[kernel-sec-discuss] r1073 - active
jmm at alioth.debian.org
jmm at alioth.debian.org
Thu Dec 27 17:46:11 UTC 2007
Author: jmm
Date: 2007-12-27 17:46:11 +0000 (Thu, 27 Dec 2007)
New Revision: 1073
Added:
active/CVE-2007-6151
Modified:
active/CVE-2007-3843
active/CVE-2007-4308
active/CVE-2007-4567
active/CVE-2007-4849
active/CVE-2007-6434
Log:
new issue
various updates
Modified: active/CVE-2007-3843
===================================================================
--- active/CVE-2007-3843 2007-12-23 12:39:21 UTC (rev 1072)
+++ active/CVE-2007-3843 2007-12-27 17:46:11 UTC (rev 1073)
@@ -13,7 +13,7 @@
Notes:
Bugs:
upstream: released (2.6.23-rc1)
-linux-2.6:
+linux-2.6: released (2.6.23-1)
2.6.18-etch-security: released (2.6.18.dfsg.1-13etch2) [bugfix/cifs-fix-sign-settings.patch]
2.6.8-sarge-security:
2.4.27-sarge-security:
Modified: active/CVE-2007-4308
===================================================================
--- active/CVE-2007-4308 2007-12-23 12:39:21 UTC (rev 1072)
+++ active/CVE-2007-4308 2007-12-27 17:46:11 UTC (rev 1073)
@@ -14,9 +14,9 @@
of service or gain privileges.
Notes:
jmm> 2.4.27 code is quite different, but appears vulnerable as well
-Bugs:
+Bugs: 443694
upstream: released (2.6.23-rc2)
-linux-2.6: needed
+linux-2.6: released (2.6.22-4)
2.6.18-etch-security: released (2.6.18.dfsg.1-13etch2) [bugfix/aacraid-ioctl-perm-check.patch]
2.6.8-sarge-security: pending (2.6.8-17sarge1) [aacraid-ioctl-perm-check.dpatch]
2.4.27-sarge-security: needed
Modified: active/CVE-2007-4567
===================================================================
--- active/CVE-2007-4567 2007-12-23 12:39:21 UTC (rev 1072)
+++ active/CVE-2007-4567 2007-12-27 17:46:11 UTC (rev 1073)
@@ -12,8 +12,8 @@
Notes:
kees> introduced in 2.6.20, fixed in 2.6.22
Bugs:
-upstream: pending (2.6.22.5)
-linux-2.6:
+upstream: released (2.6.22)
+linux-2.6: released (2.6.22-1)
2.6.18-etch-security: N/A
2.6.8-sarge-security: N/A
2.4.27-sarge-security: N/A
Modified: active/CVE-2007-4849
===================================================================
--- active/CVE-2007-4849 2007-12-23 12:39:21 UTC (rev 1072)
+++ active/CVE-2007-4849 2007-12-27 17:46:11 UTC (rev 1073)
@@ -16,9 +16,9 @@
Notes:
jmm> ACL support was introduced in 2.6.17 with commit aa98d7cf59b5b0764d3502662053489585faf2fe, marking
jmm> earlier Debian releases as N/A
-Bugs:
+Bugs: 442245
upstream: released (2.6.23-rc4)
-linux-2.6: needed
+linux-2.6: released (2.6.23-1)
2.6.18-etch-security: released (2.6.18.dfsg.1-13etch3) [bugfix/jffs2-ACL-vs-mode-handling.patch]
2.6.8-sarge-security: N/A
2.4.27-sarge-security: N/A
Added: active/CVE-2007-6151
===================================================================
--- active/CVE-2007-6151 (rev 0)
+++ active/CVE-2007-6151 2007-12-27 17:46:11 UTC (rev 1073)
@@ -0,0 +1,14 @@
+Candidate: CVE-2007-6151
+References:
+Description:
+Ubuntu-Description:
+Notes:
+Bugs:
+upstream:
+linux-2.6: released (2.6.23-2)
+2.6.18-etch-security:
+2.6.8-sarge-security:
+2.4.27-sarge-security:
+2.6.15-dapper-security:
+2.6.17-edgy-security:
+2.6.20-feisty-security:
Modified: active/CVE-2007-6434
===================================================================
--- active/CVE-2007-6434 2007-12-23 12:39:21 UTC (rev 1072)
+++ active/CVE-2007-6434 2007-12-27 17:46:11 UTC (rev 1073)
@@ -8,7 +8,7 @@
Ubuntu-Description:
Notes:
Bugs:
-upstream:
+upstream: released (2.6.24-rc5)
linux-2.6: released (2.6.23-2)
2.6.18-etch-security:
2.6.8-sarge-security:
More information about the kernel-sec-discuss
mailing list