[kernel-sec-discuss] r843 - active ignored retired
keescook-guest at alioth.debian.org
keescook-guest at alioth.debian.org
Thu May 31 20:54:49 UTC 2007
Author: keescook-guest
Date: 2007-05-31 20:54:49 +0000 (Thu, 31 May 2007)
New Revision: 843
Added:
ignored/CVE-2006-6058
Removed:
retired/CVE-2006-6058
Modified:
active/CVE-2007-1357
active/CVE-2007-1388
active/CVE-2007-1496
active/CVE-2007-1497
active/CVE-2007-1592
active/CVE-2007-1730
active/CVE-2007-2172
active/CVE-2007-2451
active/CVE-2007-2453
ignored/CVE-2007-1217
Log:
updates for ubuntu releases
Modified: active/CVE-2007-1357
===================================================================
--- active/CVE-2007-1357 2007-05-30 16:10:49 UTC (rev 842)
+++ active/CVE-2007-1357 2007-05-31 20:54:49 UTC (rev 843)
@@ -18,6 +18,6 @@
2.6.18-etch-security: released (2.6.18.dfsg.1-12etch1) [bugfix/appletalk-length-mismatch.patch, bugfix/appletalk-endianness-annotations.patch]
2.6.8-sarge-security: pending (2.6.8-16sarge7) [appletalk-length-mismatch.dpatch, appletalk-endianness-annotations.dpatch]
2.4.27-sarge-security: N/A
-2.6.15-dapper-security: pending (2.6.15-28.54)
-2.6.17-edgy-security: pending (2.6.17.1-11.38)
-2.6.20-feisty-security: pending (2.6.20-16.28)
+2.6.15-dapper-security: released (2.6.15-28.54)
+2.6.17-edgy-security: released (2.6.17.1-11.38)
+2.6.20-feisty-security: released (2.6.20-16.28)
Modified: active/CVE-2007-1388
===================================================================
--- active/CVE-2007-1388 2007-05-30 16:10:49 UTC (rev 842)
+++ active/CVE-2007-1388 2007-05-31 20:54:49 UTC (rev 843)
@@ -23,6 +23,6 @@
2.6.18-etch-security: released (2.6.18.dfsg.1-12) [bugfix/ipv6_getsockopt_sticky-null-opt.patch]
2.6.8-sarge-security: N/A
2.4.27-sarge-security: N/A
-2.6.15-dapper-security: pending (2.6.15-28.54)
-2.6.17-edgy-security: pending (2.6.17.1-11.38)
-2.6.20-feisty-security: pending (2.6.20-16.28)
+2.6.15-dapper-security: released (2.6.15-28.54)
+2.6.17-edgy-security: released (2.6.17.1-11.38)
+2.6.20-feisty-security: released (2.6.20-16.28)
Modified: active/CVE-2007-1496
===================================================================
--- active/CVE-2007-1496 2007-05-30 16:10:49 UTC (rev 842)
+++ active/CVE-2007-1496 2007-05-31 20:54:49 UTC (rev 843)
@@ -19,6 +19,6 @@
2.6.18-etch-security: released (2.6.18.dfsg.1-12etch2) [bugfix/nfnetlink_log-null-deref.patch]
2.6.8-sarge-security: N/A
2.4.27-sarge-security: N/A
-2.6.15-dapper-security: pending (2.6.15-28.53)
-2.6.17-edgy-security: pending (2.6.17.1-11.38)
+2.6.15-dapper-security: released (2.6.15-28.53)
+2.6.17-edgy-security: released (2.6.17.1-11.38)
2.6.20-feisty-security: N/A
Modified: active/CVE-2007-1497
===================================================================
--- active/CVE-2007-1497 2007-05-30 16:10:49 UTC (rev 842)
+++ active/CVE-2007-1497 2007-05-31 20:54:49 UTC (rev 843)
@@ -22,6 +22,6 @@
2.6.18-etch-security: released (2.6.18.dfsg.1-12etch2) [bugfix/nf_conntrack-set-nfctinfo.patch]
2.6.8-sarge-security:
2.4.27-sarge-security: N/A
-2.6.15-dapper-security: pending (2.6.15-28.54)
-2.6.17-edgy-security: pending (2.6.17.1-11.38)
+2.6.15-dapper-security: released (2.6.15-28.54)
+2.6.17-edgy-security: released (2.6.17.1-11.38)
2.6.20-feisty-security: N/A
Modified: active/CVE-2007-1592
===================================================================
--- active/CVE-2007-1592 2007-05-30 16:10:49 UTC (rev 842)
+++ active/CVE-2007-1592 2007-05-31 20:54:49 UTC (rev 843)
@@ -18,6 +18,6 @@
2.6.18-etch-security: released (2.6.18.dfsg.1-12etch1) [bugfix/ipv6_fl_socklist-no-share.patch]
2.6.8-sarge-security: pending (2.6.8-16sarge7) [ipv6_fl_socklist-no-share.dpatch]
2.4.27-sarge-security: pending (2.4.27-10sarge6) [243_ipv6_fl_socklist-no-share.diff]
-2.6.15-dapper-security: pending (2.6.15-28.54)
-2.6.17-edgy-security: pending (2.6.17.1-11.38)
-2.6.20-feisty-security: pending (2.6.20-16.28)
+2.6.15-dapper-security: released (2.6.15-28.54)
+2.6.17-edgy-security: released (2.6.17.1-11.38)
+2.6.20-feisty-security: released (2.6.20-16.28)
Modified: active/CVE-2007-1730
===================================================================
--- active/CVE-2007-1730 2007-05-30 16:10:49 UTC (rev 842)
+++ active/CVE-2007-1730 2007-05-31 20:54:49 UTC (rev 843)
@@ -23,4 +23,4 @@
2.4.27-sarge-security: N/A
2.6.15-dapper-security: N/A
2.6.17-edgy-security: N/A
-2.6.20-feisty-security: pending (2.6.20-16.28)
+2.6.20-feisty-security: released (2.6.20-16.28)
Modified: active/CVE-2007-2172
===================================================================
--- active/CVE-2007-2172 2007-05-30 16:10:49 UTC (rev 842)
+++ active/CVE-2007-2172 2007-05-31 20:54:49 UTC (rev 843)
@@ -19,6 +19,6 @@
2.6.18-etch-security: needed
2.6.8-sarge-security:
2.4.27-sarge-security:
-2.6.15-dapper-security: pending (2.6.15-28.54)
-2.6.17-edgy-security: pending (2.6.17.1-11.38)
-2.6.20-feisty-security: pending (2.6.20-16.28)
+2.6.15-dapper-security: released (2.6.15-28.54)
+2.6.17-edgy-security: released (2.6.17.1-11.38)
+2.6.20-feisty-security: released (2.6.20-16.28)
Modified: active/CVE-2007-2451
===================================================================
--- active/CVE-2007-2451 2007-05-30 16:10:49 UTC (rev 842)
+++ active/CVE-2007-2451 2007-05-31 20:54:49 UTC (rev 843)
@@ -13,4 +13,4 @@
2.4.27-sarge-security: N/A
2.6.15-dapper-security: N/A
2.6.17-edgy-security: N/A
-2.6.20-feisty-security:
+2.6.20-feisty-security: needed
Modified: active/CVE-2007-2453
===================================================================
--- active/CVE-2007-2453 2007-05-30 16:10:49 UTC (rev 842)
+++ active/CVE-2007-2453 2007-05-31 20:54:49 UTC (rev 843)
@@ -11,6 +11,6 @@
2.6.18-etch-security:
2.6.8-sarge-security:
2.4.27-sarge-security:
-2.6.15-dapper-security:
-2.6.17-edgy-security:
-2.6.20-feisty-security:
+2.6.15-dapper-security: needed
+2.6.17-edgy-security: needed
+2.6.20-feisty-security: needed
Copied: ignored/CVE-2006-6058 (from rev 842, retired/CVE-2006-6058)
===================================================================
--- ignored/CVE-2006-6058 (rev 0)
+++ ignored/CVE-2006-6058 2007-05-31 20:54:49 UTC (rev 843)
@@ -0,0 +1,26 @@
+Candidate: CVE-2006-6058
+References:
+ MISC:http://projects.info-pull.com/mokb/MOKB-17-11-2006.html
+ FRSIRT:ADV-2006-4613
+ URL:http://www.frsirt.com/english/advisories/2006/4613
+ SECUNIA:23034
+ URL:http://secunia.com/advisories/23034
+Description:
+ The minix filesystem code in Linux kernel 2.6.x up to 2.6.18, and possibly
+ other versions, allows local users to cause a denial of service (hang) via a
+ malformed minix file stream that triggers an infinite loop in the minix_bmap
+ function. NOTE: this issue might be due to an integer overflow or signedness
+ error.
+Ubuntu-Description:
+Notes:
+ dannf> ignored for sarge for now - only applies under very rare circumstances
+ and don't know if there's an upstream fix
+ jmm> We can ignore this, it has no practical ramifications
+Bugs:
+upstream:
+linux-2.6: ignored
+2.6.18-etch-security: ignored
+2.6.8-sarge-security: ignored
+2.4.27-sarge-security: ignored
+2.6.15-dapper-security: needed
+2.6.17-edgy-security: needed
Modified: ignored/CVE-2007-1217
===================================================================
--- ignored/CVE-2007-1217 2007-05-30 16:10:49 UTC (rev 842)
+++ ignored/CVE-2007-1217 2007-05-31 20:54:49 UTC (rev 843)
@@ -1,6 +1,10 @@
Candidate: CVE-2007-1217
References:
Description:
+ Buffer overflow in the bufprint function in capiutil.c in libcapi, as used
+ in Linux kernel 2.6.9 to 2.6.20 and isdn4k-utils, allows local users to
+ cause a denial of service (crash) and possibly gain privileges via a
+ crafted CAPI packet.
Ubuntu-Description:
Notes:
jmm> Analysis by Karsten Keil (the Linux ISDN maintainer) pointed out, that this
@@ -18,6 +22,6 @@
2.6.18-etch-security: ignored
2.6.8-sarge-security: ignored
2.4.27-sarge-security: ignored
-2.6.15-dapper-security:
-2.6.17-edgy-security:
-2.6.20-feisty-security:
+2.6.15-dapper-security: ignored
+2.6.17-edgy-security: ignored
+2.6.20-feisty-security: ignored
Deleted: retired/CVE-2006-6058
===================================================================
--- retired/CVE-2006-6058 2007-05-30 16:10:49 UTC (rev 842)
+++ retired/CVE-2006-6058 2007-05-31 20:54:49 UTC (rev 843)
@@ -1,26 +0,0 @@
-Candidate: CVE-2006-6058
-References:
- MISC:http://projects.info-pull.com/mokb/MOKB-17-11-2006.html
- FRSIRT:ADV-2006-4613
- URL:http://www.frsirt.com/english/advisories/2006/4613
- SECUNIA:23034
- URL:http://secunia.com/advisories/23034
-Description:
- The minix filesystem code in Linux kernel 2.6.x up to 2.6.18, and possibly
- other versions, allows local users to cause a denial of service (hang) via a
- malformed minix file stream that triggers an infinite loop in the minix_bmap
- function. NOTE: this issue might be due to an integer overflow or signedness
- error.
-Ubuntu-Description:
-Notes:
- dannf> ignored for sarge for now - only applies under very rare circumstances
- and don't know if there's an upstream fix
- jmm> We can ignore this, it has no practical ramifications
-Bugs:
-upstream:
-linux-2.6: ignored
-2.6.18-etch-security: ignored
-2.6.8-sarge-security: ignored
-2.4.27-sarge-security: ignored
-2.6.15-dapper-security: needed
-2.6.17-edgy-security: needed
More information about the kernel-sec-discuss
mailing list