[kernel-sec-discuss] r1024 - active scripts

Thu Nov 22 02:41:43 UTC 2007

Author: keescook-guest
Date: 2007-11-22 02:41:43 +0000 (Thu, 22 Nov 2007)
New Revision: 1024

Modified:
   active/CVE-2006-6058
   active/CVE-2006-7229
   active/CVE-2007-0997
   active/CVE-2007-2480
   active/CVE-2007-4133
   active/CVE-2007-4567
   active/CVE-2007-4571
   active/CVE-2007-4849
   active/CVE-2007-4997
   active/CVE-2007-5093
   active/CVE-2007-5500
   active/CVE-2007-5501
   scripts/ubuntu-table
Log:
ubuntu kernels pending

Modified: active/CVE-2006-6058
===================================================================

--- active/CVE-2006-6058	2007-11-21 22:17:58 UTC (rev 1023)
+++ active/CVE-2006-6058	2007-11-22 02:41:43 UTC (rev 1024)
@@ -23,7 +23,7 @@
 2.6.18-etch-security: ignored
 2.6.8-sarge-security: ignored
 2.4.27-sarge-security: ignored
-2.6.15-dapper-security: needed
-2.6.17-edgy-security: needed
-2.6.20-feisty-security: needed
-2.6.22-gutsy-security: needed
+2.6.15-dapper-security: pending (2.6.15-29.61)
+2.6.17-edgy-security: pending (2.6.17.1-12.42)
+2.6.20-feisty-security: pending (2.6.20-16.33)
+2.6.22-gutsy-security: pending (2.6.22-14.47)

Modified: active/CVE-2006-7229
===================================================================
--- active/CVE-2006-7229	2007-11-21 22:17:58 UTC (rev 1023)
+++ active/CVE-2006-7229	2007-11-22 02:41:43 UTC (rev 1024)
@@ -11,7 +11,7 @@
 2.6.18-etch-security: N/A
 2.6.8-sarge-security: N/A
 2.4.27-sarge-security: N/A
-2.6.15-dapper-security: needed
+2.6.15-dapper-security: pending (2.6.15-29.61)
 2.6.17-edgy-security: N/A
 2.6.20-feisty-security: N/A
 2.6.22-gutsy-security: N/A

Modified: active/CVE-2007-0997
===================================================================
--- active/CVE-2007-0997	2007-11-21 22:17:58 UTC (rev 1023)
+++ active/CVE-2007-0997	2007-11-22 02:41:43 UTC (rev 1024)
@@ -12,12 +12,12 @@
 Notes: 
  jmm> commit aadd06e5c56b9ff5117ec77e59eada43dc46e2fc
 Bugs: 
-upstream: released (2.6.18)
+upstream: released (2.6.18), release (2.6.17.7)
 linux-2.6: released (2.6.18-1)
 2.6.18-etch-security: N/A
 2.6.8-sarge-security: 
 2.4.27-sarge-security: 
 2.6.15-dapper-security: N/A
-2.6.17-edgy-security: needed
+2.6.17-edgy-security: N/A
 2.6.20-feisty-security: N/A
 2.6.22-gutsy-security: N/A

Modified: active/CVE-2007-2480
===================================================================
--- active/CVE-2007-2480	2007-11-21 22:17:58 UTC (rev 1023)
+++ active/CVE-2007-2480	2007-11-22 02:41:43 UTC (rev 1024)
@@ -19,3 +19,4 @@
 2.6.15-dapper-security: needed (needs backporting)
 2.6.17-edgy-security: needed (needs backporting)
 2.6.20-feisty-security: needed
+2.6.22-gutsy-security: N/A

Modified: active/CVE-2007-4133
===================================================================
--- active/CVE-2007-4133	2007-11-21 22:17:58 UTC (rev 1023)
+++ active/CVE-2007-4133	2007-11-22 02:41:43 UTC (rev 1024)
@@ -12,6 +12,7 @@
 2.6.18-etch-security: released (2.6.18.dfsg.1-13etch4) [bugfix/hugetlb-prio_tree-unit-fix.patch]
 2.6.8-sarge-security: 
 2.4.27-sarge-security: N/A
-2.6.15-dapper-security: needed
-2.6.17-edgy-security: needed
+2.6.15-dapper-security: pending (2.6.15-29.61)
+2.6.17-edgy-security: pending (2.6.17.1-12.42)
 2.6.20-feisty-security: N/A
+2.6.22-gutsy-security: N/A

Modified: active/CVE-2007-4567
===================================================================
--- active/CVE-2007-4567	2007-11-21 22:17:58 UTC (rev 1023)
+++ active/CVE-2007-4567	2007-11-22 02:41:43 UTC (rev 1024)
@@ -1,6 +1,6 @@
 Candidate: CVE-2007-4567
 References: 
- http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=e76b2b2567b83448c2ee85a896433b96150c92e6
+ http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commitdiff;h=e76b2b2567b83448c2ee85a896433b96150c92e6
  http://bugzilla.kernel.org/show_bug.cgi?id=8450
 Description: 
 Ubuntu-Description: 
@@ -14,5 +14,5 @@
 2.4.27-sarge-security: N/A
 2.6.15-dapper-security: N/A
 2.6.17-edgy-security: N/A
-2.6.20-feisty-security: needed
+2.6.20-feisty-security: pending (2.6.20-2.6.20-16.33)
 2.6.22-gutsy-security: N/A

Modified: active/CVE-2007-4571
===================================================================
--- active/CVE-2007-4571	2007-11-21 22:17:58 UTC (rev 1023)
+++ active/CVE-2007-4571	2007-11-22 02:41:43 UTC (rev 1024)
@@ -1,6 +1,7 @@
 Candidate: CVE-2007-4571
 References: 
- http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=ccec6e2c4a74adf76ed4e2478091a311b1806212 
+ http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commitdiff;h=ccec6e2c4a74adf76ed4e2478091a311b1806212 
+ http://git.kernel.org/?p=linux/kernel/git/stable/linux-2.6.22.y.git;a=commitdiff;h=788450fa451454cc8ff3593b4f9fdb653c296583
  http://kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.22.8
  http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=600
 Description: 
@@ -13,7 +14,7 @@
 2.6.18-etch-security: ignored (2.6.18.dfsg.1-13etch3)
 2.6.8-sarge-security: 
 2.4.27-sarge-security: 
-2.6.15-dapper-security: needed
-2.6.17-edgy-security: needed
-2.6.20-feisty-security: needed
-2.6.22-gutsy-security: needed
+2.6.15-dapper-security: deferred
+2.6.17-edgy-security: deferred
+2.6.20-feisty-security: deferred
+2.6.22-gutsy-security: deferred

Modified: active/CVE-2007-4849
===================================================================
--- active/CVE-2007-4849	2007-11-21 22:17:58 UTC (rev 1023)
+++ active/CVE-2007-4849	2007-11-22 02:41:43 UTC (rev 1024)
@@ -3,6 +3,7 @@
  http://git.infradead.org/?p=mtd-2.6.git;a=commitdiff;h=9ed437c50d89eabae763dd422579f73fdebf288d
  http://lists.infradead.org/pipermail/linux-mtd-cvs/2007-August/005897.html
  http://dev.laptop.org/ticket/2732
+ http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commitdiff;h=9ed437c50d89eabae763dd422579f73fdebf288d
 Description: 
  JFFS2, as used on One Laptop Per Child (OLPC) build 542 and possibly other Linux
  systems, when POSIX ACL support is enabled, does not properly store permissions during
@@ -20,5 +21,6 @@
 2.6.8-sarge-security: N/A
 2.4.27-sarge-security: N/A
 2.6.15-dapper-security: N/A
-2.6.17-edgy-security: needed
-2.6.20-feisty-security: needed
+2.6.17-edgy-security: N/A
+2.6.20-feisty-security: pending (2.6.20-16.33)
+2.6.22-gutsy-security: pending (2.6.22-14.47)

Modified: active/CVE-2007-4997
===================================================================
--- active/CVE-2007-4997	2007-11-21 22:17:58 UTC (rev 1023)
+++ active/CVE-2007-4997	2007-11-22 02:41:43 UTC (rev 1024)
@@ -1,6 +1,7 @@
 Candidate: CVE-2007-4997
 References: 
  http://git.kernel.org/?p=linux/kernel/git/avi/kvm.git;a=commitdiff;h=04045f98e0457aba7d4e6736f37eed189c48a5f7
+ http://git.kernel.org/?p=linux/kernel/git/stable/linux-2.6.23.y.git;a=commitdiff;h=04045f98e0457aba7d4e6736f37eed189c48a5f7
 Description: 
 Ubuntu-Description: 
 Notes: 
@@ -17,6 +18,7 @@
 2.6.18-etch-security: pending (2.6.18.dfsg.1-13etch5) [bugfix/ieee80211-underflow.patch]
 2.6.8-sarge-security: N/A
 2.4.27-sarge-security: N/A
-2.6.15-dapper-security: needed
-2.6.17-edgy-security: needed
-2.6.20-feisty-security: needed
+2.6.15-dapper-security: pending (2.6.15-29.61)
+2.6.17-edgy-security: pending (2.6.17.1-12.42)
+2.6.20-feisty-security: pending (2.6.20-16.33)
+2.6.22-gutsy-security: pending (2.6.22-14.47)

Modified: active/CVE-2007-5093
===================================================================
--- active/CVE-2007-5093	2007-11-21 22:17:58 UTC (rev 1023)
+++ active/CVE-2007-5093	2007-11-22 02:41:43 UTC (rev 1024)
@@ -1,6 +1,7 @@
 Candidate: CVE-2007-5093
 References: 
  http://git.kernel.org/?p=linux/kernel/git/stable/linux-2.6-stable.git;a=commitdiff;h=852ffe0acf89f959e8d35080bbd2bdc2d8f2e9e5
+ http://git.kernel.org/?p=linux/kernel/git/stable/linux-2.6.22.y.git;a=commitdiff;h=85237f202d46d55c1bffe0c5b1aa3ddc0f1dce4d
  MLIST:20070902 Oops in pwc v4l driver
  URL:http://marc.info/?l=linux-kernel&m=118873457814808&w=2
  MLIST:20070903 Re: Oops in pwc v4l driver
@@ -17,13 +18,14 @@
  unless the attacker can convince the victim to unplug the affected device.
 Ubuntu-Description: 
 Notes: 
+ kees> debug regression was fixed in http://git.kernel.org/?p=linux/kernel/git/stable/linux-2.6.22.y.git;a=commitdiff;h=a3a066bffd7754e6d40c48972e698352f6cd6c4e
 Bugs: 
-upstream: 
+upstream: released (2.6.22.6)
 linux-2.6: 
 2.6.18-etch-security: released (2.6.18.dfsg.1-13etch4) [bugfix/usb-pwc-disconnect-block.patch]
 2.6.8-sarge-security: 
 2.4.27-sarge-security: 
-2.6.15-dapper-security: needed
-2.6.17-edgy-security: needed
-2.6.20-feisty-security: needed
-2.6.20-gutsy-security: needed
+2.6.15-dapper-security: pending (2.6.15-29.61)
+2.6.17-edgy-security: pending (2.6.17.1-12.42)
+2.6.20-feisty-security: pending (2.6.20-16.33)
+2.6.22-gutsy-security: N/A

Modified: active/CVE-2007-5500
===================================================================
--- active/CVE-2007-5500	2007-11-21 22:17:58 UTC (rev 1023)
+++ active/CVE-2007-5500	2007-11-22 02:41:43 UTC (rev 1024)
@@ -12,7 +12,7 @@
 2.6.18-etch-security: 
 2.6.8-sarge-security: 
 2.4.27-sarge-security: 
-2.6.15-dapper-security: needed
-2.6.17-edgy-security: needed
-2.6.20-feisty-security: needed
-2.6.22-gutsy-security: needed
+2.6.15-dapper-security: pending (2.6.15-29.61)
+2.6.17-edgy-security: pending (2.6.17.1-12.42)
+2.6.20-feisty-security: pending (2.6.20-16.33)
+2.6.22-gutsy-security: pending (2.6.22-14.47)

Modified: active/CVE-2007-5501
===================================================================
--- active/CVE-2007-5501	2007-11-21 22:17:58 UTC (rev 1023)
+++ active/CVE-2007-5501	2007-11-22 02:41:43 UTC (rev 1024)
@@ -15,4 +15,4 @@
 2.6.15-dapper-security: N/A
 2.6.17-edgy-security: N/A
 2.6.20-feisty-security: N/A
-2.6.22-gutsy-security: needed
+2.6.22-gutsy-security: pending (2.6.22-14.47)

Modified: scripts/ubuntu-table
===================================================================
--- scripts/ubuntu-table	2007-11-21 22:17:58 UTC (rev 1023)
+++ scripts/ubuntu-table	2007-11-22 02:41:43 UTC (rev 1024)
@@ -1,7 +1,7 @@
 #!/usr/bin/env python
 import os, re, sys
 
-releases = ['2.6.15-dapper-security', '2.6.17-edgy-security', '2.6.20-feisty-security']
+releases = ['2.6.15-dapper-security', '2.6.17-edgy-security', '2.6.20-feisty-security', '2.6.22-gutsy-security']
 
 table = dict()
 cves = [elem for elem in os.listdir('.') if re.match('^CVE-\d+-\d+$',elem)]


