[kernel-sec-discuss] r1079 - active retired

jmm at alioth.debian.org jmm at alioth.debian.org
Sat Dec 29 15:19:04 UTC 2007 

Author: jmm
Date: 2007-12-29 15:19:04 +0000 (Sat, 29 Dec 2007)
New Revision: 1079

Added:
   retired/CVE-2007-3380
Removed:
   active/CVE-2007-3380
Log:
retire one more issue


Deleted: active/CVE-2007-3380
===================================================================
--- active/CVE-2007-3380	2007-12-29 15:18:32 UTC (rev 1078)
+++ active/CVE-2007-3380	2007-12-29 15:19:04 UTC (rev 1079)
@@ -1,21 +0,0 @@
-Candidate: CVE-2007-3380
-References: 
- https://www.redhat.com/archives/cluster-devel/2007-June/msg00213.html
-Description: 
-Ubuntu-Description: 
- A flaw was discovered in the cluster manager.  A remote attacker could
- connect to the DLM port and block further DLM operations.
-Notes: 
- dannf> Debian's 2.6.18 isn't affected, but the redhat-cluster package
-        may be.
- jmm> redhat-cluster doesn't appear affected neither, TCP connection code
-      not present. Fixed in git on 2007-07-09, marking 2.6.23 as fixed
-Bugs: 
-upstream: released (2.6.23)
-linux-2.6: released (2.6.23-1)
-2.6.18-etch-security: N/A
-2.6.8-sarge-security: N/A
-2.4.27-sarge-security: N/A
-2.6.15-dapper-security: released (2.6.15-28.57)
-2.6.17-edgy-security: N/A
-2.6.20-feisty-security: N/A

Copied: retired/CVE-2007-3380 (from rev 1078, active/CVE-2007-3380)
===================================================================
--- retired/CVE-2007-3380	                        (rev 0)
+++ retired/CVE-2007-3380	2007-12-29 15:19:04 UTC (rev 1079)
@@ -0,0 +1,21 @@
+Candidate: CVE-2007-3380
+References: 
+ https://www.redhat.com/archives/cluster-devel/2007-June/msg00213.html
+Description: 
+Ubuntu-Description: 
+ A flaw was discovered in the cluster manager.  A remote attacker could
+ connect to the DLM port and block further DLM operations.
+Notes: 
+ dannf> Debian's 2.6.18 isn't affected, but the redhat-cluster package
+        may be.
+ jmm> redhat-cluster doesn't appear affected neither, TCP connection code
+      not present. Fixed in git on 2007-07-09, marking 2.6.23 as fixed
+Bugs: 
+upstream: released (2.6.23)
+linux-2.6: released (2.6.23-1)
+2.6.18-etch-security: N/A
+2.6.8-sarge-security: N/A
+2.4.27-sarge-security: N/A
+2.6.15-dapper-security: released (2.6.15-28.57)
+2.6.17-edgy-security: N/A
+2.6.20-feisty-security: N/A

More information about the kernel-sec-discuss mailing list