[kernel-sec-discuss] r723 - active
Dann Frazier
dannf at alioth.debian.org
Sat Mar 31 20:53:39 UTC 2007
Author: dannf
Date: 2007-03-31 20:53:39 +0000 (Sat, 31 Mar 2007)
New Revision: 723
Modified:
active/CVE-2005-4811
Log:
Update sarge/upstream status.
Ubuntu folks: note that the estimated upstream release w/ this fix was not
2.6.11/2.6.12 as noted, rather it wasn't fixed until 2.6.13.
If the breezy status was based on this, you might take another
look... (then again, is breezy still supported?)
Modified: active/CVE-2005-4811
===================================================================
--- active/CVE-2005-4811 2007-03-21 08:15:14 UTC (rev 722)
+++ active/CVE-2005-4811 2007-03-31 20:53:39 UTC (rev 723)
@@ -10,11 +10,13 @@
- Pretty old fix, applied upstream in 2.6.11 or 2.6.12.
- 2.6.10 and older have function in arch-specific
arch/*/mm/hugetlbpage.c, thus requires some manual porting work
+ dannf> In Debian's 2.4.27, the only existance of this function is in
+ ia64 code, which already has the proper check
Bugs:
-upstream:
-linux-2.6:
-2.6.8-sarge-security: needed
-2.4.27-sarge-security: needed
+upstream: released (2.6.13)
+linux-2.6: released (2.6.13-1)
+2.6.8-sarge-security: pending (2.6.8-16sarge7) [unmap_hugepage_area-check-null-pte.dpatch]
+2.4.27-sarge-security: N/A
2.6.12-breezy-security: released
2.6.15-dapper-security: released
2.6.17-edgy: released
More information about the kernel-sec-discuss
mailing list