[kernel-sec-discuss] r845 - active
keescook-guest at alioth.debian.org
keescook-guest at alioth.debian.org
Tue Jun 5 23:02:18 UTC 2007
Author: keescook-guest
Date: 2007-06-05 23:02:18 +0000 (Tue, 05 Jun 2007)
New Revision: 845
Modified:
active/CVE-2006-6060
active/CVE-2006-6921
active/CVE-2006-7203
active/CVE-2007-0771
active/CVE-2007-1353
active/CVE-2007-1734
active/CVE-2007-2242
active/CVE-2007-2451
active/CVE-2007-2453
active/CVE-2007-2480
Log:
Updated for ubuntu versions
Modified: active/CVE-2006-6060
===================================================================
--- active/CVE-2006-6060 2007-06-03 16:24:07 UTC (rev 844)
+++ active/CVE-2006-6060 2007-06-05 23:02:18 UTC (rev 845)
@@ -20,4 +20,4 @@
2.4.27-sarge-security:
2.6.15-dapper-security: needed
2.6.17-edgy-security: needed
-2.6.20-feisty-security:
+2.6.20-feisty-security: N/A
Modified: active/CVE-2006-6921
===================================================================
--- active/CVE-2006-6921 2007-06-03 16:24:07 UTC (rev 844)
+++ active/CVE-2006-6921 2007-06-05 23:02:18 UTC (rev 845)
@@ -17,6 +17,6 @@
2.6.18-etch-security: ignored (2.6.18.dfsg.1-12etch1)
2.6.8-sarge-security: ignored (2.6.8-16sarge7)
2.4.27-sarge-security: N/A
-2.6.15-dapper-security: needed
-2.6.17-edgy-security: needed
-2.6.20-feisty-security: needed
+2.6.15-dapper-security: ignored
+2.6.17-edgy-security: ignored
+2.6.20-feisty-security: ignored
Modified: active/CVE-2006-7203
===================================================================
--- active/CVE-2006-7203 2007-06-03 16:24:07 UTC (rev 844)
+++ active/CVE-2006-7203 2007-06-05 23:02:18 UTC (rev 845)
@@ -16,4 +16,4 @@
2.4.27-sarge-security:
2.6.15-dapper-security: needed
2.6.17-edgy-security: needed
-2.6.20-feisty-security: needed
+2.6.20-feisty-security: N/A
Modified: active/CVE-2007-0771
===================================================================
--- active/CVE-2007-0771 2007-06-03 16:24:07 UTC (rev 844)
+++ active/CVE-2007-0771 2007-06-05 23:02:18 UTC (rev 845)
@@ -10,6 +10,6 @@
2.6.18-etch-security: N/A
2.6.8-sarge-security: N/A
2.4.27-sarge-security: N/A
-2.6.15-dapper-security:
-2.6.17-edgy-security:
-2.6.20-feisty-security:
+2.6.15-dapper-security: N/A
+2.6.17-edgy-security: N/A
+2.6.20-feisty-security: N/A
Modified: active/CVE-2007-1353
===================================================================
--- active/CVE-2007-1353 2007-06-03 16:24:07 UTC (rev 844)
+++ active/CVE-2007-1353 2007-06-05 23:02:18 UTC (rev 845)
@@ -17,6 +17,6 @@
2.6.18-etch-security: pending (2.6.18.dfsg.1-12etch3) [bugfix/bluetooth-l2cap-hci-info-leaks.patch]
2.6.8-sarge-security:
2.4.27-sarge-security: pending (2.4.27-10sarge6) [244_bluetooth-l2cap-hci-info-leaks.diff]
-2.6.15-dapper-security:
-2.6.17-edgy-security:
-2.6.20-feisty-security:
+2.6.15-dapper-security: needed
+2.6.17-edgy-security: needed
+2.6.20-feisty-security: needed
Modified: active/CVE-2007-1734
===================================================================
--- active/CVE-2007-1734 2007-06-03 16:24:07 UTC (rev 844)
+++ active/CVE-2007-1734 2007-06-05 23:02:18 UTC (rev 845)
@@ -17,4 +17,4 @@
2.6.12-breezy-security: N/A
2.6.15-dapper-security: N/A
2.6.17-edgy-security: N/A
-2.6.20-feisty-security: needed
+2.6.20-feisty-security: published (linux-source-2.6.20-16.28)
Modified: active/CVE-2007-2242
===================================================================
--- active/CVE-2007-2242 2007-06-03 16:24:07 UTC (rev 844)
+++ active/CVE-2007-2242 2007-06-05 23:02:18 UTC (rev 845)
@@ -1,7 +1,15 @@
Candidate: CVE-2007-2242
References:
+ http://git.kernel.org/?p=linux/kernel/git/stable/linux-2.6.20.y.git;a=commit;h=010831ab8436dfd9304b203467566fb6b135c24f
+ http://git.kernel.org/?p=linux/kernel/git/stable/linux-2.6.20.y.git;a=commit;h=9d08f139275450f9366d85ba09b9a2e09bb33766
Description:
+ The IPv6 protocol allows remote attackers to cause a denial of service via
+ crafted IPv6 type 0 route headers (IPV6_RTHDR_TYPE_0) that create network
+ amplification between two routers.
Ubuntu-Description:
+ A flaw was discovered in the IPv6 stack's handling of type 0 route headers.
+ By sending a specially crafted IPv6 packet, a remote attacker could cause
+ a denial of service between two IPv6 hosts.
Notes:
dannf> Some info from Vlad Yasevich:
<vlad> dannf: is someone including commits 010831ab8436dfd9304b203467566fb6b135c24f and 9d08f139275450f9366d85ba09b9a2e09bb33766 (IPv6 routing header changes) in the debian kernel?
@@ -17,6 +25,6 @@
2.6.18-etch-security: pending (2.6.18.dfsg.1-12etch2) [bugfix/ipv6-disallow-RH0-by-default.patch]
2.6.8-sarge-security:
2.4.27-sarge-security:
-2.6.15-dapper-security:
-2.6.17-edgy-security:
-2.6.20-feisty-security:
+2.6.15-dapper-security: needed
+2.6.17-edgy-security: needed
+2.6.20-feisty-security: published (linux-source-2.6.20-16.28)
Modified: active/CVE-2007-2451
===================================================================
--- active/CVE-2007-2451 2007-06-03 16:24:07 UTC (rev 844)
+++ active/CVE-2007-2451 2007-06-05 23:02:18 UTC (rev 845)
@@ -13,4 +13,4 @@
2.4.27-sarge-security: N/A
2.6.15-dapper-security: N/A
2.6.17-edgy-security: N/A
-2.6.20-feisty-security: needed
+2.6.20-feisty-security: pending (linux-source-2.6.20-17.29)
Modified: active/CVE-2007-2453
===================================================================
--- active/CVE-2007-2453 2007-06-03 16:24:07 UTC (rev 844)
+++ active/CVE-2007-2453 2007-06-05 23:02:18 UTC (rev 845)
@@ -13,4 +13,4 @@
2.4.27-sarge-security:
2.6.15-dapper-security: needed
2.6.17-edgy-security: needed
-2.6.20-feisty-security: needed
+2.6.20-feisty-security: pending (linux-source-2.6.20-17.29)
Modified: active/CVE-2007-2480
===================================================================
--- active/CVE-2007-2480 2007-06-03 16:24:07 UTC (rev 844)
+++ active/CVE-2007-2480 2007-06-05 23:02:18 UTC (rev 845)
@@ -14,6 +14,6 @@
2.6.18-etch-security:
2.6.8-sarge-security:
2.4.27-sarge-security:
-2.6.15-dapper-security:
-2.6.17-edgy-security:
-2.6.20-feisty-security:
+2.6.15-dapper-security: needed
+2.6.17-edgy-security: needed
+2.6.20-feisty-security: needed
More information about the kernel-sec-discuss
mailing list