[kernel-sec-discuss] r708 - active

Tue Feb 27 18:02:40 CET 2007

Author: dannf
Date: 2007-02-27 18:02:39 +0100 (Tue, 27 Feb 2007)
New Revision: 708

Modified:
   active/CVE-2006-5757
   active/CVE-2006-6060
Log:
update debian status

Modified: active/CVE-2006-5757
===================================================================

--- active/CVE-2006-5757	2007-02-27 07:13:54 UTC (rev 707)
+++ active/CVE-2006-5757	2007-02-27 17:02:39 UTC (rev 708)
@@ -14,11 +14,13 @@
 Notes: 
  http://projects.info-pull.com/mokb/MOKB-05-11-2006.html
  http://projects.info-pull.com/mokb/MOKB-19-11-2006.html
+ dannf> Tried the MOKB-05-11-2006 reproducer on 2.4.27/ia64 & no
+ dannf> infinite loop was triggered
 Bugs: 
 upstream: released (2.6.19-rc2)
-linux-2.6: 
-2.6.18-etch-security: needed
-2.6.8-sarge-security: needed
+linux-2.6: released (2.6.18.dfsg.1-10) [2.6.16.38]
+2.6.18-etch-security: released (2.6.18.dfsg.1-10) [2.6.16.38]
+2.6.8-sarge-security: pending (2.6.8-16sarge7) [__find_get_block_slow-race.dpatch]
 2.4.27-sarge-security:
 2.6.12-breezy-security: released (2.6.12-10.43)
 2.6.15-dapper-security: released (2.6.15-28.51)

Modified: active/CVE-2006-6060
===================================================================
--- active/CVE-2006-6060	2007-02-27 07:13:54 UTC (rev 707)
+++ active/CVE-2006-6060	2007-02-27 17:02:39 UTC (rev 708)
@@ -10,11 +10,13 @@
 Notes: 
  fixed by patch for CVE-2006-5757 since the bug is in the common
  __find_get_block_slow() function.
+ dannf> I mounted the reproducer fs on an ia64/2.4.27 system and though
+ dannf> it didn't cause an infinite loop, the system did lock up hard
 Bugs: 
 upstream: 
-linux-2.6: 
-2.6.18-etch-security: 
-2.6.8-sarge-security: needed
+linux-2.6: released (2.6.18.dfsg.1-10) [2.6.16.38]
+2.6.18-etch-security: released (2.6.18.dfsg.1-10) [2.6.16.38]
+2.6.8-sarge-security: pending (2.6.8-16sarge7) [__find_get_block_slow-race.dpatch]
 2.4.27-sarge-security: 
 2.6.12-breezy-security: needed
 2.6.15-dapper-security: needed


