[kernel-sec-discuss] r1654 - active retired

Michael Gilbert gilbert-guest at alioth.debian.org
Thu Dec 17 17:58:50 UTC 2009 

Author: gilbert-guest
Date: 2009-12-17 17:58:50 +0000 (Thu, 17 Dec 2009)
New Revision: 1654

Added:
   retired/CVE-2009-4131
   retired/CVE-2009-4306
   retired/CVE-2009-4307
Removed:
   active/CVE-2009-4131
   active/CVE-2009-4306
   active/CVE-2009-4307
Log:
issues fixed in 2.6.32-2

Deleted: active/CVE-2009-4131
===================================================================
--- active/CVE-2009-4131	2009-12-15 23:02:14 UTC (rev 1653)
+++ active/CVE-2009-4131	2009-12-17 17:58:50 UTC (rev 1654)
@@ -1,16 +0,0 @@
-Candidate: CVE-2009-4131
-Description:
- ext4 "move extents" ioctl does not correctly check permissions
-References:
- http://www.ubuntu.com/usn/USN-869-1
- https://bugzilla.redhat.com/show_bug.cgi?id=544471
-Notes:
-Bugs:
-upstream: pending (2.6.33-rc1) [4a58579b9e]
-2.6.31-upstream-stable: released (2.6.31.8) [51a88ff8]
-2.6.32-upstream-stable: released (2.6.32.1) [0fd023ec]
-linux-2.6: needed
-2.6.18-etch-security: N/A "introduced in 2.6.31 commit 748de673"
-2.6.24-etch-security: N/A "introduced in 2.6.31 commit 748de673"
-2.6.26-lenny-security: N/A "introduced in 2.6.31 commit 748de673"
-2.6.32-squeeze-security: needed

Deleted: active/CVE-2009-4306
===================================================================
--- active/CVE-2009-4306	2009-12-15 23:02:14 UTC (rev 1653)
+++ active/CVE-2009-4306	2009-12-17 17:58:50 UTC (rev 1654)
@@ -1,14 +0,0 @@
-Candidate: CVE-2009-4306
-Description:
- issue in EXT4_IOC_MOVE_EXT
-References:
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4306
-Notes:
-Bugs:
-upstream:
-2.6.31-upstream-stable:
-linux-2.6:
-2.6.18-etch-security: N/A "ext4 introduced in 2.6.19"
-2.6.24-etch-security:
-2.6.26-lenny-security:
-2.6.32-squeeze-security:

Deleted: active/CVE-2009-4307
===================================================================
--- active/CVE-2009-4307	2009-12-15 23:02:14 UTC (rev 1653)
+++ active/CVE-2009-4307	2009-12-17 17:58:50 UTC (rev 1654)
@@ -1,14 +0,0 @@
-Candidate: CVE-2009-4307
-Description:
-References:
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4307
-Notes:
-Bugs:
-upstream: pending (2.6.33-rc1) [503358ae]
-2.6.31-upstream-stable: released (2.6.31.8) [a7aaaff9]
-2.6.32-upstream-stable: released (2.6.32.1) [8ed33ff5]
-linux-2.6: needed
-2.6.18-etch-security: N/A "introduced in 2.6.27 commit 772cb7c8"
-2.6.24-etch-security: N/A "introduced in 2.6.27 commit 772cb7c8"
-2.6.26-lenny-security: N/A "introduced in 2.6.27 commit 772cb7c8"
-2.6.32-squeeze-security: needed

Copied: retired/CVE-2009-4131 (from rev 1653, active/CVE-2009-4131)
===================================================================
--- retired/CVE-2009-4131	                        (rev 0)
+++ retired/CVE-2009-4131	2009-12-17 17:58:50 UTC (rev 1654)
@@ -0,0 +1,16 @@
+Candidate: CVE-2009-4131
+Description:
+ ext4 "move extents" ioctl does not correctly check permissions
+References:
+ http://www.ubuntu.com/usn/USN-869-1
+ https://bugzilla.redhat.com/show_bug.cgi?id=544471
+Notes:
+Bugs:
+upstream: pending (2.6.33-rc1) [4a58579b9e]
+2.6.31-upstream-stable: released (2.6.31.8) [51a88ff8]
+2.6.32-upstream-stable: released (2.6.32.1) [0fd023ec]
+linux-2.6: released (2.6.32-2)
+2.6.18-etch-security: N/A "introduced in 2.6.31 commit 748de673"
+2.6.24-etch-security: N/A "introduced in 2.6.31 commit 748de673"
+2.6.26-lenny-security: N/A "introduced in 2.6.31 commit 748de673"
+2.6.32-squeeze-security: released (2.6.32-2)

Added: retired/CVE-2009-4306
===================================================================
--- retired/CVE-2009-4306	                        (rev 0)
+++ retired/CVE-2009-4306	2009-12-17 17:58:50 UTC (rev 1654)
@@ -0,0 +1,15 @@
+Candidate: CVE-2009-4306
+Description:
+ issue in EXT4_IOC_MOVE_EXT
+References:
+ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4306
+Notes:
+Bugs:
+upstream: pending (2.6.33-rc1) [94d7c16c]
+2.6.31-upstream-stable: released (2.6.31.8) [b9894156]
+2.6.32-upstream-stable: released (2.6.32.1) [74920c74]
+linux-2.6: released (2.6.32-2)
+2.6.18-etch-security: N/A "introduced in 2.6.31 commit 748de673"
+2.6.24-etch-security: N/A "introduced in 2.6.31 commit 748de673"
+2.6.26-lenny-security: N/A "introduced in 2.6.31 commit 748de673"
+2.6.32-squeeze-security: released (2.6.32-2)

Copied: retired/CVE-2009-4307 (from rev 1653, active/CVE-2009-4307)
===================================================================
--- retired/CVE-2009-4307	                        (rev 0)
+++ retired/CVE-2009-4307	2009-12-17 17:58:50 UTC (rev 1654)
@@ -0,0 +1,14 @@
+Candidate: CVE-2009-4307
+Description:
+References:
+ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4307
+Notes:
+Bugs:
+upstream: pending (2.6.33-rc1) [503358ae]
+2.6.31-upstream-stable: released (2.6.31.8) [a7aaaff9]
+2.6.32-upstream-stable: released (2.6.32.1) [8ed33ff5]
+linux-2.6: released (2.6.32-2)
+2.6.18-etch-security: N/A "introduced in 2.6.27 commit 772cb7c8"
+2.6.24-etch-security: N/A "introduced in 2.6.27 commit 772cb7c8"
+2.6.26-lenny-security: N/A "introduced in 2.6.27 commit 772cb7c8"
+2.6.32-squeeze-security: released (2.6.32-2)

More information about the kernel-sec-discuss mailing list