[kernel-sec-discuss] r867 - active
jmm at alioth.debian.org
jmm at alioth.debian.org
Thu Jun 21 13:23:58 UTC 2007
Author: jmm
Date: 2007-06-21 13:23:58 +0000 (Thu, 21 Jun 2007)
New Revision: 867
Modified:
active/CVE-2007-1353
Log:
fix fox CVE-2007-1353 now merged upstream
Modified: active/CVE-2007-1353
===================================================================
--- active/CVE-2007-1353 2007-06-21 13:00:25 UTC (rev 866)
+++ active/CVE-2007-1353 2007-06-21 13:23:58 UTC (rev 867)
@@ -13,9 +13,10 @@
Ilja van Sprundel discovered that Bluetooth setsockopt calls could leak
kernel memory contents via an uninitialized stack buffer. A local
attacker could exploit this flaw to view sensitive kernel information.
-Notes:
+Notes:
+ jmm> This was fixed in git on 2007-05-04, marking 2.6.22 as fixed version
Bugs:
-upstream:
+upstream: pending (2.6.22)
linux-2.6:
2.6.18-etch-security: pending (2.6.18.dfsg.1-12etch3) [bugfix/bluetooth-l2cap-hci-info-leaks.patch]
2.6.8-sarge-security:
More information about the kernel-sec-discuss
mailing list