[kernel-sec-discuss] r1290 - active
dannf at alioth.debian.org
dannf at alioth.debian.org
Sat Jan 10 23:16:28 UTC 2009
Author: dannf
Date: 2009-01-10 23:16:27 +0000 (Sat, 10 Jan 2009)
New Revision: 1290
Modified:
active/CVE-2008-5395
active/CVE-2008-5700
active/CVE-2008-5701
active/CVE-2008-5702
active/CVE-2009-0065
Log:
debian updates
Modified: active/CVE-2008-5395
===================================================================
--- active/CVE-2008-5395 2009-01-08 21:45:10 UTC (rev 1289)
+++ active/CVE-2008-5395 2009-01-10 23:16:27 UTC (rev 1290)
@@ -1,14 +1,18 @@
Candidate: CVE-2008-5395
Description:
+ The parisc_show_stack function in arch/parisc/kernel/traps.c in the Linux
+ kernel before 2.6.28-rc7 on PA-RISC allows local users to cause a denial of
+ service (system crash) via vectors associated with an attempt to unwind a
+ stack that contains userspace addresses.
References:
Ubuntu-Description:
Notes:
Bugs:
upstream:
-linux-2.6:
+linux-2.6: released (2.6.26-13) [bugfix/parisc/userspace-unwind-crash.patch]
2.6.18-etch-security:
2.6.24-etch-security:
-2.6.26-lenny-security:
+2.6.26-lenny-security: released (2.6.26-13) [bugfix/parisc/userspace-unwind-crash.patch]
2.6.15-dapper-security:
2.6.22-gutsy-security:
2.6.24-hardy-security:
Modified: active/CVE-2008-5700
===================================================================
--- active/CVE-2008-5700 2009-01-08 21:45:10 UTC (rev 1289)
+++ active/CVE-2008-5700 2009-01-10 23:16:27 UTC (rev 1290)
@@ -11,10 +11,10 @@
Notes:
Bugs:
upstream: released (2.6.27.9)
-linux-2.6:
+linux-2.6: released (2.6.26-13) [bugfix/enforce-minimum-SG_IO-timeout.patch]
2.6.18-etch-security:
2.6.24-etch-security:
-2.6.26-lenny-security:
+2.6.26-lenny-security: released (2.6.26-13) [bugfix/enforce-minimum-SG_IO-timeout.patch]
2.6.15-dapper-security:
2.6.22-gutsy-security:
2.6.24-hardy-security:
Modified: active/CVE-2008-5701
===================================================================
--- active/CVE-2008-5701 2009-01-08 21:45:10 UTC (rev 1289)
+++ active/CVE-2008-5701 2009-01-10 23:16:27 UTC (rev 1290)
@@ -12,10 +12,10 @@
Notes:
Bugs:
upstream: released (2.6.28)
-linux-2.6: pending (2.6.26-13) [bugfix/mips/fix-potential-dos.patch]
+linux-2.6: releasd (2.6.26-13) [bugfix/mips/fix-potential-dos.patch]
2.6.18-etch-security:
2.6.24-etch-security:
-2.6.26-lenny-security: pending (2.6.26-13) [bugfix/mips/fix-potential-dos.patch]
+2.6.26-lenny-security: released (2.6.26-13) [bugfix/mips/fix-potential-dos.patch]
2.6.15-dapper-security:
2.6.22-gutsy-security:
2.6.24-hardy-security:
Modified: active/CVE-2008-5702
===================================================================
--- active/CVE-2008-5702 2009-01-08 21:45:10 UTC (rev 1289)
+++ active/CVE-2008-5702 2009-01-10 23:16:27 UTC (rev 1290)
@@ -17,10 +17,10 @@
dannf> Not an issue for Debian by default due to /dev/watchdog perms
Bugs:
upstream: released (2.6.27.9, 2.6.28-rc1) [7c2500f17d65092d93345f3996cf82ebca17e9ff]
-linux-2.6: pending (2.6.26-13) [bugfix/all/watchdog-ib700wdt-buffer_underflow.patch]
+linux-2.6: released (2.6.26-13) [bugfix/all/watchdog-ib700wdt-buffer_underflow.patch]
2.6.18-etch-security: pending (2.6.18.dfsg.1-23etch2) [bugfix/all/watchdog-ib700wdt-buffer_underflow.patch]
2.6.24-etch-security: pending (2.6.24-6~etchnhalf.7etch1) [bugfix/all/watchdog-ib700wdt-buffer_underflow.patch]
-2.6.26-lenny-security: pending (2.6.26-13) [bugfix/all/watchdog-ib700wdt-buffer_underflow.patch]
+2.6.26-lenny-security: released (2.6.26-13) [bugfix/all/watchdog-ib700wdt-buffer_underflow.patch]
2.6.15-dapper-security:
2.6.22-gutsy-security:
2.6.24-hardy-security:
Modified: active/CVE-2009-0065
===================================================================
--- active/CVE-2009-0065 2009-01-08 21:45:10 UTC (rev 1289)
+++ active/CVE-2009-0065 2009-01-10 23:16:27 UTC (rev 1290)
@@ -8,10 +8,10 @@
Notes:
Bugs:
upstream:
-linux-2.6:
+linux-2.6: pending (2.6.26-14) [bugfix/all/sctp-avoid-memory-overflow.patch]
2.6.18-etch-security:
2.6.24-etch-security:
-2.6.26-lenny-security:
+2.6.26-lenny-security: pending (2.6.26-14) [bugfix/all/sctp-avoid-memory-overflow.patch]
2.6.15-dapper-security:
2.6.22-gutsy-security:
2.6.24-hardy-security:
More information about the kernel-sec-discuss
mailing list