[kernel-sec-discuss] r1028 - active
dannf at alioth.debian.org
dannf at alioth.debian.org
Thu Nov 22 19:19:34 UTC 2007
Author: dannf
Date: 2007-11-22 19:19:34 +0000 (Thu, 22 Nov 2007)
New Revision: 1028
Modified:
active/CVE-2006-6128
active/CVE-2006-6921
active/CVE-2006-7051
active/CVE-2007-2480
active/CVE-2007-2878
active/CVE-2007-3719
active/CVE-2007-4311
active/CVE-2007-4571
Log:
debian/upstream statuses
Modified: active/CVE-2006-6128
===================================================================
--- active/CVE-2006-6128 2007-11-22 18:27:30 UTC (rev 1027)
+++ active/CVE-2006-6128 2007-11-22 19:19:34 UTC (rev 1028)
@@ -19,7 +19,7 @@
Bugs:
upstream:
linux-2.6: ignored
-2.6.18-etch-security: ignored (2.6.18.dfsg.1-12etch1)
+2.6.18-etch-security: ignored (2.6.18.dfsg.1-13etch5)
2.6.8-sarge-security: ignored (2.6.8-16sarge7)
2.4.27-sarge-security: ignored (2.4.27-10sarge6)
2.6.15-dapper-security: ignored
Modified: active/CVE-2006-6921
===================================================================
--- active/CVE-2006-6921 2007-11-22 18:27:30 UTC (rev 1027)
+++ active/CVE-2006-6921 2007-11-22 19:19:34 UTC (rev 1028)
@@ -14,7 +14,7 @@
Bugs:
upstream:
linux-2.6: needed
-2.6.18-etch-security: ignored (2.6.18.dfsg.1-12etch1)
+2.6.18-etch-security: ignored (2.6.18.dfsg.1-13etch5)
2.6.8-sarge-security: ignored (2.6.8-16sarge7)
2.4.27-sarge-security: N/A
2.6.15-dapper-security: ignored
Modified: active/CVE-2006-7051
===================================================================
--- active/CVE-2006-7051 2007-11-22 18:27:30 UTC (rev 1027)
+++ active/CVE-2006-7051 2007-11-22 19:19:34 UTC (rev 1028)
@@ -20,7 +20,7 @@
Bugs:
upstream:
linux-2.6:
-2.6.18-etch-security: ignored (2.6.18.dfsg.1-13etch1) "no upstream patch"
+2.6.18-etch-security: ignored (2.6.18.dfsg.1-13etch5) "no upstream patch"
2.6.8-sarge-security:
2.4.27-sarge-security:
2.6.15-dapper-security: ignore (no upstream patch)
Modified: active/CVE-2007-2480
===================================================================
--- active/CVE-2007-2480 2007-11-22 18:27:30 UTC (rev 1027)
+++ active/CVE-2007-2480 2007-11-22 19:19:34 UTC (rev 1028)
@@ -13,7 +13,7 @@
Bugs:
upstream: released (2.6.22)
linux-2.6: released (2.6.22-1)
-2.6.18-etch-security: ignored (2.6.18.dfsg.1-13etch1) "needs backport"
+2.6.18-etch-security: ignored (2.6.18.dfsg.1-13etch5) "needs backport"
2.6.8-sarge-security:
2.4.27-sarge-security:
2.6.15-dapper-security: needed (needs backporting)
Modified: active/CVE-2007-2878
===================================================================
--- active/CVE-2007-2878 2007-11-22 18:27:30 UTC (rev 1027)
+++ active/CVE-2007-2878 2007-11-22 19:19:34 UTC (rev 1028)
@@ -21,7 +21,7 @@
Bugs:
upstream: released (2.6.21.2)
linux-2.6: released (2.6.21-3)
-2.6.18-etch-security: ignored (2.6.18.dfsg.1-13etch1) "ABI breaker"
+2.6.18-etch-security: ignored (2.6.18.dfsg.1-13etch5) "ABI breaker"
2.6.8-sarge-security: N/A
2.4.27-sarge-security: N/A
2.6.15-dapper-security: released (2.6.15-28.57)
Modified: active/CVE-2007-3719
===================================================================
--- active/CVE-2007-3719 2007-11-22 18:27:30 UTC (rev 1027)
+++ active/CVE-2007-3719 2007-11-22 19:19:34 UTC (rev 1028)
@@ -10,7 +10,7 @@
Bugs:
upstream:
linux-2.6:
-2.6.18-etch-security: ignored (2.6.18.dfsg.1-13etch1) "no upstream fix"
+2.6.18-etch-security: ignored (2.6.18.dfsg.1-13etch5) "no upstream fix"
2.6.8-sarge-security:
2.4.27-sarge-security:
2.6.15-dapper-security: ignore (low priority, no obvious upstream fix)
Modified: active/CVE-2007-4311
===================================================================
--- active/CVE-2007-4311 2007-11-22 18:27:30 UTC (rev 1027)
+++ active/CVE-2007-4311 2007-11-22 19:19:34 UTC (rev 1028)
@@ -4,11 +4,15 @@
Description:
Ubuntu-Description:
Notes:
+ dannf> The reporter noted that this is fixed in current 2.6's. It does
+ dannf> appear that way in Debian's 2.6.8 and 2.6.18, but the code that
+ dannf> solves it is quite a bit different in both. I wouldn't necessarily
+ dannf> assume that kernels between 2.6.8 & 2.6.18 are invulnerable.
Bugs:
-upstream:
-linux-2.6:
-2.6.18-etch-security:
-2.6.8-sarge-security:
+upstream: released (2.4.35-rc1)
+linux-2.6: N/A
+2.6.18-etch-security: N/A
+2.6.8-sarge-security: N/A
2.4.27-sarge-security: pending (2.4.27-10sarge6) [248_random-reseed-sizeof-fix.diff]
2.6.15-dapper-security: N/A
2.6.17-edgy-security: N/A
Modified: active/CVE-2007-4571
===================================================================
--- active/CVE-2007-4571 2007-11-22 18:27:30 UTC (rev 1027)
+++ active/CVE-2007-4571 2007-11-22 19:19:34 UTC (rev 1028)
@@ -11,7 +11,7 @@
Bugs:
upstream: released (2.6.22.8)
linux-2.6: released (2.6.22-5)
-2.6.18-etch-security: ignored (2.6.18.dfsg.1-13etch3)
+2.6.18-etch-security: ignored (2.6.18.dfsg.1-13etch5) "ABI Changer"
2.6.8-sarge-security:
2.4.27-sarge-security:
2.6.15-dapper-security: deferred
More information about the kernel-sec-discuss
mailing list