[kernel-sec-discuss] r1074 - active retired
jmm at alioth.debian.org
jmm at alioth.debian.org
Thu Dec 27 17:53:11 UTC 2007
Author: jmm
Date: 2007-12-27 17:53:11 +0000 (Thu, 27 Dec 2007)
New Revision: 1074
Added:
retired/CVE-2007-4567
retired/CVE-2007-4849
Removed:
active/CVE-2007-4567
active/CVE-2007-4849
Log:
retire two issues
Deleted: active/CVE-2007-4567
===================================================================
--- active/CVE-2007-4567 2007-12-27 17:46:11 UTC (rev 1073)
+++ active/CVE-2007-4567 2007-12-27 17:53:11 UTC (rev 1074)
@@ -1,23 +0,0 @@
-Candidate: CVE-2007-4567
-References:
- http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commitdiff;h=e76b2b2567b83448c2ee85a896433b96150c92e6
- http://bugzilla.kernel.org/show_bug.cgi?id=8450
-Description:
-Ubuntu-Description:
- Eric Sesterhenn and Victor Julien discovered that the hop-by-hop IPv6
- extended header was not correctly validated. If a system was configured
- for IPv6, a remote attacker could send a specially crafted IPv6 packet
- and cause the kernel to panic, leading to a denial of service. This
- was only vulnerable in Ubuntu 7.04.
-Notes:
- kees> introduced in 2.6.20, fixed in 2.6.22
-Bugs:
-upstream: released (2.6.22)
-linux-2.6: released (2.6.22-1)
-2.6.18-etch-security: N/A
-2.6.8-sarge-security: N/A
-2.4.27-sarge-security: N/A
-2.6.15-dapper-security: N/A
-2.6.17-edgy-security: N/A
-2.6.20-feisty-security: released (2.6.20-2.6.20-16.33)
-2.6.22-gutsy-security: N/A
Deleted: active/CVE-2007-4849
===================================================================
--- active/CVE-2007-4849 2007-12-27 17:46:11 UTC (rev 1073)
+++ active/CVE-2007-4849 2007-12-27 17:53:11 UTC (rev 1074)
@@ -1,28 +0,0 @@
-Candidate: CVE-2007-4849
-References:
- http://git.infradead.org/?p=mtd-2.6.git;a=commitdiff;h=9ed437c50d89eabae763dd422579f73fdebf288d
- http://lists.infradead.org/pipermail/linux-mtd-cvs/2007-August/005897.html
- http://dev.laptop.org/ticket/2732
- http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commitdiff;h=9ed437c50d89eabae763dd422579f73fdebf288d
-Description:
- JFFS2, as used on One Laptop Per Child (OLPC) build 542 and possibly other Linux
- systems, when POSIX ACL support is enabled, does not properly store permissions during
- (1) inode creation or (2) ACL setting, which might allow local users to access
- restricted files or directories after a remount of a filesystem, related to "legacy
- modes" and an inconsistency between dentry permissions and inode permissions.
-Ubuntu-Description:
- Permissions were not correctly stored on JFFS2 ACLs. For systems using
- ACLs on JFFS2, a local attacker may gain access to private files.
-Notes:
- jmm> ACL support was introduced in 2.6.17 with commit aa98d7cf59b5b0764d3502662053489585faf2fe, marking
- jmm> earlier Debian releases as N/A
-Bugs: 442245
-upstream: released (2.6.23-rc4)
-linux-2.6: released (2.6.23-1)
-2.6.18-etch-security: released (2.6.18.dfsg.1-13etch3) [bugfix/jffs2-ACL-vs-mode-handling.patch]
-2.6.8-sarge-security: N/A
-2.4.27-sarge-security: N/A
-2.6.15-dapper-security: N/A
-2.6.17-edgy-security: N/A
-2.6.20-feisty-security: released (2.6.20-16.33)
-2.6.22-gutsy-security: released (2.6.22-14.47)
Copied: retired/CVE-2007-4567 (from rev 1073, active/CVE-2007-4567)
===================================================================
--- retired/CVE-2007-4567 (rev 0)
+++ retired/CVE-2007-4567 2007-12-27 17:53:11 UTC (rev 1074)
@@ -0,0 +1,23 @@
+Candidate: CVE-2007-4567
+References:
+ http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commitdiff;h=e76b2b2567b83448c2ee85a896433b96150c92e6
+ http://bugzilla.kernel.org/show_bug.cgi?id=8450
+Description:
+Ubuntu-Description:
+ Eric Sesterhenn and Victor Julien discovered that the hop-by-hop IPv6
+ extended header was not correctly validated. If a system was configured
+ for IPv6, a remote attacker could send a specially crafted IPv6 packet
+ and cause the kernel to panic, leading to a denial of service. This
+ was only vulnerable in Ubuntu 7.04.
+Notes:
+ kees> introduced in 2.6.20, fixed in 2.6.22
+Bugs:
+upstream: released (2.6.22)
+linux-2.6: released (2.6.22-1)
+2.6.18-etch-security: N/A
+2.6.8-sarge-security: N/A
+2.4.27-sarge-security: N/A
+2.6.15-dapper-security: N/A
+2.6.17-edgy-security: N/A
+2.6.20-feisty-security: released (2.6.20-2.6.20-16.33)
+2.6.22-gutsy-security: N/A
Copied: retired/CVE-2007-4849 (from rev 1073, active/CVE-2007-4849)
===================================================================
--- retired/CVE-2007-4849 (rev 0)
+++ retired/CVE-2007-4849 2007-12-27 17:53:11 UTC (rev 1074)
@@ -0,0 +1,28 @@
+Candidate: CVE-2007-4849
+References:
+ http://git.infradead.org/?p=mtd-2.6.git;a=commitdiff;h=9ed437c50d89eabae763dd422579f73fdebf288d
+ http://lists.infradead.org/pipermail/linux-mtd-cvs/2007-August/005897.html
+ http://dev.laptop.org/ticket/2732
+ http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commitdiff;h=9ed437c50d89eabae763dd422579f73fdebf288d
+Description:
+ JFFS2, as used on One Laptop Per Child (OLPC) build 542 and possibly other Linux
+ systems, when POSIX ACL support is enabled, does not properly store permissions during
+ (1) inode creation or (2) ACL setting, which might allow local users to access
+ restricted files or directories after a remount of a filesystem, related to "legacy
+ modes" and an inconsistency between dentry permissions and inode permissions.
+Ubuntu-Description:
+ Permissions were not correctly stored on JFFS2 ACLs. For systems using
+ ACLs on JFFS2, a local attacker may gain access to private files.
+Notes:
+ jmm> ACL support was introduced in 2.6.17 with commit aa98d7cf59b5b0764d3502662053489585faf2fe, marking
+ jmm> earlier Debian releases as N/A
+Bugs: 442245
+upstream: released (2.6.23-rc4)
+linux-2.6: released (2.6.23-1)
+2.6.18-etch-security: released (2.6.18.dfsg.1-13etch3) [bugfix/jffs2-ACL-vs-mode-handling.patch]
+2.6.8-sarge-security: N/A
+2.4.27-sarge-security: N/A
+2.6.15-dapper-security: N/A
+2.6.17-edgy-security: N/A
+2.6.20-feisty-security: released (2.6.20-16.33)
+2.6.22-gutsy-security: released (2.6.22-14.47)
More information about the kernel-sec-discuss
mailing list