[kernel-sec-discuss] r1117 - active

dannf at alioth.debian.org dannf at alioth.debian.org
Mon Feb 4 17:28:13 UTC 2008 

Author: dannf
Date: 2008-02-04 17:28:13 +0000 (Mon, 04 Feb 2008)
New Revision: 1117

Modified:
   active/CVE-2006-5753
   active/CVE-2006-6054
   active/CVE-2007-2525
Log:
2.4 backports for these issues have been sent to upstream (Willy Tarreau).
debian inclusion is pending upstream acceptance


Modified: active/CVE-2006-5753
===================================================================
--- active/CVE-2006-5753	2008-02-04 17:22:42 UTC (rev 1116)
+++ active/CVE-2006-5753	2008-02-04 17:28:13 UTC (rev 1117)
@@ -19,7 +19,7 @@
 linux-2.6: released (2.6.20-1)
 2.6.18-etch-security: released (2.6.18.dfsg.1-13) [bugfix/listxattr-mem-corruption.patch]
 2.6.8-sarge-security: released (2.6.8-16sarge7) [listxattr-mem-corruption.dpatch]
-2.4.27-sarge-security: 
+2.4.27-sarge-security: needed "pending upstream 2.4 acceptance"
 2.6.12-breezy-security: released (2.6.12-10.43)
 2.6.15-dapper-security: released (2.6.15-28.51)
 2.6.17-edgy-security: released (2.6.17.1-11.35)

Modified: active/CVE-2006-6054
===================================================================
--- active/CVE-2006-6054	2008-02-04 17:22:42 UTC (rev 1116)
+++ active/CVE-2006-6054	2008-02-04 17:28:13 UTC (rev 1117)
@@ -18,7 +18,7 @@
 linux-2.6: released (2.6.18.dfsg.1-10) [bugfix/2.6.18.38]
 2.6.18-etch-security: released (2.6.18.dfsg.1-10) [bugfix/2.6.18.38]
 2.6.8-sarge-security: needed
-2.4.27-sarge-security: needed (2.4.27-10sarge6) [255_ext2-skip-pages-past-num-blocks.diff] "Additional patches needed, see Notes"
+2.4.27-sarge-security: needed (2.4.27-10sarge6) [255_ext2-skip-pages-past-num-blocks.diff] "pending upstream 2.4 acceptance"
 2.6.12-breezy-security: released (2.6.12-10.43)
 2.6.15-dapper-security: released (2.6.15-28.51)
 2.6.17-edgy-security: released (2.6.17.1-11.35)

Modified: active/CVE-2007-2525
===================================================================
--- active/CVE-2007-2525	2008-02-04 17:22:42 UTC (rev 1116)
+++ active/CVE-2007-2525	2008-02-04 17:28:13 UTC (rev 1117)
@@ -11,13 +11,12 @@
  leading to a denial of service.
 Notes: 
  jmm> 202a03acf9994076055df40ae093a5c5474ad0bd
- dannf> Backport sent to Willy Tarreau on 2008.01.21
 Bugs: 
 upstream: released (2.6.21)
 linux-2.6: released (2.6.21-1)
 2.6.18-etch-security: released (2.6.18.dfsg.1-13etch1) [bugfix/pppoe-socket-release-mem-leak.patch]
 2.6.8-sarge-security: pending (2.6.8-17sarge1) [pppoe-socket-release-mem-leak.dpatch]
-2.4.27-sarge-security: needed
+2.4.27-sarge-security: needed "Backport sent to Willy Tarreau on 2008.01.21"
 2.6.15-dapper-security: released (2.6.15-28.57)
 2.6.17-edgy-security: released (2.6.17.1-11.39) [123623f9ad4d9bbe55c03b33ce79123e948b107f]
 2.6.20-feisty-security: released (2.6.20-16.31) [168038c2da7f984a07fd169270b2cac561e1c90c]

More information about the kernel-sec-discuss mailing list