[kernel-sec-discuss] r1098 - active
dannf at alioth.debian.org
dannf at alioth.debian.org
Tue Jan 22 00:26:57 UTC 2008
Author: dannf
Date: 2008-01-22 00:26:57 +0000 (Tue, 22 Jan 2008)
New Revision: 1098
Modified:
active/CVE-2006-6054
Log:
note that current 2.4 patch is an incomplete fix; additional backports needed (and have been submitted) upstream
Modified: active/CVE-2006-6054
===================================================================
--- active/CVE-2006-6054 2008-01-21 08:03:35 UTC (rev 1097)
+++ active/CVE-2006-6054 2008-01-22 00:26:57 UTC (rev 1098)
@@ -12,12 +12,13 @@
structures. By mounting a specially crafted ext2 file system, a local
attacker could exploit this to crash the kernel.
Notes:
+ dannf> 2.4 backports submitted upstream on 2008.01.21
Bugs:
upstream: released (2.6.20-rc5)
linux-2.6: released (2.6.18.dfsg.1-10) [bugfix/2.6.18.38]
2.6.18-etch-security: released (2.6.18.dfsg.1-10) [bugfix/2.6.18.38]
2.6.8-sarge-security: needed
-2.4.27-sarge-security: pending (2.4.27-10sarge6) [255_ext2-skip-pages-past-num-blocks.diff]
+2.4.27-sarge-security: needed (2.4.27-10sarge6) [255_ext2-skip-pages-past-num-blocks.diff] "Additional patches needed, see Notes"
2.6.12-breezy-security: released (2.6.12-10.43)
2.6.15-dapper-security: released (2.6.15-28.51)
2.6.17-edgy-security: released (2.6.17.1-11.35)
More information about the kernel-sec-discuss
mailing list