[kernel-sec-discuss] r821 - active scripts
keescook-guest at alioth.debian.org
keescook-guest at alioth.debian.org
Tue May 15 18:51:27 UTC 2007
Author: keescook-guest
Date: 2007-05-15 18:51:27 +0000 (Tue, 15 May 2007)
New Revision: 821
Modified:
active/CVE-2006-6060
active/CVE-2006-6106
active/CVE-2006-6921
active/CVE-2006-7203
active/CVE-2007-0005
active/CVE-2007-1000
active/CVE-2007-1592
active/CVE-2007-1734
active/CVE-2007-1861
scripts/ubuntu-todo
Log:
update active CVEs for ubuntu
Modified: active/CVE-2006-6060
===================================================================
--- active/CVE-2006-6060 2007-05-14 19:26:42 UTC (rev 820)
+++ active/CVE-2006-6060 2007-05-15 18:51:27 UTC (rev 821)
@@ -20,3 +20,4 @@
2.4.27-sarge-security:
2.6.15-dapper-security: needed
2.6.17-edgy-security: needed
+2.6.20-feisty-security:
Modified: active/CVE-2006-6106
===================================================================
--- active/CVE-2006-6106 2007-05-14 19:26:42 UTC (rev 820)
+++ active/CVE-2006-6106 2007-05-15 18:51:27 UTC (rev 821)
@@ -15,7 +15,7 @@
messages, a remote attacker could exploit these to crash the kernel.
Notes:
Bugs:
-upstream: released (2.6.33.5), released (2.6.18.6)
+upstream: released (2.4.33.5), released (2.6.18.6)
linux-2.6: released (2.6.18.dfsg.1-9) [2.6.18.6]
2.6.18-etch-security: released (2.6.18.dfsg.1-9) [2.6.18.6]
2.6.8-sarge-security: pending (2.6.8-16sarge7) [bluetooth-capi-size-checks.dpatch]
Modified: active/CVE-2006-6921
===================================================================
--- active/CVE-2006-6921 2007-05-14 19:26:42 UTC (rev 820)
+++ active/CVE-2006-6921 2007-05-15 18:51:27 UTC (rev 821)
@@ -19,3 +19,4 @@
2.4.27-sarge-security: N/A
2.6.15-dapper-security: needed
2.6.17-edgy-security: needed
+2.6.20-feisty-security: needed
Modified: active/CVE-2006-7203
===================================================================
--- active/CVE-2006-7203 2007-05-14 19:26:42 UTC (rev 820)
+++ active/CVE-2006-7203 2007-05-15 18:51:27 UTC (rev 821)
@@ -2,6 +2,10 @@
References:
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commitdiff_plain;h=822191a2fa1584a29c3224ab328507adcaeac1ab
Description:
+ The compat_sys_mount function in fs/compat.c in Linux kernel 2.6.20
+ and earlier allows local users to cause a denial of service (NULL
+ pointer dereference and oops) by mounting a smbfs file system in
+ compatibility mode ("mount -t smbfs").
Ubuntu-Description:
Notes:
Bugs:
@@ -10,6 +14,6 @@
2.6.18-etch-security:
2.6.8-sarge-security:
2.4.27-sarge-security:
-2.6.15-dapper-security:
-2.6.17-edgy-security:
-2.6.20-feisty-security:
+2.6.15-dapper-security: needed
+2.6.17-edgy-security: needed
+2.6.20-feisty-security: needed
Modified: active/CVE-2007-0005
===================================================================
--- active/CVE-2007-0005 2007-05-14 19:26:42 UTC (rev 820)
+++ active/CVE-2007-0005 2007-05-15 18:51:27 UTC (rev 821)
@@ -17,4 +17,4 @@
2.4.27-sarge-security: N/A
2.6.15-dapper-security: needed
2.6.17-edgy-security: needed
-2.6.20-feisty-security: needed
+2.6.20-feisty-security: N/A
Modified: active/CVE-2007-1000
===================================================================
--- active/CVE-2007-1000 2007-05-14 19:26:42 UTC (rev 820)
+++ active/CVE-2007-1000 2007-05-15 18:51:27 UTC (rev 821)
@@ -17,4 +17,4 @@
2.4.27-sarge-security: N/A
2.6.15-dapper-security: needed
2.6.17-edgy-security: needed
-2.6.20-feisty-security: needed
+2.6.20-feisty-security: N/A
Modified: active/CVE-2007-1592
===================================================================
--- active/CVE-2007-1592 2007-05-14 19:26:42 UTC (rev 820)
+++ active/CVE-2007-1592 2007-05-15 18:51:27 UTC (rev 821)
@@ -20,4 +20,4 @@
2.4.27-sarge-security: pending (2.4.27-10sarge6) [243_ipv6_fl_socklist-no-share.diff]
2.6.15-dapper-security: pending (2.6.15-28.54)
2.6.17-edgy-security: needed
-2.6.20-edgy-security: needed
+2.6.20-feisty-security: needed
Modified: active/CVE-2007-1734
===================================================================
--- active/CVE-2007-1734 2007-05-14 19:26:42 UTC (rev 820)
+++ active/CVE-2007-1734 2007-05-15 18:51:27 UTC (rev 821)
@@ -14,6 +14,7 @@
2.6.18-etch-security: N/A
2.6.8-sarge-security: N/A
2.4.27-sarge-security: N/A
-2.6.12-breezy-security:
-2.6.15-dapper-security:
-2.6.17-edgy-security:
+2.6.12-breezy-security: N/A
+2.6.15-dapper-security: N/A
+2.6.17-edgy-security: N/A
+2.6.20-feisty-security: needed
Modified: active/CVE-2007-1861
===================================================================
--- active/CVE-2007-1861 2007-05-14 19:26:42 UTC (rev 820)
+++ active/CVE-2007-1861 2007-05-15 18:51:27 UTC (rev 821)
@@ -13,5 +13,6 @@
2.6.8-sarge-security: N/A
2.4.27-sarge-security: N/A
2.6.12-breezy-security: N/A
-2.6.15-dapper-security:
-2.6.17-edgy-security:
+2.6.15-dapper-security: needed
+2.6.17-edgy-security: needed
+2.6.20-feisty-security: needed
Modified: scripts/ubuntu-todo
===================================================================
--- scripts/ubuntu-todo 2007-05-14 19:26:42 UTC (rev 820)
+++ scripts/ubuntu-todo 2007-05-15 18:51:27 UTC (rev 821)
@@ -1,2 +1,2 @@
#!/bin/sh -e
-egrep '(hoary|breezy|dapper|edgy|feisty).*(needed|pending)' *
+egrep '(hoary|breezy|dapper|edgy|feisty).*: *(needed|pending|$)' CVE-*
More information about the kernel-sec-discuss
mailing list