[kernel-sec-discuss] r659 - active
Martin Pitt
mpitt at alioth.debian.org
Wed Dec 13 15:35:25 CET 2006
Author: mpitt
Date: 2006-12-13 15:35:25 +0100 (Wed, 13 Dec 2006)
New Revision: 659
Modified:
active/CVE-2006-4572
active/CVE-2006-4623
active/CVE-2006-4813
active/CVE-2006-4997
active/CVE-2006-5158
active/CVE-2006-5173
active/CVE-2006-5619
active/CVE-2006-5648
active/CVE-2006-5649
active/CVE-2006-5701
active/CVE-2006-5751
Log:
update status for USN-395-1
Modified: active/CVE-2006-4572
===================================================================
--- active/CVE-2006-4572 2006-12-13 14:35:02 UTC (rev 658)
+++ active/CVE-2006-4572 2006-12-13 14:35:25 UTC (rev 659)
@@ -14,8 +14,6 @@
packets, a remote attacker could exploit this to bypass firewall
rules.
Notes:
- kyle: according to patrick mchardy, they are still vunerable...
- pitti: according to Chuck Short, 2.6.12 and below do the right thing
Bugs:
upstream:
linux-2.6:
@@ -23,5 +21,5 @@
2.4.27-sarge-security:
2.6.12-breezy-security: needed
2.6.15-dapper-security: needed
-2.6.17-edgy-security: needed
+2.6.17-edgy-security: released (2.6.17.1-10.34)
2.6.19-feisty: released
Modified: active/CVE-2006-4623
===================================================================
--- active/CVE-2006-4623 2006-12-13 14:35:02 UTC (rev 658)
+++ active/CVE-2006-4623 2006-12-13 14:35:25 UTC (rev 659)
@@ -19,4 +19,4 @@
2.6.10-hoary-security:
2.6.12-breezy-security:
2.6.15-dapper-security:
-2.6.17-edgy:
+2.6.17-edgy: released (2.6.17.1-10.34)
Modified: active/CVE-2006-4813
===================================================================
--- active/CVE-2006-4813 2006-12-13 14:35:02 UTC (rev 658)
+++ active/CVE-2006-4813 2006-12-13 14:35:25 UTC (rev 659)
@@ -18,6 +18,6 @@
linux-2.6: released (2.6.13-1)
2.6.8-sarge-security: pending (2.6.8-16sarge6) [__block_prepare_write-recovery.dpatch]
2.4.27-sarge-security: N/A
-2.6.12-breezy-security: needed
+2.6.12-breezy-security: released (CVE-2006-4813)
2.6.15-dapper-security: released
2.6.17-edgy: released
Modified: active/CVE-2006-4997
===================================================================
--- active/CVE-2006-4997 2006-12-13 14:35:02 UTC (rev 658)
+++ active/CVE-2006-4997 2006-12-13 14:35:25 UTC (rev 659)
@@ -14,6 +14,6 @@
linux-2.6: released (2.6.18-1)
2.6.8-sarge-security: pending (2.6.8-16sarge6) [atm-clip-freed-skb-deref.dpatch]
2.4.27-sarge-security: pending (2.4.27-10sarge5) [234_atm-clip-freed-skb-deref.diff]
-2.6.12-breezy-security: needed
-2.6.15-dapper-security: needed
+2.6.12-breezy-security: released (2.6.12-10.41)
+2.6.15-dapper-security: released (2.6.15-27.49)
2.6.17-edgy: released (2.6.17-10.31)
Modified: active/CVE-2006-5158
===================================================================
--- active/CVE-2006-5158 2006-12-13 14:35:02 UTC (rev 658)
+++ active/CVE-2006-5158 2006-12-13 14:35:25 UTC (rev 659)
@@ -18,6 +18,6 @@
linux-2.6:
2.6.8-sarge-security: N/A
2.4.27-sarge-security: N/A
-2.6.12-breezy-security: needed
+2.6.12-breezy-security: released (2.6.12-10.41)
2.6.15-dapper-security: needed
2.6.17-edgy: needed
Modified: active/CVE-2006-5173
===================================================================
--- active/CVE-2006-5173 2006-12-13 14:35:02 UTC (rev 658)
+++ active/CVE-2006-5173 2006-12-13 14:35:25 UTC (rev 659)
@@ -22,5 +22,5 @@
2.4.27-sarge-security: N/A
2.6.10-hoary-security: N/A
2.6.12-breezy-security: N/A
-2.6.15-dapper-security: needed
-2.6.17-edgy: needed
+2.6.15-dapper-security: released (2.6.15-27.49)
+2.6.17-edgy: released (2.6.17.1-10.34)
Modified: active/CVE-2006-5619
===================================================================
--- active/CVE-2006-5619 2006-12-13 14:35:02 UTC (rev 658)
+++ active/CVE-2006-5619 2006-12-13 14:35:25 UTC (rev 659)
@@ -17,7 +17,7 @@
linux-2.6: released (2.6.18-4)
2.6.8-sarge-security: pending (2.6.8-16sarge6) [ip6_flowlabel-lockup.dpatch]
2.4.27-sarge-security: N/A
-2.6.12-breezy-security: needed
-2.6.15-dapper-security: needed
-2.6.17-edgy-security: needed
-2.6.19-feisty: needed
+2.6.12-breezy-security: released (2.6.12-10.41)
+2.6.15-dapper-security: released (2.6.15-27.49)
+2.6.17-edgy-security: released (2.6.17.1-10.34)
+2.6.19-feisty: released
Modified: active/CVE-2006-5648
===================================================================
--- active/CVE-2006-5648 2006-12-13 14:35:02 UTC (rev 658)
+++ active/CVE-2006-5648 2006-12-13 14:35:25 UTC (rev 659)
@@ -20,5 +20,5 @@
2.4.27-sarge-security: N/A
2.6.12-breezy-security: N/A
2.6.15-dapper-security: N/A
-2.6.17-edgy-security: needed
-2.6.19-feisty: needed
+2.6.17-edgy-security: released (2.6.17.1-10.34)
+2.6.19-feisty: released
Modified: active/CVE-2006-5649
===================================================================
--- active/CVE-2006-5649 2006-12-13 14:35:02 UTC (rev 658)
+++ active/CVE-2006-5649 2006-12-13 14:35:25 UTC (rev 659)
@@ -19,7 +19,6 @@
linux-2.6: released (2.6.18-4)
2.6.8-sarge-security: pending (2.6.8-16sarge6) [ppc-alignment-exception-table-check.dpatch]
2.4.27-sarge-security: pending (2.4.27-10sarge5) [235_ppc-alignment-exception-table-check.diff]
-2.6.12-breezy-security: needed
-2.6.15-dapper-security: needed
-2.6.17-edgy-security: needed
-2.6.19-feisty: needed
+2.6.12-breezy-security: released (2.6.12-10.41)
+2.6.15-dapper-security: released (2.6.15-27.49)
+2.6.17-edgy-security: released (2.6.17.1-10.34)
Modified: active/CVE-2006-5701
===================================================================
--- active/CVE-2006-5701 2006-12-13 14:35:02 UTC (rev 658)
+++ active/CVE-2006-5701 2006-12-13 14:35:25 UTC (rev 659)
@@ -23,7 +23,6 @@
2.6.18-etch: needed
2.6.8-sarge-security: N/A
2.4.27-sarge-security: N/A
-2.6.12-breezy-security: needed
-2.6.15-dapper-security: needed
-2.6.17-edgy-security: needed
-2.6.19-feisty: needed
+2.6.12-breezy-security: N/A
+2.6.15-dapper-security: released (2.6.15-27.49)
+2.6.17-edgy-security: released (2.6.17.1-10.34)
Modified: active/CVE-2006-5751
===================================================================
--- active/CVE-2006-5751 2006-12-13 14:35:02 UTC (rev 658)
+++ active/CVE-2006-5751 2006-12-13 14:35:25 UTC (rev 659)
@@ -16,6 +16,10 @@
the Linux kernel before 2.6.18.4 allows local users to execute arbitrary code
via a large maxnum value in an ioctl request.
Ubuntu-Description:
+ An integer overflow was found in the get_fdb_entries() function of
+ the network bridging code. By executing a specially crafted ioctl, a
+ local attacker could exploit this to execute arbitrary code with root
+ privileges.
Notes:
dannf> Marking 2.4 as N/A - the code is much different now, and nothing
dannf> seemed to be checking PAGE_SIZE at all in 2.4
@@ -25,7 +29,6 @@
2.6.18-etch:
2.6.8-sarge-security: pending (2.6.8-16sarge6) [bridge-get_fdb_entries-overflow.dpatch]
2.4.27-sarge-security: N/A
-2.6.12-breezy-security:
-2.6.15-dapper-security:
-2.6.17-edgy-security:
-2.6.19-feisty:
+2.6.12-breezy-security: released (2.6.12-10.41)
+2.6.15-dapper-security: released (2.6.15-27.49)
+2.6.17-edgy-security: released (2.6.17.1-10.34)
More information about the kernel-sec-discuss
mailing list