[kernel-sec-discuss] r914 - active
dannf at alioth.debian.org
dannf at alioth.debian.org
Wed Aug 15 23:46:06 UTC 2007
Author: dannf
Date: 2007-08-15 23:46:06 +0000 (Wed, 15 Aug 2007)
New Revision: 914
Modified:
active/CVE-2007-1353
active/CVE-2007-2172
active/CVE-2007-2453
active/CVE-2007-2525
active/CVE-2007-2876
active/CVE-2007-3513
active/CVE-2007-3642
active/CVE-2007-3851
Log:
update debian status after release of linux-2.6_2.6.18.dfsg.1-13etch1
Modified: active/CVE-2007-1353
===================================================================
--- active/CVE-2007-1353 2007-08-15 23:40:45 UTC (rev 913)
+++ active/CVE-2007-1353 2007-08-15 23:46:06 UTC (rev 914)
@@ -18,7 +18,7 @@
Bugs:
upstream: pending (2.6.22)
linux-2.6:
-2.6.18-etch-security: pending (2.6.18.dfsg.1-13etch1) [bugfix/bluetooth-l2cap-hci-info-leaks.patch]
+2.6.18-etch-security: released (2.6.18.dfsg.1-13etch1) [bugfix/bluetooth-l2cap-hci-info-leaks.patch]
2.6.8-sarge-security:
2.4.27-sarge-security: pending (2.4.27-10sarge6) [244_bluetooth-l2cap-hci-info-leaks.diff]
2.6.15-dapper-security: released (2.6.15-28.57)
Modified: active/CVE-2007-2172
===================================================================
--- active/CVE-2007-2172 2007-08-15 23:40:45 UTC (rev 913)
+++ active/CVE-2007-2172 2007-08-15 23:46:06 UTC (rev 914)
@@ -13,12 +13,14 @@
packets over a netlink socket, a local attacker could exploit this
to crash the kernel.
Notes:
+ dannf> Debian kernels currently only have the decnet patch - ipv4 patch
+ is still needed
Bugs:
upstream: released (2.4.34.3, 2.6.21)
linux-2.6: released (2.6.21-1)
-2.6.18-etch-security: pending (2.6.18.dfsg.1-13etch1) [bugfix/dn_fib-out-of-bounds.patch]
-2.6.8-sarge-security: pending (2.6.8-17sarge1) [dn_fib-out-of-bounds.dpatch]
-2.4.27-sarge-security: pending (2.4.27-10sarge6) [246_dn_fib-out-of-bounds.diff]
+2.6.18-etch-security: needed [bugfix/dn_fib-out-of-bounds.patch]
+2.6.8-sarge-security: needed (2.6.8-17sarge1) [dn_fib-out-of-bounds.dpatch]
+2.4.27-sarge-security: needed (2.4.27-10sarge6) [246_dn_fib-out-of-bounds.diff]
2.6.15-dapper-security: released (2.6.15-28.54)
2.6.17-edgy-security: released (2.6.17.1-11.38)
2.6.20-feisty-security: released (2.6.20-16.28)
Modified: active/CVE-2007-2453
===================================================================
--- active/CVE-2007-2453 2007-08-15 23:40:45 UTC (rev 913)
+++ active/CVE-2007-2453 2007-08-15 23:46:06 UTC (rev 914)
@@ -18,7 +18,7 @@
Bugs:
upstream: released (2.6.21.4)
linux-2.6: released (2.6.21-5)
-2.6.18-etch-security: pending (2.6.18.dfsg.1-13etch1) [bugfix/random-fix-seeding-with-zero-entropy.patch, bugfix/random-fix-error-in-entropy-extraction.patch]
+2.6.18-etch-security: released (2.6.18.dfsg.1-13etch1) [bugfix/random-fix-seeding-with-zero-entropy.patch, bugfix/random-fix-error-in-entropy-extraction.patch]
2.6.8-sarge-security:
2.4.27-sarge-security:
2.6.15-dapper-security: released (2.6.15-28.57)
Modified: active/CVE-2007-2525
===================================================================
--- active/CVE-2007-2525 2007-08-15 23:40:45 UTC (rev 913)
+++ active/CVE-2007-2525 2007-08-15 23:46:06 UTC (rev 914)
@@ -14,7 +14,7 @@
Bugs:
upstream: released (2.6.21)
linux-2.6: released (2.6.21-1)
-2.6.18-etch-security: pending (2.6.18.dfsg.1-13etch1) [bugfix/pppoe-socket-release-mem-leak.patch]
+2.6.18-etch-security: released (2.6.18.dfsg.1-13etch1) [bugfix/pppoe-socket-release-mem-leak.patch]
2.6.8-sarge-security: pending (2.6.8-17sarge1) [pppoe-socket-release-mem-leak.dpatch]
2.4.27-sarge-security: needed
2.6.15-dapper-security: released (2.6.15-28.57)
Modified: active/CVE-2007-2876
===================================================================
--- active/CVE-2007-2876 2007-08-15 23:40:45 UTC (rev 913)
+++ active/CVE-2007-2876 2007-08-15 23:46:06 UTC (rev 914)
@@ -18,7 +18,7 @@
Bugs:
upstream: released (2.6.21.4)
linux-2.6: released (2.6.21-5)
-2.6.18-etch-security: pending (2.6.18.dfsg.1-13etch1) [bugfix/nf_conntrack_sctp-null-deref.patch]
+2.6.18-etch-security: released (2.6.18.dfsg.1-13etch1) [bugfix/nf_conntrack_sctp-null-deref.patch]
2.6.8-sarge-security: N/A
2.4.27-sarge-security: N/A
2.6.15-dapper-security: released (2.6.15-28.57)
Modified: active/CVE-2007-3513
===================================================================
--- active/CVE-2007-3513 2007-08-15 23:40:45 UTC (rev 913)
+++ active/CVE-2007-3513 2007-08-15 23:46:06 UTC (rev 914)
@@ -11,9 +11,9 @@
Bugs:
upstream: released (2.6.22-rc7)
linux-2.6:
-2.6.18-etch-security: pending (2.6.18.dfsg.1-13etch1) [bugfix/usblcd-limit-memory-consumption.patch]
+2.6.18-etch-security: released (2.6.18.dfsg.1-13etch1) [bugfix/usblcd-limit-memory-consumption.patch]
2.6.8-sarge-security:
2.4.27-sarge-security:
-2.6.15-dapper-security: released (2.6.15-28.57)
+2.6.15-dapper-security: released (2.6.15-28.57)
2.6.17-edgy-security: pending (2.6.17.1-12.40) [85816b5fa3476f3fcf7758a1bd338d69184085d7]
2.6.20-feisty-security: pending (2.6.20-16.30) [165018c61779a357d33947a2ae169148b6ab8d9f]
Modified: active/CVE-2007-3642
===================================================================
--- active/CVE-2007-3642 2007-08-15 23:40:45 UTC (rev 913)
+++ active/CVE-2007-3642 2007-08-15 23:46:06 UTC (rev 914)
@@ -9,7 +9,7 @@
Bugs:
upstream:
linux-2.6: released (2.6.21-6) [bugfix/all/stable/2.6.21.6.patch]
-2.6.18-etch-security: pending (2.6.18.dfsg.1-13etch1) [bugfix/nf_conntrack_h323-bounds-checking.patch]
+2.6.18-etch-security: released (2.6.18.dfsg.1-13etch1) [bugfix/nf_conntrack_h323-bounds-checking.patch]
2.6.8-sarge-security: N/A
2.4.27-sarge-security: N/A
2.6.15-dapper-security: N/A - code doesn't seem to exist
Modified: active/CVE-2007-3851
===================================================================
--- active/CVE-2007-3851 2007-08-15 23:40:45 UTC (rev 913)
+++ active/CVE-2007-3851 2007-08-15 23:46:06 UTC (rev 914)
@@ -7,7 +7,7 @@
Bugs:
upstream:
linux-2.6:
-2.6.18-etch-security:
+2.6.18-etch-security: released (2.6.18.dfsg.1-13etch1) [bugfix/i965-secure-batchbuffer.patch]
2.6.8-sarge-security:
2.4.27-sarge-security:
2.6.15-dapper-security:
More information about the kernel-sec-discuss
mailing list