[kernel-sec-discuss] r1141 - active

jmm at alioth.debian.org jmm at alioth.debian.org
Fri Feb 22 22:00:25 UTC 2008


Author: jmm
Date: 2008-02-22 22:00:24 +0000 (Fri, 22 Feb 2008)
New Revision: 1141

Modified:
   active/CVE-2006-5823
   active/CVE-2006-6054
   active/CVE-2006-6058
   active/CVE-2006-7203
   active/CVE-2007-1353
   active/CVE-2007-2172
   active/CVE-2007-2525
   active/CVE-2007-3105
   active/CVE-2007-3739
   active/CVE-2007-3740
   active/CVE-2007-4133
   active/CVE-2007-4308
   active/CVE-2007-4573
   active/CVE-2007-5093
   active/CVE-2007-6063
   active/CVE-2007-6151
   active/CVE-2007-6206
   active/CVE-2007-6694
   active/CVE-2008-0007
Log:
record 2.6.8 DSA


Modified: active/CVE-2006-5823
===================================================================
--- active/CVE-2006-5823	2008-02-22 21:53:05 UTC (rev 1140)
+++ active/CVE-2006-5823	2008-02-22 22:00:24 UTC (rev 1141)
@@ -19,7 +19,7 @@
 upstream: released (2.4.36-pre2, 2.6.20-rc1)
 linux-2.6: released (2.6.20-1)
 2.6.18-etch-security: released (2.6.18.dfsg.1-10)
-2.6.8-sarge-security: pending (2.6.8-17sarge1) [cramfs-check-block-length.dpatch]
+2.6.8-sarge-security: released (2.6.8-17sarge1) [cramfs-check-block-length.dpatch]
 2.4.27-sarge-security: released (2.4.27-10sarge6) [254_cramfs-check-block-length.diff]
 2.6.12-breezy-security: released (2.6.12-10.43)
 2.6.15-dapper-security: released (2.6.15-28.51)

Modified: active/CVE-2006-6054
===================================================================
--- active/CVE-2006-6054	2008-02-22 21:53:05 UTC (rev 1140)
+++ active/CVE-2006-6054	2008-02-22 22:00:24 UTC (rev 1141)
@@ -17,7 +17,7 @@
 upstream: released (2.6.20-rc5)
 linux-2.6: released (2.6.18.dfsg.1-10) [bugfix/2.6.18.38]
 2.6.18-etch-security: released (2.6.18.dfsg.1-10) [bugfix/2.6.16.38]
-2.6.8-sarge-security: pending (2.6.8-17sarge1) [ext2-skip-pages-past-num-blocks.dpatch]
+2.6.8-sarge-security: released (2.6.8-17sarge1) [ext2-skip-pages-past-num-blocks.dpatch]
 2.4.27-sarge-security: released (2.4.27-10sarge6) [258_ext2_readdir-f_pos-fix.diff, 259_ext2_readdir-infinite-loop.diff, 260_ext2-skip-pages-past-num-blocks.diff]
 2.6.12-breezy-security: released (2.6.12-10.43)
 2.6.15-dapper-security: released (2.6.15-28.51)

Modified: active/CVE-2006-6058
===================================================================
--- active/CVE-2006-6058	2008-02-22 21:53:05 UTC (rev 1140)
+++ active/CVE-2006-6058	2008-02-22 22:00:24 UTC (rev 1141)
@@ -29,7 +29,7 @@
 upstream: released (2.6.23.7, 2.6.24-rc1) [f44ec6f3f89889a469773b1fd894f8fcc07c29cf]
 linux-2.6: released (2.6.23-1) [bugfix/2.6.23.7.patch]
 2.6.18-etch-security: released (2.6.18.dfsg.1-13etch6) [bugfix/minixfs-printk-hang.patch]
-2.6.8-sarge-security: pending (2.6.8-17sarge1) [minixfs-printk-hang.dpatch]
+2.6.8-sarge-security: released (2.6.8-17sarge1) [minixfs-printk-hang.dpatch]
 2.4.27-sarge-security: ignored (2.4.27-10sarge6) "no printk_ratelimit in 2.4 - needs port"
 2.6.15-dapper-security: pending (2.6.15-29.61)
 2.6.17-edgy-security: released (2.6.17.1-12.42)

Modified: active/CVE-2006-7203
===================================================================
--- active/CVE-2006-7203	2008-02-22 21:53:05 UTC (rev 1140)
+++ active/CVE-2006-7203	2008-02-22 22:00:24 UTC (rev 1141)
@@ -15,7 +15,7 @@
 upstream: released (2.6.20, 2.6.18.6)
 linux-2.6: released (2.6.20-1)
 2.6.18-etch-security: released (2.6.18.dfsg.1-9) [bugfix/2.6.18.6]
-2.6.8-sarge-security: pending (2.6.8-17sarge1) [compat_sys_mount-NULL-data_page.dpatch]
+2.6.8-sarge-security: released (2.6.8-17sarge1) [compat_sys_mount-NULL-data_page.dpatch]
 2.4.27-sarge-security: N/A
 2.6.15-dapper-security: released (2.6.15-28.57)
 2.6.17-edgy-security: released (2.6.17.1-11.39) [b47f37617947e31bb19441e18714683e4ec86820]

Modified: active/CVE-2007-1353
===================================================================
--- active/CVE-2007-1353	2008-02-22 21:53:05 UTC (rev 1140)
+++ active/CVE-2007-1353	2008-02-22 22:00:24 UTC (rev 1141)
@@ -19,7 +19,7 @@
 upstream: released (2.6.22)
 linux-2.6: released (2.6.22-1)
 2.6.18-etch-security: released (2.6.18.dfsg.1-13etch1) [bugfix/bluetooth-l2cap-hci-info-leaks.patch]
-2.6.8-sarge-security: pending (2.6.8-17sarge1) [bluetooth-l2cap-hci-info-leaks.dpatch]
+2.6.8-sarge-security: released (2.6.8-17sarge1) [bluetooth-l2cap-hci-info-leaks.dpatch]
 2.4.27-sarge-security: released (2.4.27-10sarge6) [244_bluetooth-l2cap-hci-info-leaks.diff]
 2.6.15-dapper-security: released (2.6.15-28.57)
 2.6.17-edgy-security: released (2.6.17.1-11.39) [6529b3249b30c826d8ab991d839c6cb4e952c1ed]

Modified: active/CVE-2007-2172
===================================================================
--- active/CVE-2007-2172	2008-02-22 21:53:05 UTC (rev 1140)
+++ active/CVE-2007-2172	2008-02-22 22:00:24 UTC (rev 1141)
@@ -19,7 +19,7 @@
 upstream: released (2.4.34.3, 2.6.21)
 linux-2.6: released (2.6.21-1)
 2.6.18-etch-security: released (2.6.18.dfsg.1-13etch2) [bugfix/dn_fib-out-of-bounds.patch, bugfix/ipv4-fib_props-out-of-bounds.patch]
-2.6.8-sarge-security: pending (2.6.8-17sarge1) [dn_fib-out-of-bounds.dpatch, ipv4-fib_props-out-of-bounds.dpatch]
+2.6.8-sarge-security: released (2.6.8-17sarge1) [dn_fib-out-of-bounds.dpatch, ipv4-fib_props-out-of-bounds.dpatch]
 2.4.27-sarge-security: released (2.4.27-10sarge6) [246_dn_fib-out-of-bounds.diff, 266_ipv4-fib_props-out-of-bounds.diff]
 2.6.15-dapper-security: released (2.6.15-28.54)
 2.6.17-edgy-security: released (2.6.17.1-11.38)

Modified: active/CVE-2007-2525
===================================================================
--- active/CVE-2007-2525	2008-02-22 21:53:05 UTC (rev 1140)
+++ active/CVE-2007-2525	2008-02-22 22:00:24 UTC (rev 1141)
@@ -15,7 +15,7 @@
 upstream: released (2.6.21)
 linux-2.6: released (2.6.21-1)
 2.6.18-etch-security: released (2.6.18.dfsg.1-13etch1) [bugfix/pppoe-socket-release-mem-leak.patch]
-2.6.8-sarge-security: pending (2.6.8-17sarge1) [pppoe-socket-release-mem-leak.dpatch]
+2.6.8-sarge-security: released (2.6.8-17sarge1) [pppoe-socket-release-mem-leak.dpatch]
 2.4.27-sarge-security: released (2.4.27-10sarge6) [255_pppoe-socket-release-mem-leak.diff]
 2.6.15-dapper-security: released (2.6.15-28.57)
 2.6.17-edgy-security: released (2.6.17.1-11.39) [123623f9ad4d9bbe55c03b33ce79123e948b107f]

Modified: active/CVE-2007-3105
===================================================================
--- active/CVE-2007-3105	2008-02-22 21:53:05 UTC (rev 1140)
+++ active/CVE-2007-3105	2008-02-22 22:00:24 UTC (rev 1141)
@@ -21,7 +21,7 @@
 upstream: released (2.6.21, 2.6.22.3)
 linux-2.6: released (2.6.21-1)
 2.6.18-etch-security: released (2.6.18.dfsg.1-13etch2) [bugfix/random-bound-check-ordering.patch]
-2.6.8-sarge-security: pending (2.6.8-17sarge2) [random-bound-check-ordering.dpatch]
+2.6.8-sarge-security: released (2.6.8-17sarge2) [random-bound-check-ordering.dpatch]
 2.4.27-sarge-security: N/A
 2.6.15-dapper-security: released (2.6.15-29.58) 
 2.6.17-edgy-security: released (2.6.17.1-12.40) [f22710043b7d89b496f7910e9c87ed62519dff14]

Modified: active/CVE-2007-3739
===================================================================
--- active/CVE-2007-3739	2008-02-22 21:53:05 UTC (rev 1140)
+++ active/CVE-2007-3739	2008-02-22 22:00:24 UTC (rev 1141)
@@ -24,7 +24,7 @@
 upstream: released (2.6.20)
 linux-2.6: released (2.6.20)
 2.6.18-etch-security: released (2.6.18.dfsg.1-13etch3) [bugfix/prevent-stack-growth-into-hugetlb-region.patch]
-2.6.8-sarge-security: pending (2.6.8-17sarge1) [prevent-stack-growth-into-hugetlb-region.dpatch]
+2.6.8-sarge-security: released (2.6.8-17sarge1) [prevent-stack-growth-into-hugetlb-region.dpatch]
 2.4.27-sarge-security: N/A "files/functions non-existant in 2.4"
 2.6.15-dapper-security: released (2.6.15-29.59)
 2.6.17-edgy-security: released (2.6.17.1-12.41 ae30f170a8c2988179b2b34c7e562f57eb0556bc)

Modified: active/CVE-2007-3740
===================================================================
--- active/CVE-2007-3740	2008-02-22 21:53:05 UTC (rev 1140)
+++ active/CVE-2007-3740	2008-02-22 22:00:24 UTC (rev 1141)
@@ -18,7 +18,7 @@
 upstream: released (2.6.22-rc5) [3ce53fc4c57603d99c330a6ee2fe96d94f2d350f]
 linux-2.6: released (2.6.22-1)
 2.6.18-etch-security: released (2.6.18.dfsg.1-13etch3) [bugfix/cifs-honor-umask.patch]
-2.6.8-sarge-security: pending (2.6.8-17sarge1) [cifs-honor-umask.dpatch]
+2.6.8-sarge-security: released (2.6.8-17sarge1) [cifs-honor-umask.dpatch]
 2.4.27-sarge-security: N/A
 2.6.15-dapper-security: released (2.6.15-29.59)
 2.6.17-edgy-security: released (2.6.17.1-12.41 79255d92e1277021fc1be8e72897fe6177ab9b67)

Modified: active/CVE-2007-4133
===================================================================
--- active/CVE-2007-4133	2008-02-22 21:53:05 UTC (rev 1140)
+++ active/CVE-2007-4133	2008-02-22 22:00:24 UTC (rev 1141)
@@ -18,7 +18,7 @@
 upstream: released (2.6.19)
 linux-2.6: released (2.6.20-1)
 2.6.18-etch-security: released (2.6.18.dfsg.1-13etch4) [bugfix/hugetlb-prio_tree-unit-fix.patch]
-2.6.8-sarge-security: pending (2.6.8-17sarge1) [hugetlb-prio_tree-unit-fix.dpatch]
+2.6.8-sarge-security: released (2.6.8-17sarge1) [hugetlb-prio_tree-unit-fix.dpatch]
 2.4.27-sarge-security: N/A
 2.6.15-dapper-security: pending (2.6.15-29.61)
 2.6.17-edgy-security: released (2.6.17.1-12.42)

Modified: active/CVE-2007-4308
===================================================================
--- active/CVE-2007-4308	2008-02-22 21:53:05 UTC (rev 1140)
+++ active/CVE-2007-4308	2008-02-22 22:00:24 UTC (rev 1141)
@@ -18,7 +18,7 @@
 upstream: released (2.6.23-rc2)
 linux-2.6: released (2.6.22-4)
 2.6.18-etch-security: released (2.6.18.dfsg.1-13etch2) [bugfix/aacraid-ioctl-perm-check.patch]
-2.6.8-sarge-security: pending (2.6.8-17sarge1) [aacraid-ioctl-perm-check.dpatch]
+2.6.8-sarge-security: released (2.6.8-17sarge1) [aacraid-ioctl-perm-check.dpatch]
 2.4.27-sarge-security: released (2.4.27-10sarge6) [262_aacraid-ioctl-perm-check.diff]
 2.6.15-dapper-security: released (2.6.15-29.58)
 2.6.17-edgy-security: released (2.6.17.1-12.40)

Modified: active/CVE-2007-4573
===================================================================
--- active/CVE-2007-4573	2008-02-22 21:53:05 UTC (rev 1140)
+++ active/CVE-2007-4573	2008-02-22 22:00:24 UTC (rev 1141)
@@ -12,7 +12,7 @@
 upstream: released (2.6.22.7)
 linux-2.6: released (2.6.22-5)
 2.6.18-etch-security: released (2.6.18.dfsg.1-13etch4) [bugfix/amd64-zero-extend-32bit-ptrace.patch, bugfix/amd64-zero-extend-32bit-ptrace-xen.patch]
-2.6.8-sarge-security: pending (2.6.8-17sarge1) [amd64-zero-extend-32bit-ptrace.dpatch]
+2.6.8-sarge-security: released (2.6.8-17sarge1) [amd64-zero-extend-32bit-ptrace.dpatch]
 2.4.27-sarge-security: N/A
 2.6.15-dapper-security: released (2.6.15-29.59)
 2.6.17-edgy-security: released (2.6.17.1-12.41 bac7adb35e5a3630511249b4f1bbdaff3b574455)

Modified: active/CVE-2007-5093
===================================================================
--- active/CVE-2007-5093	2008-02-22 21:53:05 UTC (rev 1140)
+++ active/CVE-2007-5093	2008-02-22 22:00:24 UTC (rev 1141)
@@ -27,7 +27,7 @@
 upstream: released (2.6.22.6)
 linux-2.6: released (2.6.23-1)
 2.6.18-etch-security: released (2.6.18.dfsg.1-13etch4) [bugfix/usb-pwc-disconnect-block.patch]
-2.6.8-sarge-security: pending (2.6.8-17sarge1) [usb-pwc-disconnect-block.dpatch]
+2.6.8-sarge-security: released (2.6.8-17sarge1) [usb-pwc-disconnect-block.dpatch]
 2.4.27-sarge-security: released (2.4.17-10sarge6) [263_usb-pwc-disconnect-block.diff]
 2.6.15-dapper-security: pending (2.6.15-29.61)
 2.6.17-edgy-security: released (2.6.17.1-12.42)

Modified: active/CVE-2007-6063
===================================================================
--- active/CVE-2007-6063	2008-02-22 21:53:05 UTC (rev 1140)
+++ active/CVE-2007-6063	2008-02-22 22:00:24 UTC (rev 1141)
@@ -14,7 +14,7 @@
 upstream: released (2.6.24-rc4) [0f13864e5b24d9cbe18d125d41bfa4b726a82e40]
 linux-2.6: released (2.6.23-2)
 2.6.18-etch-security: released (2.6.18.dfsg.1-13etch6) [bugfix/isdn-net-overflow.patch]
-2.6.8-sarge-security: pending (2.6.8-17sarge1) [isdn-net-overflow.dpatch]
+2.6.8-sarge-security: released (2.6.8-17sarge1) [isdn-net-overflow.dpatch]
 2.4.27-sarge-security: released (2.4.27-10sarge6) [257_isdn-net-overflow.diff]
 2.6.15-dapper-security: pending (2.6.15-51.65)
 2.6.17-edgy-security: pending (2.6.17.1-12.43)

Modified: active/CVE-2007-6151
===================================================================
--- active/CVE-2007-6151	2008-02-22 21:53:05 UTC (rev 1140)
+++ active/CVE-2007-6151	2008-02-22 22:00:24 UTC (rev 1141)
@@ -11,7 +11,7 @@
 upstream: 
 linux-2.6: released (2.6.23-2)
 2.6.18-etch-security: released (2.6.18.dfsg.1-17etch1) [bugfix/i4l-isdn_ioctl-mem-overrun.patch]
-2.6.8-sarge-security: pending (2.6.8-17sarge1) [i4l-isdn_ioctl-mem-overrun.dpatch]
+2.6.8-sarge-security: released (2.6.8-17sarge1) [i4l-isdn_ioctl-mem-overrun.dpatch]
 2.4.27-sarge-security: released (2.4.27-10sarge6) [256_i4l-isdn_ioctl-mem-overrun.diff]
 2.6.15-dapper-security: pending (2.6.15-51.65)
 2.6.17-edgy-security: pending (2.6.17.1-12.43)

Modified: active/CVE-2007-6206
===================================================================
--- active/CVE-2007-6206	2008-02-22 21:53:05 UTC (rev 1140)
+++ active/CVE-2007-6206	2008-02-22 22:00:24 UTC (rev 1141)
@@ -13,7 +13,7 @@
 upstream: pending (2.6.24)
 linux-2.6: needed
 2.6.18-etch-security: released (2.6.18.dfsg.1-13etch6) [bugfix/coredump-only-to-same-uid.patch]
-2.6.8-sarge-security: pending (2.6.8-17sarge1) [coredump-only-to-same-uid.dpatch]
+2.6.8-sarge-security: released (2.6.8-17sarge1) [coredump-only-to-same-uid.dpatch]
 2.4.27-sarge-security: released (2.4.27-10sarge6) [253_coredump-only-to-same-uid.diff]
 2.6.15-dapper-security: pending (2.6.15-51.65)
 2.6.17-edgy-security: pending (2.6.17.1-12.43)

Modified: active/CVE-2007-6694
===================================================================
--- active/CVE-2007-6694	2008-02-22 21:53:05 UTC (rev 1140)
+++ active/CVE-2007-6694	2008-02-22 22:00:24 UTC (rev 1141)
@@ -15,7 +15,7 @@
 upstream: 
 linux-2.6: 
 2.6.18-etch-security: pending (2.6.18.dfsg.1-18etch2) [bugfix/powerpc-chrp-null-deref.patch]
-2.6.8-sarge-security: pending (2.6.8-17sarge2) [powerpc-chrp-null-deref.dpatch]
+2.6.8-sarge-security: released (2.6.8-17sarge2) [powerpc-chrp-null-deref.dpatch]
 2.4.27-sarge-security: released (2.4.27-10sarge6) [265_powerpc-chrp-null-deref.diff]
 2.6.15-dapper-security: 
 2.6.17-edgy-security: 

Modified: active/CVE-2008-0007
===================================================================
--- active/CVE-2008-0007	2008-02-22 21:53:05 UTC (rev 1140)
+++ active/CVE-2008-0007	2008-02-22 22:00:24 UTC (rev 1141)
@@ -8,7 +8,7 @@
 linux-2.6: needed
 2.6.18-etch-security: pending (2.6.18.dfsg.1-18etch2) [bugfix/mmap-VM_DONTEXPAND.patch]
 2.6.24-etchnhalf-security: needed
-2.6.8-sarge-security: 
+2.6.8-sarge-security: released (2.6.8-17sarge2)
 2.4.27-sarge-security: released (2.4.27-10sarge6) [264_mmap-VM_DONTEXPAND.diff]
 2.6.15-dapper-security: 
 2.6.17-edgy-security: 




More information about the kernel-sec-discuss mailing list