[kernel-sec-discuss] r843 - active ignored retired

keescook-guest at alioth.debian.org keescook-guest at alioth.debian.org
Thu May 31 20:54:49 UTC 2007 

Author: keescook-guest
Date: 2007-05-31 20:54:49 +0000 (Thu, 31 May 2007)
New Revision: 843

Added:
   ignored/CVE-2006-6058
Removed:
   retired/CVE-2006-6058
Modified:
   active/CVE-2007-1357
   active/CVE-2007-1388
   active/CVE-2007-1496
   active/CVE-2007-1497
   active/CVE-2007-1592
   active/CVE-2007-1730
   active/CVE-2007-2172
   active/CVE-2007-2451
   active/CVE-2007-2453
   ignored/CVE-2007-1217
Log:
updates for ubuntu releases

Modified: active/CVE-2007-1357
===================================================================
--- active/CVE-2007-1357	2007-05-30 16:10:49 UTC (rev 842)
+++ active/CVE-2007-1357	2007-05-31 20:54:49 UTC (rev 843)
@@ -18,6 +18,6 @@
 2.6.18-etch-security: released (2.6.18.dfsg.1-12etch1) [bugfix/appletalk-length-mismatch.patch, bugfix/appletalk-endianness-annotations.patch]
 2.6.8-sarge-security: pending (2.6.8-16sarge7) [appletalk-length-mismatch.dpatch, appletalk-endianness-annotations.dpatch]
 2.4.27-sarge-security: N/A
-2.6.15-dapper-security: pending (2.6.15-28.54)
-2.6.17-edgy-security: pending (2.6.17.1-11.38)
-2.6.20-feisty-security: pending (2.6.20-16.28)
+2.6.15-dapper-security: released (2.6.15-28.54)
+2.6.17-edgy-security: released (2.6.17.1-11.38)
+2.6.20-feisty-security: released (2.6.20-16.28)

Modified: active/CVE-2007-1388
===================================================================
--- active/CVE-2007-1388	2007-05-30 16:10:49 UTC (rev 842)
+++ active/CVE-2007-1388	2007-05-31 20:54:49 UTC (rev 843)
@@ -23,6 +23,6 @@
 2.6.18-etch-security: released (2.6.18.dfsg.1-12) [bugfix/ipv6_getsockopt_sticky-null-opt.patch]
 2.6.8-sarge-security: N/A
 2.4.27-sarge-security: N/A
-2.6.15-dapper-security: pending (2.6.15-28.54)
-2.6.17-edgy-security: pending (2.6.17.1-11.38)
-2.6.20-feisty-security: pending (2.6.20-16.28)
+2.6.15-dapper-security: released (2.6.15-28.54)
+2.6.17-edgy-security: released (2.6.17.1-11.38)
+2.6.20-feisty-security: released (2.6.20-16.28)

Modified: active/CVE-2007-1496
===================================================================
--- active/CVE-2007-1496	2007-05-30 16:10:49 UTC (rev 842)
+++ active/CVE-2007-1496	2007-05-31 20:54:49 UTC (rev 843)
@@ -19,6 +19,6 @@
 2.6.18-etch-security: released (2.6.18.dfsg.1-12etch2) [bugfix/nfnetlink_log-null-deref.patch]
 2.6.8-sarge-security: N/A
 2.4.27-sarge-security: N/A
-2.6.15-dapper-security: pending (2.6.15-28.53)
-2.6.17-edgy-security: pending (2.6.17.1-11.38)
+2.6.15-dapper-security: released (2.6.15-28.53)
+2.6.17-edgy-security: released (2.6.17.1-11.38)
 2.6.20-feisty-security: N/A

Modified: active/CVE-2007-1497
===================================================================
--- active/CVE-2007-1497	2007-05-30 16:10:49 UTC (rev 842)
+++ active/CVE-2007-1497	2007-05-31 20:54:49 UTC (rev 843)
@@ -22,6 +22,6 @@
 2.6.18-etch-security: released (2.6.18.dfsg.1-12etch2) [bugfix/nf_conntrack-set-nfctinfo.patch]
 2.6.8-sarge-security: 
 2.4.27-sarge-security: N/A
-2.6.15-dapper-security: pending (2.6.15-28.54)
-2.6.17-edgy-security: pending (2.6.17.1-11.38)
+2.6.15-dapper-security: released (2.6.15-28.54)
+2.6.17-edgy-security: released (2.6.17.1-11.38)
 2.6.20-feisty-security: N/A

Modified: active/CVE-2007-1592
===================================================================
--- active/CVE-2007-1592	2007-05-30 16:10:49 UTC (rev 842)
+++ active/CVE-2007-1592	2007-05-31 20:54:49 UTC (rev 843)
@@ -18,6 +18,6 @@
 2.6.18-etch-security: released (2.6.18.dfsg.1-12etch1) [bugfix/ipv6_fl_socklist-no-share.patch]
 2.6.8-sarge-security: pending (2.6.8-16sarge7) [ipv6_fl_socklist-no-share.dpatch]
 2.4.27-sarge-security: pending (2.4.27-10sarge6) [243_ipv6_fl_socklist-no-share.diff]
-2.6.15-dapper-security: pending (2.6.15-28.54)
-2.6.17-edgy-security: pending (2.6.17.1-11.38)
-2.6.20-feisty-security: pending (2.6.20-16.28)
+2.6.15-dapper-security: released (2.6.15-28.54)
+2.6.17-edgy-security: released (2.6.17.1-11.38)
+2.6.20-feisty-security: released (2.6.20-16.28)

Modified: active/CVE-2007-1730
===================================================================
--- active/CVE-2007-1730	2007-05-30 16:10:49 UTC (rev 842)
+++ active/CVE-2007-1730	2007-05-31 20:54:49 UTC (rev 843)
@@ -23,4 +23,4 @@
 2.4.27-sarge-security: N/A
 2.6.15-dapper-security: N/A
 2.6.17-edgy-security: N/A
-2.6.20-feisty-security: pending (2.6.20-16.28)
+2.6.20-feisty-security: released (2.6.20-16.28)

Modified: active/CVE-2007-2172
===================================================================
--- active/CVE-2007-2172	2007-05-30 16:10:49 UTC (rev 842)
+++ active/CVE-2007-2172	2007-05-31 20:54:49 UTC (rev 843)
@@ -19,6 +19,6 @@
 2.6.18-etch-security: needed
 2.6.8-sarge-security: 
 2.4.27-sarge-security: 
-2.6.15-dapper-security: pending (2.6.15-28.54)
-2.6.17-edgy-security: pending (2.6.17.1-11.38)
-2.6.20-feisty-security: pending (2.6.20-16.28)
+2.6.15-dapper-security: released (2.6.15-28.54)
+2.6.17-edgy-security: released (2.6.17.1-11.38)
+2.6.20-feisty-security: released (2.6.20-16.28)

Modified: active/CVE-2007-2451
===================================================================
--- active/CVE-2007-2451	2007-05-30 16:10:49 UTC (rev 842)
+++ active/CVE-2007-2451	2007-05-31 20:54:49 UTC (rev 843)
@@ -13,4 +13,4 @@
 2.4.27-sarge-security: N/A
 2.6.15-dapper-security: N/A
 2.6.17-edgy-security: N/A
-2.6.20-feisty-security: 
+2.6.20-feisty-security: needed

Modified: active/CVE-2007-2453
===================================================================
--- active/CVE-2007-2453	2007-05-30 16:10:49 UTC (rev 842)
+++ active/CVE-2007-2453	2007-05-31 20:54:49 UTC (rev 843)
@@ -11,6 +11,6 @@
 2.6.18-etch-security: 
 2.6.8-sarge-security: 
 2.4.27-sarge-security: 
-2.6.15-dapper-security: 
-2.6.17-edgy-security: 
-2.6.20-feisty-security: 
+2.6.15-dapper-security: needed
+2.6.17-edgy-security: needed
+2.6.20-feisty-security: needed

Copied: ignored/CVE-2006-6058 (from rev 842, retired/CVE-2006-6058)
===================================================================
--- ignored/CVE-2006-6058	                        (rev 0)
+++ ignored/CVE-2006-6058	2007-05-31 20:54:49 UTC (rev 843)
@@ -0,0 +1,26 @@
+Candidate: CVE-2006-6058
+References: 
+ MISC:http://projects.info-pull.com/mokb/MOKB-17-11-2006.html
+ FRSIRT:ADV-2006-4613
+ URL:http://www.frsirt.com/english/advisories/2006/4613
+ SECUNIA:23034
+ URL:http://secunia.com/advisories/23034 
+Description: 
+ The minix filesystem code in Linux kernel 2.6.x up to 2.6.18, and possibly
+ other versions, allows local users to cause a denial of service (hang) via a
+ malformed minix file stream that triggers an infinite loop in the minix_bmap
+ function. NOTE: this issue might be due to an integer overflow or signedness
+ error.
+Ubuntu-Description: 
+Notes: 
+ dannf> ignored for sarge for now - only applies under very rare circumstances
+        and don't know if there's an upstream fix
+ jmm> We can ignore this, it has no practical ramifications
+Bugs: 
+upstream: 
+linux-2.6: ignored
+2.6.18-etch-security: ignored
+2.6.8-sarge-security: ignored
+2.4.27-sarge-security: ignored
+2.6.15-dapper-security: needed
+2.6.17-edgy-security: needed

Modified: ignored/CVE-2007-1217
===================================================================
--- ignored/CVE-2007-1217	2007-05-30 16:10:49 UTC (rev 842)
+++ ignored/CVE-2007-1217	2007-05-31 20:54:49 UTC (rev 843)
@@ -1,6 +1,10 @@
 Candidate: CVE-2007-1217
 References: 
 Description: 
+ Buffer overflow in the bufprint function in capiutil.c in libcapi, as used
+ in Linux kernel 2.6.9 to 2.6.20 and isdn4k-utils, allows local users to
+ cause a denial of service (crash) and possibly gain privileges via a
+ crafted CAPI packet.
 Ubuntu-Description: 
 Notes: 
  jmm> Analysis by Karsten Keil (the Linux ISDN maintainer) pointed out, that this
@@ -18,6 +22,6 @@
 2.6.18-etch-security: ignored
 2.6.8-sarge-security: ignored
 2.4.27-sarge-security: ignored
-2.6.15-dapper-security: 
-2.6.17-edgy-security: 
-2.6.20-feisty-security: 
+2.6.15-dapper-security: ignored
+2.6.17-edgy-security: ignored
+2.6.20-feisty-security: ignored

Deleted: retired/CVE-2006-6058
===================================================================
--- retired/CVE-2006-6058	2007-05-30 16:10:49 UTC (rev 842)
+++ retired/CVE-2006-6058	2007-05-31 20:54:49 UTC (rev 843)
@@ -1,26 +0,0 @@
-Candidate: CVE-2006-6058
-References: 
- MISC:http://projects.info-pull.com/mokb/MOKB-17-11-2006.html
- FRSIRT:ADV-2006-4613
- URL:http://www.frsirt.com/english/advisories/2006/4613
- SECUNIA:23034
- URL:http://secunia.com/advisories/23034 
-Description: 
- The minix filesystem code in Linux kernel 2.6.x up to 2.6.18, and possibly
- other versions, allows local users to cause a denial of service (hang) via a
- malformed minix file stream that triggers an infinite loop in the minix_bmap
- function. NOTE: this issue might be due to an integer overflow or signedness
- error.
-Ubuntu-Description: 
-Notes: 
- dannf> ignored for sarge for now - only applies under very rare circumstances
-        and don't know if there's an upstream fix
- jmm> We can ignore this, it has no practical ramifications
-Bugs: 
-upstream: 
-linux-2.6: ignored
-2.6.18-etch-security: ignored
-2.6.8-sarge-security: ignored
-2.4.27-sarge-security: ignored
-2.6.15-dapper-security: needed
-2.6.17-edgy-security: needed

More information about the kernel-sec-discuss mailing list