[kernel-sec-discuss] r1022 - active ignored scripts

keescook-guest at alioth.debian.org keescook-guest at alioth.debian.org
Wed Nov 21 22:17:28 UTC 2007 

Author: keescook-guest
Date: 2007-11-21 22:17:28 +0000 (Wed, 21 Nov 2007)
New Revision: 1022

Modified:
   active/00boilerplate
   active/CVE-2004-2731
   active/CVE-2006-7229
   active/CVE-2007-0997
   active/CVE-2007-3379
   active/CVE-2007-3850
   active/CVE-2007-4133
   active/CVE-2007-4311
   active/CVE-2007-4567
   active/CVE-2007-4571
   active/CVE-2007-4574
   active/CVE-2007-4997
   active/CVE-2007-5093
   active/CVE-2007-5500
   active/CVE-2007-5501
   active/CVE-2007-5904
   active/CVE-2007-5908
   ignored/CVE-2006-6058
   scripts/ubuntu-table
Log:
Ubuntu CVE review

Modified: active/00boilerplate
===================================================================
--- active/00boilerplate	2007-11-19 14:55:20 UTC (rev 1021)
+++ active/00boilerplate	2007-11-21 22:17:28 UTC (rev 1022)
@@ -12,3 +12,4 @@
 2.6.15-dapper-security: 
 2.6.17-edgy-security: 
 2.6.20-feisty-security: 
+2.6.22-gutsy-security: 

Modified: active/CVE-2004-2731
===================================================================
--- active/CVE-2004-2731	2007-11-19 14:55:20 UTC (rev 1021)
+++ active/CVE-2004-2731	2007-11-21 22:17:28 UTC (rev 1022)
@@ -25,7 +25,7 @@
 2.6.18-etch-security: N/A
 2.6.8-sarge-security: N/A
 2.4.27-sarge-security: needed
-2.6.15-dapper-security: 
-2.6.17-edgy-security: 
-2.6.20-feisty-security: 
-	
\ No newline at end of file
+2.6.15-dapper-security: N/A
+2.6.17-edgy-security: N/A
+2.6.20-feisty-security: N/A
+2.6.22-gutsy-security: N/A

Modified: active/CVE-2006-7229
===================================================================
--- active/CVE-2006-7229	2007-11-19 14:55:20 UTC (rev 1021)
+++ active/CVE-2006-7229	2007-11-21 22:17:28 UTC (rev 1022)
@@ -1,4 +1,4 @@
-Candidate: CVE-2007-7229
+Candidate: CVE-2006-7229
 References: 
  https://bugs.launchpad.net/ubuntu/+source/linux-source-2.6.15/+bug/65631
 Description: 
@@ -11,6 +11,7 @@
 2.6.18-etch-security: N/A
 2.6.8-sarge-security: N/A
 2.4.27-sarge-security: N/A
-2.6.15-dapper-security: 
-2.6.17-edgy-security: 
-2.6.20-feisty-security: 
+2.6.15-dapper-security: needed
+2.6.17-edgy-security: N/A
+2.6.20-feisty-security: N/A
+2.6.22-gutsy-security: N/A

Modified: active/CVE-2007-0997
===================================================================
--- active/CVE-2007-0997	2007-11-19 14:55:20 UTC (rev 1021)
+++ active/CVE-2007-0997	2007-11-21 22:17:28 UTC (rev 1022)
@@ -17,6 +17,7 @@
 2.6.18-etch-security: N/A
 2.6.8-sarge-security: 
 2.4.27-sarge-security: 
-2.6.15-dapper-security: 
-2.6.17-edgy-security: 
-2.6.20-feisty-security: 
+2.6.15-dapper-security: N/A
+2.6.17-edgy-security: needed
+2.6.20-feisty-security: N/A
+2.6.22-gutsy-security: N/A

Modified: active/CVE-2007-3379
===================================================================
--- active/CVE-2007-3379	2007-11-19 14:55:20 UTC (rev 1021)
+++ active/CVE-2007-3379	2007-11-21 22:17:28 UTC (rev 1022)
@@ -11,6 +11,7 @@
 2.6.18-etch-security: N/A
 2.6.8-sarge-security: N/A
 2.4.27-sarge-security: N/A
-2.6.15-dapper-security: 
-2.6.17-edgy-security: 
-2.6.20-feisty-security: 
+2.6.15-dapper-security: N/A
+2.6.17-edgy-security: N/A
+2.6.20-feisty-security: N/A
+2.6.22-gutsy-security: N/A

Modified: active/CVE-2007-3850
===================================================================
--- active/CVE-2007-3850	2007-11-19 14:55:20 UTC (rev 1021)
+++ active/CVE-2007-3850	2007-11-21 22:17:28 UTC (rev 1022)
@@ -14,6 +14,7 @@
 2.6.18-etch-security: N/A
 2.6.8-sarge-security: N/A
 2.4.27-sarge-security: N/A
-2.6.15-dapper-security: 
-2.6.17-edgy-security: 
-2.6.20-feisty-security: 
+2.6.15-dapper-security: N/A
+2.6.17-edgy-security: N/A
+2.6.20-feisty-security: N/A
+2.6.22-gutsy-security: N/A

Modified: active/CVE-2007-4133
===================================================================
--- active/CVE-2007-4133	2007-11-19 14:55:20 UTC (rev 1021)
+++ active/CVE-2007-4133	2007-11-21 22:17:28 UTC (rev 1022)
@@ -12,6 +12,6 @@
 2.6.18-etch-security: released (2.6.18.dfsg.1-13etch4) [bugfix/hugetlb-prio_tree-unit-fix.patch]
 2.6.8-sarge-security: 
 2.4.27-sarge-security: N/A
-2.6.15-dapper-security: 
-2.6.17-edgy-security: 
-2.6.20-feisty-security: 
+2.6.15-dapper-security: needed
+2.6.17-edgy-security: needed
+2.6.20-feisty-security: N/A

Modified: active/CVE-2007-4311
===================================================================
--- active/CVE-2007-4311	2007-11-19 14:55:20 UTC (rev 1021)
+++ active/CVE-2007-4311	2007-11-21 22:17:28 UTC (rev 1022)
@@ -10,6 +10,6 @@
 2.6.18-etch-security: 
 2.6.8-sarge-security: 
 2.4.27-sarge-security: pending (2.4.27-10sarge6) [248_random-reseed-sizeof-fix.diff]
-2.6.15-dapper-security: 
-2.6.17-edgy-security: 
-2.6.20-feisty-security: 
+2.6.15-dapper-security: N/A
+2.6.17-edgy-security: N/A
+2.6.20-feisty-security: N/A

Modified: active/CVE-2007-4567
===================================================================
--- active/CVE-2007-4567	2007-11-19 14:55:20 UTC (rev 1021)
+++ active/CVE-2007-4567	2007-11-21 22:17:28 UTC (rev 1022)
@@ -15,3 +15,4 @@
 2.6.15-dapper-security: N/A
 2.6.17-edgy-security: N/A
 2.6.20-feisty-security: needed
+2.6.22-gutsy-security: N/A

Modified: active/CVE-2007-4571
===================================================================
--- active/CVE-2007-4571	2007-11-19 14:55:20 UTC (rev 1021)
+++ active/CVE-2007-4571	2007-11-21 22:17:28 UTC (rev 1022)
@@ -13,6 +13,7 @@
 2.6.18-etch-security: ignored (2.6.18.dfsg.1-13etch3)
 2.6.8-sarge-security: 
 2.4.27-sarge-security: 
-2.6.15-dapper-security: 
-2.6.17-edgy-security: 
-2.6.20-feisty-security: 
+2.6.15-dapper-security: needed
+2.6.17-edgy-security: needed
+2.6.20-feisty-security: needed
+2.6.22-gutsy-security: needed

Modified: active/CVE-2007-4574
===================================================================
--- active/CVE-2007-4574	2007-11-19 14:55:20 UTC (rev 1021)
+++ active/CVE-2007-4574	2007-11-21 22:17:28 UTC (rev 1022)
@@ -10,6 +10,6 @@
 2.6.18-etch-security: N/A
 2.6.8-sarge-security: N/A
 2.4.27-sarge-security: N/A
-2.6.15-dapper-security: 
-2.6.17-edgy-security: 
-2.6.20-feisty-security: 
+2.6.15-dapper-security: N/A
+2.6.17-edgy-security: N/A
+2.6.20-feisty-security: N/A

Modified: active/CVE-2007-4997
===================================================================
--- active/CVE-2007-4997	2007-11-19 14:55:20 UTC (rev 1021)
+++ active/CVE-2007-4997	2007-11-21 22:17:28 UTC (rev 1022)
@@ -1,5 +1,6 @@
 Candidate: CVE-2007-4997
 References: 
+ http://git.kernel.org/?p=linux/kernel/git/avi/kvm.git;a=commitdiff;h=04045f98e0457aba7d4e6736f37eed189c48a5f7
 Description: 
 Ubuntu-Description: 
 Notes: 
@@ -16,6 +17,6 @@
 2.6.18-etch-security: pending (2.6.18.dfsg.1-13etch5) [bugfix/ieee80211-underflow.patch]
 2.6.8-sarge-security: N/A
 2.4.27-sarge-security: N/A
-2.6.15-dapper-security: 
-2.6.17-edgy-security: 
-2.6.20-feisty-security: 
+2.6.15-dapper-security: needed
+2.6.17-edgy-security: needed
+2.6.20-feisty-security: needed

Modified: active/CVE-2007-5093
===================================================================
--- active/CVE-2007-5093	2007-11-19 14:55:20 UTC (rev 1021)
+++ active/CVE-2007-5093	2007-11-21 22:17:28 UTC (rev 1022)
@@ -1,5 +1,6 @@
 Candidate: CVE-2007-5093
 References: 
+ http://git.kernel.org/?p=linux/kernel/git/stable/linux-2.6-stable.git;a=commitdiff;h=852ffe0acf89f959e8d35080bbd2bdc2d8f2e9e5
  MLIST:20070902 Oops in pwc v4l driver
  URL:http://marc.info/?l=linux-kernel&m=118873457814808&w=2
  MLIST:20070903 Re: Oops in pwc v4l driver
@@ -22,6 +23,7 @@
 2.6.18-etch-security: released (2.6.18.dfsg.1-13etch4) [bugfix/usb-pwc-disconnect-block.patch]
 2.6.8-sarge-security: 
 2.4.27-sarge-security: 
-2.6.15-dapper-security: 
-2.6.17-edgy-security: 
-2.6.20-feisty-security: 
+2.6.15-dapper-security: needed
+2.6.17-edgy-security: needed
+2.6.20-feisty-security: needed
+2.6.20-gutsy-security: needed

Modified: active/CVE-2007-5500
===================================================================
--- active/CVE-2007-5500	2007-11-19 14:55:20 UTC (rev 1021)
+++ active/CVE-2007-5500	2007-11-21 22:17:28 UTC (rev 1022)
@@ -1,15 +1,18 @@
 Candidate: CVE-2007-5500
 References: 
+ http://git.kernel.org/?p=linux/kernel/git/stable/linux-2.6.23.y.git;a=commitdiff;h=36ef66c5d137b9a31fd8c35d236fb9e26ef74f97
 Description: 
  wait_task_stopped: Check p->exit_state instead of TASK_TRACED
 Ubuntu-Description: 
 Notes: 
+ kees> 2.6.15 does not actually lock up -- it just spins in userspace
 Bugs: 
 upstream: released (2.6.23.8)
 linux-2.6: 
 2.6.18-etch-security: 
 2.6.8-sarge-security: 
 2.4.27-sarge-security: 
-2.6.15-dapper-security: 
-2.6.17-edgy-security: 
-2.6.20-feisty-security: 
+2.6.15-dapper-security: needed
+2.6.17-edgy-security: needed
+2.6.20-feisty-security: needed
+2.6.22-gutsy-security: needed

Modified: active/CVE-2007-5501
===================================================================
--- active/CVE-2007-5501	2007-11-19 14:55:20 UTC (rev 1021)
+++ active/CVE-2007-5501	2007-11-21 22:17:28 UTC (rev 1022)
@@ -12,6 +12,7 @@
 2.6.18-etch-security: N/A
 2.6.8-sarge-security: N/A
 2.4.27-sarge-security: N/A
-2.6.15-dapper-security: 
-2.6.17-edgy-security: 
-2.6.20-feisty-security: 
+2.6.15-dapper-security: N/A
+2.6.17-edgy-security: N/A
+2.6.20-feisty-security: N/A
+2.6.22-gutsy-security: needed

Modified: active/CVE-2007-5904
===================================================================
--- active/CVE-2007-5904	2007-11-19 14:55:20 UTC (rev 1021)
+++ active/CVE-2007-5904	2007-11-21 22:17:28 UTC (rev 1022)
@@ -1,4 +1,4 @@
-Candidate: 
+Candidate: CVE-2007-5904
 References: 
 Description: 
 Ubuntu-Description: 
@@ -12,3 +12,4 @@
 2.6.15-dapper-security: 
 2.6.17-edgy-security: 
 2.6.20-feisty-security: 
+2.6.22-gutsy-security: 

Modified: active/CVE-2007-5908
===================================================================
--- active/CVE-2007-5908	2007-11-19 14:55:20 UTC (rev 1021)
+++ active/CVE-2007-5908	2007-11-21 22:17:28 UTC (rev 1022)
@@ -3,12 +3,14 @@
 Description: 
 Ubuntu-Description: 
 Notes: 
+ kees> this is not actually an exploitable security issue. there is no way to add clock sources that could trigger the overflow.
 Bugs: 
 upstream: 
 linux-2.6: 
 2.6.18-etch-security: 
 2.6.8-sarge-security: 
 2.4.27-sarge-security: 
-2.6.15-dapper-security: 
-2.6.17-edgy-security: 
-2.6.20-feisty-security: 
+2.6.15-dapper-security: N/A
+2.6.17-edgy-security: N/A
+2.6.20-feisty-security: N/A
+2.6.22-gutsy-security: N/A

Modified: ignored/CVE-2006-6058
===================================================================
--- ignored/CVE-2006-6058	2007-11-19 14:55:20 UTC (rev 1021)
+++ ignored/CVE-2006-6058	2007-11-21 22:17:28 UTC (rev 1022)
@@ -1,5 +1,6 @@
 Candidate: CVE-2006-6058
 References: 
+ http://git.kernel.org/?p=linux/kernel/git/stable/linux-2.6.23.y.git;a=commitdiff;h=f0ae3188daf70ed07a4dfbeb133bef3a92838a15
  MISC:http://projects.info-pull.com/mokb/MOKB-17-11-2006.html
  FRSIRT:ADV-2006-4613
  URL:http://www.frsirt.com/english/advisories/2006/4613
@@ -24,3 +25,5 @@
 2.4.27-sarge-security: ignored
 2.6.15-dapper-security: needed
 2.6.17-edgy-security: needed
+2.6.20-feisty-security: needed
+2.6.22-gutsy-security: needed

Modified: scripts/ubuntu-table
===================================================================
--- scripts/ubuntu-table	2007-11-19 14:55:20 UTC (rev 1021)
+++ scripts/ubuntu-table	2007-11-21 22:17:28 UTC (rev 1022)
@@ -25,7 +25,7 @@
     print format % rel.split('-')[1],
 print
 
-for cve in cves:
+for cve in sorted(cves):
     needed = 0
     released = 0
     action_required = 0

More information about the kernel-sec-discuss mailing list