[kernel-sec-discuss] r765 - / active retired scripts

Moritz Muehlenhoff jmm at alioth.debian.org
Sun Apr 29 20:46:18 UTC 2007


Author: jmm
Date: 2007-04-29 20:46:17 +0000 (Sun, 29 Apr 2007)
New Revision: 765

Added:
   ignored/
   retired/CVE-2006-1862
Removed:
   active/CVE-2006-1862
Modified:
   active/CVE-2005-0977
   active/CVE-2005-1763
   active/CVE-2005-3105
   active/CVE-2005-3527
   active/CVE-2005-3660
   active/CVE-2005-4440
   active/CVE-2005-4441
   active/CVE-2005-4811
   active/CVE-2006-0558
   active/CVE-2006-0744
   scripts/html-report
Log:
update etch status
retire one RH specific issue
create directory for issues we'll ignore permanently (like design issues)


Modified: active/CVE-2005-0977
===================================================================
--- active/CVE-2005-0977	2007-04-29 20:44:18 UTC (rev 764)
+++ active/CVE-2005-0977	2007-04-29 20:46:17 UTC (rev 765)
@@ -17,3 +17,5 @@
 linux-2.6: N/A
 2.6.8-sarge-security: released (2.6.8-16) [mm-shmem-truncate.dpatch]
 2.4.27-sarge-security: ignored (2.4.27-10sarge3)
+2.6.18-etch-security: N/A
+

Modified: active/CVE-2005-1763
===================================================================
--- active/CVE-2005-1763	2007-04-29 20:44:18 UTC (rev 764)
+++ active/CVE-2005-1763	2007-04-29 20:46:17 UTC (rev 765)
@@ -13,3 +13,5 @@
 linux-2.6: N/A
 2.6.8-sarge-security: released (2.6.8-16sarge1) [arch-x86_64-kernel-ptrace-boundary-check.dpatch]
 2.4.27-sarge-security: ignored (2.4.27-10sarge4)
+2.6.18-etch-security: N/A
+

Modified: active/CVE-2005-3105
===================================================================
--- active/CVE-2005-3105	2007-04-29 20:44:18 UTC (rev 764)
+++ active/CVE-2005-3105	2007-04-29 20:46:17 UTC (rev 765)
@@ -29,3 +29,4 @@
 2.6.8-sarge-security: released (2.6.8-16sarge1) [mckinley_icache.dpatch]
 2.4.27-sarge-security: ignored (2.4.27-10sarge3)
 linux-2.6: N/A
+2.6.18-etch-security: N/A

Modified: active/CVE-2005-3527
===================================================================
--- active/CVE-2005-3527	2007-04-29 20:44:18 UTC (rev 764)
+++ active/CVE-2005-3527	2007-04-29 20:46:17 UTC (rev 765)
@@ -30,3 +30,5 @@
 linux-2.6: N/A
 2.6.8-sarge-security: ignored (2.6.8-16sarge5)
 2.4.27-sarge-security: ignored (2.4.27-10sarge5)
+2.6.18-etch-security: N/A
+

Modified: active/CVE-2005-3660
===================================================================
--- active/CVE-2005-3660	2007-04-29 20:44:18 UTC (rev 764)
+++ active/CVE-2005-3660	2007-04-29 20:46:17 UTC (rev 765)
@@ -17,3 +17,4 @@
 linux-2.6: 
 2.6.8-sarge-security: ignored (2.6.8-16sarge5)
 2.4.27-sarge-security: ignored (2.4.27-10sarge4)
+2.6.18-etch-security: 

Modified: active/CVE-2005-4440
===================================================================
--- active/CVE-2005-4440	2007-04-29 20:44:18 UTC (rev 764)
+++ active/CVE-2005-4440	2007-04-29 20:46:17 UTC (rev 765)
@@ -37,3 +37,4 @@
 linux-2.6:
 2.6.8-sarge-security: ignored (2.6.8-16sarge5)
 2.4.27-sarge-security: ignored (2.4.27-10sarge4)
+2.6.18-etch-security: 

Modified: active/CVE-2005-4441
===================================================================
--- active/CVE-2005-4441	2007-04-29 20:44:18 UTC (rev 764)
+++ active/CVE-2005-4441	2007-04-29 20:46:17 UTC (rev 765)
@@ -41,3 +41,4 @@
 linux-2.6:
 2.6.8-sarge-security: ignored (2.6.8-16sarge5)
 2.4.27-sarge-security: ignored (2.4.27-10sarge4)
+2.6.18-etch-security: 

Modified: active/CVE-2005-4811
===================================================================
--- active/CVE-2005-4811	2007-04-29 20:44:18 UTC (rev 764)
+++ active/CVE-2005-4811	2007-04-29 20:46:17 UTC (rev 765)
@@ -20,3 +20,4 @@
 2.6.12-breezy-security: released
 2.6.15-dapper-security: released
 2.6.17-edgy: released
+2.6.18-etch-security: N/A

Modified: active/CVE-2006-0558
===================================================================
--- active/CVE-2006-0558	2007-04-29 20:44:18 UTC (rev 764)
+++ active/CVE-2006-0558	2007-04-29 20:46:17 UTC (rev 765)
@@ -22,3 +22,4 @@
 linux-2.6: released (2.6.16-1)
 2.6.8-sarge-security: released (2.6.8-16sarge3)
 2.4.27-sarge-security: ignored (2.4.27-10sarge4)
+2.6.18-etch-security: N/A

Modified: active/CVE-2006-0744
===================================================================
--- active/CVE-2006-0744	2007-04-29 20:44:18 UTC (rev 764)
+++ active/CVE-2006-0744	2007-04-29 20:46:17 UTC (rev 765)
@@ -12,3 +12,4 @@
 linux-2.6: released (2.6.16-7)
 2.6.8-sarge-security: released (2.6.8-16sarge3) [em64t-uncanonical-return-addr.dpatch]
 2.4.27-sarge-security: ignored (2.4.27-10sarge3)
+2.6.18-etch-security: N/A

Deleted: active/CVE-2006-1862
===================================================================
--- active/CVE-2006-1862	2007-04-29 20:44:18 UTC (rev 764)
+++ active/CVE-2006-1862	2007-04-29 20:46:17 UTC (rev 765)
@@ -1,19 +0,0 @@
-Candidate: CVE-2006-1862
-Description: 
- The virtual memory implementation in Linux kernel 2.6.x allows local users to
- cause a denial of service (panic) by running lsof a large number of times in
- a way that produces a heavy system load.
-References: 
-Ubuntu-Description:
-Notes:
- jmm> There's some indication that this is RH-specific, needs to be checked
- dannf> Yeah, this code is neither in debian's 2.4.27/2.6.8 or 2.6.16 upstream
- dannf> I also cannot reproduce on debian's 2.6.8 with the test case given in:
- dannf>  https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=189031
-Bugs: 
-upstream: N/A
-linux-2.6: N/A
-2.6.8-sarge-security: N/A
-2.4.27-sarge-security: N/A
-2.6.15-dapper-security: N/A
-2.6.17-edgy-security: N/A

Copied: retired/CVE-2006-1862 (from rev 764, active/CVE-2006-1862)

Modified: scripts/html-report
===================================================================
--- scripts/html-report	2007-04-29 20:44:18 UTC (rev 764)
+++ scripts/html-report	2007-04-29 20:46:17 UTC (rev 765)
@@ -3,7 +3,7 @@
 import os, os.path, sys
 import deb822, re
 
-TrackerDir = ".."
+TrackerDir = "."
 
 ## get an unsorted list of tracked issues
 def trackedIssues(dir):




More information about the kernel-sec-discuss mailing list