[kernel-sec-discuss] r1471 - active

Dann Frazier dannf at alioth.debian.org
Wed Aug 19 04:47:34 UTC 2009 

Author: dannf
Date: 2009-08-19 04:47:34 +0000 (Wed, 19 Aug 2009)
New Revision: 1471

Modified:
   active/CVE-2009-2691
   active/CVE-2009-2846
   active/CVE-2009-2847
   active/CVE-2009-2848
   active/CVE-2009-2849
Log:
update lenny status

Modified: active/CVE-2009-2691
===================================================================
--- active/CVE-2009-2691	2009-08-19 03:07:32 UTC (rev 1470)
+++ active/CVE-2009-2691	2009-08-19 04:47:34 UTC (rev 1471)
@@ -6,12 +6,14 @@
 References:
 Ubuntu-Description:
 Notes:
+ <dannf> lenny is vulnerable, but the upstream fix works by using a mutex
+         construct that didn't exist until after 2.6.27
 Bugs:
 upstream: released (2.6.31-rc6) [13f0fea, 00f89d2, 704b836]
 linux-2.6:
 2.6.18-etch-security:
 2.6.24-etch-security:
-2.6.26-lenny-security:
+2.6.26-lenny-security: ignored (2.6.26-19) "needs port"
 2.6.15-dapper-security:
 2.6.22-gutsy-security:
 2.6.24-hardy-security:

Modified: active/CVE-2009-2846
===================================================================
--- active/CVE-2009-2846	2009-08-19 03:07:32 UTC (rev 1470)
+++ active/CVE-2009-2846	2009-08-19 04:47:34 UTC (rev 1471)
@@ -15,7 +15,7 @@
 linux-2.6: released (2.6.30-6) [bugfix/parisc/isa-eeprom-fix-loff_t-usage.patch]
 2.6.18-etch-security:
 2.6.24-etch-security:
-2.6.26-lenny-security:
+2.6.26-lenny-security: pending (2.6.26-19) [bugfix/parisc/isa-eeprom-fix-loff_t-usage.patch]
 2.6.15-dapper-security:
 2.6.22-gutsy-security:
 2.6.24-hardy-security:

Modified: active/CVE-2009-2847
===================================================================
--- active/CVE-2009-2847	2009-08-19 03:07:32 UTC (rev 1470)
+++ active/CVE-2009-2847	2009-08-19 04:47:34 UTC (rev 1471)
@@ -22,7 +22,7 @@
 linux-2.6: released (2.6.30-6) [bugfix/all/do_sigaltstack-avoid-copying-stack_t-as-a-structure-to-userspace.patch]
 2.6.18-etch-security:
 2.6.24-etch-security:
-2.6.26-lenny-security:
+2.6.26-lenny-security: pending (2.6.26-19) [bugfix/all/do_sigaltstack-avoid-copying-stack_t-as-a-structure-to-userspace.patch]
 2.6.15-dapper-security:
 2.6.22-gutsy-security:
 2.6.24-hardy-security:

Modified: active/CVE-2009-2848
===================================================================
--- active/CVE-2009-2848	2009-08-19 03:07:32 UTC (rev 1470)
+++ active/CVE-2009-2848	2009-08-19 04:47:34 UTC (rev 1471)
@@ -11,7 +11,7 @@
 linux-2.6:
 2.6.18-etch-security:
 2.6.24-etch-security:
-2.6.26-lenny-security:
+2.6.26-lenny-security: pending (2.6.26-19) [bugfix/all/execve-must-clear-current-clear_child_tid.patch]
 2.6.15-dapper-security:
 2.6.22-gutsy-security:
 2.6.24-hardy-security:

Modified: active/CVE-2009-2849
===================================================================
--- active/CVE-2009-2849	2009-08-19 03:07:32 UTC (rev 1470)
+++ active/CVE-2009-2849	2009-08-19 04:47:34 UTC (rev 1471)
@@ -12,7 +12,7 @@
 linux-2.6: released (2.6.30-4) [bugfix/all/stable/2.6.30.2.patch]
 2.6.18-etch-security:
 2.6.24-etch-security:
-2.6.26-lenny-security:
+2.6.26-lenny-security: pending (2.6.26-19) [bugfix/all/md-avoid-NULL-deref-with-suspend-sysfs-attribs.patch]
 2.6.15-dapper-security:
 2.6.22-gutsy-security:
 2.6.24-hardy-security:

More information about the kernel-sec-discuss mailing list