[kernel-sec-discuss] r1098 - active

[dannf at alioth.debian.org]

Author: dannf
Date: 2008-01-22 00:26:57 +0000 (Tue, 22 Jan 2008)
New Revision: 1098

Modified:
   active/CVE-2006-6054
Log:
note that current 2.4 patch is an incomplete fix; additional backports needed (and have been submitted) upstream

Modified: active/CVE-2006-6054
===================================================================
--- active/CVE-2006-6054	2008-01-21 08:03:35 UTC (rev 1097)
+++ active/CVE-2006-6054	2008-01-22 00:26:57 UTC (rev 1098)
@@ -12,12 +12,13 @@
  structures. By mounting a specially crafted ext2 file system, a local
  attacker could exploit this to crash the kernel.
 Notes: 
+ dannf> 2.4 backports submitted upstream on 2008.01.21
 Bugs: 
 upstream: released (2.6.20-rc5)
 linux-2.6: released (2.6.18.dfsg.1-10) [bugfix/2.6.18.38]
 2.6.18-etch-security: released (2.6.18.dfsg.1-10) [bugfix/2.6.18.38]
 2.6.8-sarge-security: needed
-2.4.27-sarge-security: pending (2.4.27-10sarge6) [255_ext2-skip-pages-past-num-blocks.diff]
+2.4.27-sarge-security: needed (2.4.27-10sarge6) [255_ext2-skip-pages-past-num-blocks.diff] "Additional patches needed, see Notes"
 2.6.12-breezy-security: released (2.6.12-10.43)
 2.6.15-dapper-security: released (2.6.15-28.51)
 2.6.17-edgy-security: released (2.6.17.1-11.35)