[kernel-sec-discuss] r1122 - active

Thu Feb 7 01:15:49 UTC 2008

Author: dannf
Date: 2008-02-07 01:15:49 +0000 (Thu, 07 Feb 2008)
New Revision: 1122

Modified:
   active/CVE-2007-2172
   active/CVE-2007-2242
   active/CVE-2007-4308
   active/CVE-2007-5093
   active/CVE-2007-6063
   active/CVE-2007-6151
Log:
update sarge/2.4 statuses

Modified: active/CVE-2007-2172
===================================================================

--- active/CVE-2007-2172	2008-02-06 09:11:34 UTC (rev 1121)
+++ active/CVE-2007-2172	2008-02-07 01:15:49 UTC (rev 1122)
@@ -20,7 +20,7 @@
 linux-2.6: released (2.6.21-1)
 2.6.18-etch-security: released (2.6.18.dfsg.1-13etch2) [bugfix/dn_fib-out-of-bounds.patch, bugfix/ipv4-fib_props-out-of-bounds.patch]
 2.6.8-sarge-security: pending (2.6.8-17sarge1) [dn_fib-out-of-bounds.dpatch, ipv4-fib_props-out-of-bounds.dpatch]
-2.4.27-sarge-security: needed (2.4.27-10sarge6) [246_dn_fib-out-of-bounds.diff]
+2.4.27-sarge-security: needed (2.4.27-10sarge6) [246_dn_fib-out-of-bounds.diff] "linux-2.4 changeset 230c62b9e7000cfb407a079a21ad0f077f164b21"
 2.6.15-dapper-security: released (2.6.15-28.54)
 2.6.17-edgy-security: released (2.6.17.1-11.38)
 2.6.20-feisty-security: released (2.6.20-16.28)

Modified: active/CVE-2007-2242
===================================================================
--- active/CVE-2007-2242	2008-02-06 09:11:34 UTC (rev 1121)
+++ active/CVE-2007-2242	2008-02-07 01:15:49 UTC (rev 1122)
@@ -20,12 +20,13 @@
  <dannf> vlad: oh, ok - thx
  <vlad> dannf: although for the purposes of 2.6.18, the second one might be a no-op and the first one might need to be modified a bit.
  jmm> Contacted Willy
+ dannf> functions are different, but 2.4 code looks similar
 Bugs: 421595
 upstream: released (2.6.21)
 linux-2.6: released (2.6.21-1)
 2.6.18-etch-security: released (2.6.18.dfsg.1-13etch1) [bugfix/ipv6-disallow-RH0-by-default.patch]
 2.6.8-sarge-security: 
-2.4.27-sarge-security: 
+2.4.27-sarge-security: needed "backport in tree; needs testing/submittal to netdev/willy"
 2.6.15-dapper-security: released (2.6.15-29.58)
 2.6.17-edgy-security: released (2.6.17.1-11.39) [fee89820efa8e3479b39149dcfb2b1bccdaadedc]
 2.6.20-feisty-security: released (2.6.20-16.28)

Modified: active/CVE-2007-4308
===================================================================
--- active/CVE-2007-4308	2008-02-06 09:11:34 UTC (rev 1121)
+++ active/CVE-2007-4308	2008-02-07 01:15:49 UTC (rev 1122)
@@ -19,7 +19,7 @@
 linux-2.6: released (2.6.22-4)
 2.6.18-etch-security: released (2.6.18.dfsg.1-13etch2) [bugfix/aacraid-ioctl-perm-check.patch]
 2.6.8-sarge-security: pending (2.6.8-17sarge1) [aacraid-ioctl-perm-check.dpatch]
-2.4.27-sarge-security: needed
+2.4.27-sarge-security: needed "backported, needs to be sent to willy"
 2.6.15-dapper-security: released (2.6.15-29.58)
 2.6.17-edgy-security: released (2.6.17.1-12.40)
 2.6.20-feisty-security: released (2.6.20-16.31)

Modified: active/CVE-2007-5093
===================================================================
--- active/CVE-2007-5093	2008-02-06 09:11:34 UTC (rev 1121)
+++ active/CVE-2007-5093	2008-02-07 01:15:49 UTC (rev 1122)
@@ -28,7 +28,7 @@
 linux-2.6: released (2.6.23-1)
 2.6.18-etch-security: released (2.6.18.dfsg.1-13etch4) [bugfix/usb-pwc-disconnect-block.patch]
 2.6.8-sarge-security: 
-2.4.27-sarge-security: 
+2.4.27-sarge-security: needed (2.4.17-10sarge6) [258_usb-pwc-disconnect-block.diff] "backported; need to check applicability of changeset in kees' note and send to willy"
 2.6.15-dapper-security: pending (2.6.15-29.61)
 2.6.17-edgy-security: released (2.6.17.1-12.42)
 2.6.20-feisty-security: released (2.6.20-16.33)

Modified: active/CVE-2007-6063
===================================================================
--- active/CVE-2007-6063	2008-02-06 09:11:34 UTC (rev 1121)
+++ active/CVE-2007-6063	2008-02-07 01:15:49 UTC (rev 1122)
@@ -15,7 +15,7 @@
 linux-2.6: released (2.6.23-2)
 2.6.18-etch-security: released (2.6.18.dfsg.1-13etch6) [bugfix/isdn-net-overflow.patch]
 2.6.8-sarge-security: 
-2.4.27-sarge-security: 
+2.4.27-sarge-security: pending (2.4.27-10sarge6) [257_isdn-net-overflow.diff]
 2.6.15-dapper-security: pending (2.6.15-51.65)
 2.6.17-edgy-security: pending (2.6.17.1-12.43)
 2.6.20-feisty-security: pending (2.6.20-16.34)

Modified: active/CVE-2007-6151
===================================================================
--- active/CVE-2007-6151	2008-02-06 09:11:34 UTC (rev 1121)
+++ active/CVE-2007-6151	2008-02-07 01:15:49 UTC (rev 1122)
@@ -12,7 +12,7 @@
 linux-2.6: released (2.6.23-2)
 2.6.18-etch-security: released (2.6.18.dfsg.1-17etch1) [bugfix/i4l-isdn_ioctl-mem-overrun.patch]
 2.6.8-sarge-security: pending (2.6.8-17sarge1) [i4l-isdn_ioctl-mem-overrun.dpatch]
-2.4.27-sarge-security: 
+2.4.27-sarge-security: pending (2.4.27-10sarge6) [256_i4l-isdn_ioctl-mem-overrun.diff]
 2.6.15-dapper-security: pending (2.6.15-51.65)
 2.6.17-edgy-security: pending (2.6.17.1-12.43)
 2.6.20-feisty-security: pending (2.6.20-16.34)


