[kernel-sec-discuss] r535 - patch-tracking
Dann Frazier
dannf at costa.debian.org
Mon Aug 14 05:21:42 UTC 2006
Author: dannf
Date: 2006-08-14 05:21:40 +0000 (Mon, 14 Aug 2006)
New Revision: 535
Modified:
patch-tracking/CVE-2006-3468
Log:
update debian & upstream status
Modified: patch-tracking/CVE-2006-3468
===================================================================
--- patch-tracking/CVE-2006-3468 2006-08-14 03:06:54 UTC (rev 534)
+++ patch-tracking/CVE-2006-3468 2006-08-14 05:21:40 UTC (rev 535)
@@ -1,5 +1,6 @@
Candidate: CVE-2006-3468
References:
+ http://www.kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commitdiff;h=2ccb48ebb4de139eef4fcefd5f2bb823cb0d81b9
Description:
Linux kernel 2.6.x, when using both NFS and EXT3, allows remote
attackers to cause a denial of service (file system panic) via a
@@ -14,12 +15,13 @@
Notes:
http://lkml.org/lkml/2006/7/20/1: proposed patch
unclear whether 2.4 is affected
+ dannf> Submitted to Adrian Bunk for inclusion in 2.6.16.x
Bugs:
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=199172
-upstream:
-linux-2.6.16: needed
+upstream: released (2.6.17.8, 2.6.18-rc4)
+linux-2.6.16: pending (2.6.16-18)
linux-2.6: needed
-2.6.8-sarge-security: needed
+2.6.8-sarge-security: pending (2.6.8-16sarge5) [fs-ext3-bad-nfs-handle.dpatch]
2.4.27-sarge-security:
2.6.10-hoary-security: needed
2.6.12-breezy-security: needed
More information about the kernel-sec-discuss
mailing list