[kernel-sec-discuss] r938 - active

keescook-guest at alioth.debian.org keescook-guest at alioth.debian.org
Fri Aug 31 18:13:47 UTC 2007 

Author: keescook-guest
Date: 2007-08-31 18:13:47 +0000 (Fri, 31 Aug 2007)
New Revision: 938

Modified:
   active/CVE-2007-2525
   active/CVE-2007-2875
   active/CVE-2007-2876
   active/CVE-2007-2878
   active/CVE-2007-3104
   active/CVE-2007-3105
   active/CVE-2007-3513
   active/CVE-2007-3642
   active/CVE-2007-3843
   active/CVE-2007-3848
   active/CVE-2007-3851
   active/CVE-2007-4308
Log:
feisty released; descriptions updated

Modified: active/CVE-2007-2525
===================================================================
--- active/CVE-2007-2525	2007-08-31 18:13:25 UTC (rev 937)
+++ active/CVE-2007-2525	2007-08-31 18:13:47 UTC (rev 938)
@@ -19,4 +19,4 @@
 2.4.27-sarge-security: needed
 2.6.15-dapper-security: released (2.6.15-28.57)
 2.6.17-edgy-security: released (2.6.17.1-11.39) [123623f9ad4d9bbe55c03b33ce79123e948b107f]
-2.6.20-feisty-security: pending (2.6.20-16.30) [168038c2da7f984a07fd169270b2cac561e1c90c]
+2.6.20-feisty-security: released (2.6.20-16.31) [168038c2da7f984a07fd169270b2cac561e1c90c]

Modified: active/CVE-2007-2875
===================================================================
--- active/CVE-2007-2875	2007-08-31 18:13:25 UTC (rev 937)
+++ active/CVE-2007-2875	2007-08-31 18:13:47 UTC (rev 938)
@@ -22,4 +22,4 @@
 2.4.27-sarge-security: N/A
 2.6.15-dapper-security: released (2.6.15-28.57)
 2.6.17-edgy-security: released (2.6.17.1-11.39) [1448fa0c7be21a3c6c31b20d19a8ecfafdfea143]
-2.6.20-feisty-security: pending (2.6.20-16.30) [b07fd0532409fb2332562abc2254376222d1e913]
+2.6.20-feisty-security: released (2.6.20-16.31) [b07fd0532409fb2332562abc2254376222d1e913]

Modified: active/CVE-2007-2876
===================================================================
--- active/CVE-2007-2876	2007-08-31 18:13:25 UTC (rev 937)
+++ active/CVE-2007-2876	2007-08-31 18:13:47 UTC (rev 938)
@@ -23,4 +23,4 @@
 2.4.27-sarge-security: N/A
 2.6.15-dapper-security: released (2.6.15-28.57)
 2.6.17-edgy-security: released (2.6.17.1-11.39) [71405ef45b6a5da5419cf4580db7fe9666a63774]
-2.6.20-feisty-security: pending (2.6.20-16.30) [b72e4ea43b03b980f6818a10050f2d65d347f36c]
+2.6.20-feisty-security: released (2.6.20-16.31) [b72e4ea43b03b980f6818a10050f2d65d347f36c]

Modified: active/CVE-2007-2878
===================================================================
--- active/CVE-2007-2878	2007-08-31 18:13:25 UTC (rev 937)
+++ active/CVE-2007-2878	2007-08-31 18:13:47 UTC (rev 938)
@@ -26,4 +26,4 @@
 2.4.27-sarge-security: N/A
 2.6.15-dapper-security: released (2.6.15-28.57)
 2.6.17-edgy-security: released (2.6.17.1-11.39) [6dbbec837f43196339b1638dc799d898fcba9302]
-2.6.20-feisty-security: pending (2.6.20-16.30) [5825ab378271ac6ead26504a46b0d404b63592dc]
+2.6.20-feisty-security: released (2.6.20-16.31) [5825ab378271ac6ead26504a46b0d404b63592dc]

Modified: active/CVE-2007-3104
===================================================================
--- active/CVE-2007-3104	2007-08-31 18:13:25 UTC (rev 937)
+++ active/CVE-2007-3104	2007-08-31 18:13:47 UTC (rev 938)
@@ -17,4 +17,4 @@
 2.4.27-sarge-security: 
 2.6.15-dapper-security: released (2.6.15-29.58)
 2.6.17-edgy-security: released (2.6.17.1-12.40) [a8c3f241ea411211c4802098f23a8da309e8bbd1]
-2.6.20-feisty-security: pending (2.6.20-16.30) [5ca45c7e9e3d363c7bd3a5419742cb3368baf474]
+2.6.20-feisty-security: released (2.6.20-16.31) [5ca45c7e9e3d363c7bd3a5419742cb3368baf474]

Modified: active/CVE-2007-3105
===================================================================
--- active/CVE-2007-3105	2007-08-31 18:13:25 UTC (rev 937)
+++ active/CVE-2007-3105	2007-08-31 18:13:47 UTC (rev 938)
@@ -22,4 +22,4 @@
 2.4.27-sarge-security: 
 2.6.15-dapper-security: released (2.6.15-29.58) 
 2.6.17-edgy-security: released (2.6.17.1-12.40) [f22710043b7d89b496f7910e9c87ed62519dff14]
-2.6.20-feisty-security: pending (2.6.20-16.30) [542a98d0809f0eccc5cf23ed402285e995e0b31e]
+2.6.20-feisty-security: released (2.6.20-16.31) [542a98d0809f0eccc5cf23ed402285e995e0b31e]

Modified: active/CVE-2007-3513
===================================================================
--- active/CVE-2007-3513	2007-08-31 18:13:25 UTC (rev 937)
+++ active/CVE-2007-3513	2007-08-31 18:13:47 UTC (rev 938)
@@ -16,4 +16,4 @@
 2.4.27-sarge-security: 
 2.6.15-dapper-security: released (2.6.15-28.57)
 2.6.17-edgy-security: released (2.6.17.1-12.40) [85816b5fa3476f3fcf7758a1bd338d69184085d7]
-2.6.20-feisty-security: pending (2.6.20-16.30) [165018c61779a357d33947a2ae169148b6ab8d9f]
+2.6.20-feisty-security: released (2.6.20-16.31) [165018c61779a357d33947a2ae169148b6ab8d9f]

Modified: active/CVE-2007-3642
===================================================================
--- active/CVE-2007-3642	2007-08-31 18:13:25 UTC (rev 937)
+++ active/CVE-2007-3642	2007-08-31 18:13:47 UTC (rev 938)
@@ -2,9 +2,18 @@
 References: 
  http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commitdiff;h=25845b5155b55cd77e42655ec24161ba3feffa47
  http://patchwork.netfilter.org/netfilter-devel/patch.pl?id=499
-Description: [NETFILTER]: nf_conntrack_h323: add checking of out-of-range on choices' index values
+Description:
+ The decode_choice function in net/netfilter/nf_conntrack_h323_asn1.c
+ in the Linux kernel before 2.6.20.15, 2.6.21.x before 2.6.21.6, and
+ before 2.6.22 allows remote attackers to cause a denial of service
+ (crash) via an encoded, out-of-range index value for a choice field,
+ which triggers a NULL pointer dereference.
 Ubuntu-Description: 
+ Zhongling Wen discovered that the h323 conntrack handler did not correctly
+ handle certain bitfields.  A remote attacker could send a specially crafted
+ packet and cause a denial of service.
 Notes: 
+ pkl> [NETFILTER]: nf_conntrack_h323: add checking of out-of-range on choices' index values
  dannf> file got renamed between 2.6.18 & 2.6.21
 Bugs: 
 upstream: 
@@ -14,4 +23,4 @@
 2.4.27-sarge-security: N/A
 2.6.15-dapper-security:  N/A - code doesn't seem to exist
 2.6.17-edgy-security: N/A - code doesn't seem to exist
-2.6.20-feisty-security: pending (2.6.20-16.30) [c411287f75b34e8cbeba8e7832c4cf1c235e8568]
+2.6.20-feisty-security: released (2.6.20-16.31) [c411287f75b34e8cbeba8e7832c4cf1c235e8568]

Modified: active/CVE-2007-3843
===================================================================
--- active/CVE-2007-3843	2007-08-31 18:13:25 UTC (rev 937)
+++ active/CVE-2007-3843	2007-08-31 18:13:47 UTC (rev 938)
@@ -7,6 +7,9 @@
  signatures, as demonstrated by lack of signing despite sec=ntlmv2i in
  a SetupAndX request.
 Ubuntu-Description: 
+ A flaw was discovered in the CIFS mount security checking.  Remote attackers
+ could spoof CIFS network traffic, which could lead a client to trust the
+ connection.
 Notes: 
 Bugs: 
 upstream: released (2.6.23-rc1)
@@ -14,6 +17,6 @@
 2.6.18-etch-security: pending (2.6.18.dfsg.1-13etch2) [bugfix/cifs-fix-sign-settings.patch]
 2.6.8-sarge-security: 
 2.4.27-sarge-security: 
-2.6.15-dapper-security: ignore (? code looks substantially different)
+2.6.15-dapper-security: ignore (code looks substantially different)
 2.6.17-edgy-security: ignore (code looks substantially different)
-2.6.20-feisty-security: pending (2.6.20-16.30)
+2.6.20-feisty-security: released (2.6.20-16.31)

Modified: active/CVE-2007-3848
===================================================================
--- active/CVE-2007-3848	2007-08-31 18:13:25 UTC (rev 937)
+++ active/CVE-2007-3848	2007-08-31 18:13:47 UTC (rev 938)
@@ -19,4 +19,4 @@
 2.4.27-sarge-security: needed
 2.6.15-dapper-security: released (2.6.15-29.58)
 2.6.17-edgy-security: released (2.6.17.1-12.40)
-2.6.20-feisty-security: pending (2.6.20-16.30)
+2.6.20-feisty-security: released (2.6.20-16.31)

Modified: active/CVE-2007-3851
===================================================================
--- active/CVE-2007-3851	2007-08-31 18:13:25 UTC (rev 937)
+++ active/CVE-2007-3851	2007-08-31 18:13:47 UTC (rev 938)
@@ -20,4 +20,4 @@
 2.4.27-sarge-security: N/A
 2.6.15-dapper-security: N/A 
 2.6.17-edgy-security: released (2.6.17.1-12.40) [cc8e06db0f30d589b1bc6d164fadb28631f638b1]
-2.6.20-feisty-security: pending (2.6.20-16.30) [d475e30926c7d8337bc3008f42cae01da740ee12]
+2.6.20-feisty-security: released (2.6.20-16.31) [d475e30926c7d8337bc3008f42cae01da740ee12]

Modified: active/CVE-2007-4308
===================================================================
--- active/CVE-2007-4308	2007-08-31 18:13:25 UTC (rev 937)
+++ active/CVE-2007-4308	2007-08-31 18:13:47 UTC (rev 938)
@@ -22,4 +22,4 @@
 2.4.27-sarge-security: needed
 2.6.15-dapper-security: released (2.6.15-29.58)
 2.6.17-edgy-security: released (2.6.17.1-12.40)
-2.6.20-feisty-security: pending (2.6.20-16.30)
+2.6.20-feisty-security: released (2.6.20-16.31)

More information about the kernel-sec-discuss mailing list