modified: active/CVE-2011-1016
===================================================================
--- active/CVE-2011-1016	2011-05-16 00:54:20 UTC (rev 2304)
+++ active/CVE-2011-1016	2011-05-16 08:51:46 UTC (rev 2305)
@@ -7,4 +7,4 @@
 2.6.32-upstream-stable: 
 linux-2.6: released (2.6.38-1)
 2.6.26-lenny-security: "needs port"
-2.6.32-squeeze-security: pending (2.6.32-32) [bugfix/all/drm-radeon-kms-check-aa-resolve-registers-on-r300.patch, bugfix/all/drm-radeon-fix-regression-with-aa-resolve-checking.patch]
+2.6.32-squeeze-security: released (2.6.32-32) [bugfix/all/drm-radeon-kms-check-aa-resolve-registers-on-r300.patch, bugfix/all/drm-radeon-fix-regression-with-aa-resolve-checking.patch]

Modified: active/CVE-2011-1020
===================================================================
--- active/CVE-2011-1020	2011-05-16 00:54:20 UTC (rev 2304)
+++ active/CVE-2011-1020	2011-05-16 08:51:46 UTC (rev 2305)
@@ -6,6 +6,6 @@
 Bugs:
 upstream: needed
 2.6.32-upstream-stable: needed
-linux-2.6: needed "no upstream fix as of 2011.03.27"
-2.6.26-lenny-security: needed "no upstream fix as of 2011.03.27"
-2.6.32-squeeze-security: needed "no upstream fix as of 2011.03.27"
+linux-2.6: needed "no upstream fix as of 2011.05.10"
+2.6.26-lenny-security: needed "no upstream fix as of 2011.05.10"
+2.6.32-squeeze-security: needed "no upstream fix as of 2011.05.10"

Modified: active/CVE-2011-1083
===================================================================
--- active/CVE-2011-1083	2011-05-16 00:54:20 UTC (rev 2304)
+++ active/CVE-2011-1083	2011-05-16 08:51:46 UTC (rev 2305)
@@ -7,6 +7,6 @@
 Bugs:
 upstream: needed
 2.6.32-upstream-stable:
-linux-2.6: needed "no upstream fix as of 2011.03.27"
-2.6.26-lenny-security: needed "no upstream fix as of 2011.03.27"
-2.6.32-squeeze-security: needed "no upstream fix as of 2011.03.27"
+linux-2.6: needed "no upstream fix as of 2011.05.10"
+2.6.26-lenny-security: needed "no upstream fix as of 2011.05.10"
+2.6.32-squeeze-security: needed "no upstream fix as of 2011.05.10"

Modified: active/CVE-2011-1161
===================================================================
--- active/CVE-2011-1161	2011-05-16 00:54:20 UTC (rev 2304)
+++ active/CVE-2011-1161	2011-05-16 08:51:46 UTC (rev 2305)
@@ -4,8 +4,8 @@
  http://tpmdd.git.sourceforge.net/git/gitweb.cgi?p=tpmdd/tpmdd;a=commitdiff;h=f0bbed1ee49a4779dfb32159fea669ced8789336
 Notes:
 Bugs:
-upstream: needed "no upstream fix as of 2011.05.02"
-2.6.32-upstream-stable: needed "no upstream fix as of 2011.05.02"
-linux-2.6: needed "no upstream fix as of 2011.05.02"
-2.6.26-lenny-security: needed "no upstream fix as of 2011.05.02"
-2.6.32-squeeze-security: needed "no upstream fix as of 2011.05.02"
+upstream: needed "no upstream fix as of 2011.05.10"
+2.6.32-upstream-stable: needed "no upstream fix as of 2011.05.10"
+linux-2.6: needed "no upstream fix as of 2011.05.10"
+2.6.26-lenny-security: needed "no upstream fix as of 2011.05.10"
+2.6.32-squeeze-security: needed "no upstream fix as of 2011.05.10"

Modified: active/CVE-2011-1169
===================================================================
--- active/CVE-2011-1169	2011-05-16 00:54:20 UTC (rev 2304)
+++ active/CVE-2011-1169	2011-05-16 08:51:46 UTC (rev 2305)
@@ -4,8 +4,8 @@
  http://git.kernel.org/?p=linux/kernel/git/tiwai/sound-2.6.git;a=commit;h=4a122c10fbfe9020df469f0f669da129c5757671
 Notes:
 Bugs:
-upstream: needed
+upstream: released (2.6.39-rc1)
 2.6.32-upstream-stable: N/A "Driver introduced in 2.6.35"
-linux-2.6: needed
+linux-2.6: released (2.6.38-2)
 2.6.26-lenny-security: N/A "Driver introduced in 2.6.35"
 2.6.32-squeeze-security: N/A "Driver introduced in 2.6.35"

Modified: active/CVE-2011-1182
===================================================================
--- active/CVE-2011-1182	2011-05-16 00:54:20 UTC (rev 2304)
+++ active/CVE-2011-1182	2011-05-16 08:51:46 UTC (rev 2305)
@@ -8,4 +8,4 @@
 2.6.32-upstream-stable: released (2.6.32.36) [62a9fca67f7f5838894306ad5ab65af911dc0dfd]
 linux-2.6: pending (2.6.38-2) [bugfix/all/stable/2.6.38.2.patch]
 2.6.26-lenny-security: pending (2.6.26-26lenny3) [bugfix/x86/prevent-rt_sigqueueinfo-and-rt_tgsigqueueinfo-from-spoofing-the-signal-code.patch, bugfix/x86/prevent-rt_sigqueueinfo-and-rt_tgsigqueueinfo-from-spoofing-the-signal-code-regression.patch]
-2.6.32-squeeze-security: pending (2.6.32-32) [bugfix/all/stable/2.6.32.36.patch]
+2.6.32-squeeze-security: released (2.6.32-32) [bugfix/all/stable/2.6.32.36.patch]

Modified: active/CVE-2011-1476
===================================================================
--- active/CVE-2011-1476	2011-05-16 00:54:20 UTC (rev 2304)
+++ active/CVE-2011-1476	2011-05-16 08:51:46 UTC (rev 2305)
@@ -9,4 +9,4 @@
 2.6.32-upstream-stable: released (2.6.32.37)
 linux-2.6: released (2.6.38-4) [bugfix/all/stable/2.6.38.3.patch]
 2.6.26-lenny-security: needed 
-2.6.32-squeeze-security: pending (2.6.32-34) [bugfix/all/stable/2.6.32.37.patch]
+2.6.32-squeeze-security: released (2.6.32-34) [bugfix/all/stable/2.6.32.37.patch]

Modified: active/CVE-2011-1478
===================================================================
--- active/CVE-2011-1478	2011-05-16 00:54:20 UTC (rev 2304)
+++ active/CVE-2011-1478	2011-05-16 08:51:46 UTC (rev 2305)
@@ -7,4 +7,4 @@
 2.6.32-upstream-stable: released (2.6.32.37)
 linux-2.6: released (2.6.38-1)
 2.6.26-lenny-security: 
-2.6.32-squeeze-security: pending (2.6.32-34)
+2.6.32-squeeze-security: released (2.6.32-34)

Modified: active/CVE-2011-1577
===================================================================
--- active/CVE-2011-1577	2011-05-16 00:54:20 UTC (rev 2304)
+++ active/CVE-2011-1577	2011-05-16 08:51:46 UTC (rev 2305)
@@ -4,9 +4,8 @@
  http://www.pre-cert.de/advisories/PRE-SA-2011-03.txt
  http://www.spinics.net/lists/mm-commits/msg83274.html
 Notes:
- jmm> No upstream fix as of 2011-04-28
 Bugs:
-upstream: needed
+upstream: released (2.6.39-rc7) [fa039d5f6b126fbd65eefa05db2f67e44df8f121]
 2.6.32-upstream-stable: needed
 linux-2.6: needed
 2.6.26-lenny-security: needed

Modified: active/CVE-2011-1593
===================================================================
--- active/CVE-2011-1593	2011-05-16 00:54:20 UTC (rev 2304)
+++ active/CVE-2011-1593	2011-05-16 08:51:46 UTC (rev 2305)
@@ -9,4 +9,4 @@
 2.6.32-upstream-stable: released (2.6.32.39) [67e022f3add1879292986e779b2aaf6ecb93fa58]
 linux-2.6: released (2.6.38-4) [bugfix/all/stable/2.6.38.4.patch]
 2.6.26-lenny-security:
-2.6.32-squeeze-security: pending (2.6.32-34) [bugfix/all/stable/2.6.32.39.patch]
+2.6.32-squeeze-security: released (2.6.32-34) [bugfix/all/stable/2.6.32.39.patch]

Modified: active/CVE-2011-1747
===================================================================
--- active/CVE-2011-1747	2011-05-16 00:54:20 UTC (rev 2304)
+++ active/CVE-2011-1747	2011-05-16 08:51:46 UTC (rev 2305)
@@ -11,8 +11,8 @@
 References:
 Notes:
 Bugs:
-upstream: needed
-2.6.32-upstream-stable: needed
-linux-2.6: needed
-2.6.26-lenny-security: needed
-2.6.32-squeeze-security: needed
+upstream: needed "no upstream fix as of 2011.05.10"
+2.6.32-upstream-stable: needed "no upstream fix as of 2011.05.10"
+linux-2.6: needed "no upstream fix as of 2011.05.10"
+2.6.26-lenny-security: needed "no upstream fix as of 2011.05.10"
+2.6.32-squeeze-security: needed "no upstream fix as of 2011.05.10"

Modified: active/CVE-2011-1748
===================================================================
--- active/CVE-2011-1748	2011-05-16 00:54:20 UTC (rev 2304)
+++ active/CVE-2011-1748	2011-05-16 08:51:46 UTC (rev 2305)
@@ -9,4 +9,4 @@
 2.6.32-upstream-stable: needed
 linux-2.6: needed
 2.6.26-lenny-security:
-2.6.32-squeeze-security: pending (2.6.32-34) [bugfix/all/can-add-missing-socket-check-in-can+raw-release.patch]
+2.6.32-squeeze-security: released (2.6.32-34) [bugfix/all/can-add-missing-socket-check-in-can+raw-release.patch]

Modified: active/CVE-2011-1770
===================================================================
--- active/CVE-2011-1770	2011-05-16 00:54:20 UTC (rev 2304)
+++ active/CVE-2011-1770	2011-05-16 08:51:46 UTC (rev 2305)
@@ -4,7 +4,7 @@
  http://marc.info/?l=linux-kernel&m=130468845209036&w=2
 Notes:
 Bugs:
-upstream: needed
+upstream: needed [a294865978b701e4d0d90135672749531b9a900d]
 2.6.32-upstream-stable: needed
 linux-2.6: needed
 2.6.26-lenny-security: N/A "Introduced in 2.6.29 with commit e77b8363b2ea7c0d89919547c1a8b0562f298b57"

More information about the kernel-sec-discuss mailing list