[kernel-sec-discuss] r1306 - active
dannf at alioth.debian.org
dannf at alioth.debian.org
Mon Mar 9 14:58:41 UTC 2009
Author: dannf
Date: 2009-03-09 14:58:41 +0000 (Mon, 09 Mar 2009)
New Revision: 1306
Modified:
active/CVE-2009-0028
active/CVE-2009-0675
active/CVE-2009-0745
active/CVE-2009-0746
active/CVE-2009-0747
active/CVE-2009-0748
Log:
debian updates
Modified: active/CVE-2009-0028
===================================================================
--- active/CVE-2009-0028 2009-03-04 11:53:31 UTC (rev 1305)
+++ active/CVE-2009-0028 2009-03-09 14:58:41 UTC (rev 1306)
@@ -1,14 +1,18 @@
Candidate: CVE-2009-0028
Description:
+ The clone system call in the Linux kernel 2.6.28 and earlier allows local
+ users to send arbitrary signals to a parent process from an unprivileged
+ child process by launching an additional child process with the CLONE_PARENT
+ flag, and then letting this new process exit.
References:
Ubuntu-Description:
Notes:
Bugs:
upstream:
linux-2.6:
-2.6.18-etch-security:
-2.6.24-etch-security:
-2.6.26-lenny-security:
+2.6.18-etch-security: ignored "No upstream fix"
+2.6.24-etch-security: ignored "No upstream fix"
+2.6.26-lenny-security: ignored "No upstream fix"
2.6.15-dapper-security:
2.6.22-gutsy-security:
2.6.24-hardy-security:
Modified: active/CVE-2009-0675
===================================================================
--- active/CVE-2009-0675 2009-03-04 11:53:31 UTC (rev 1305)
+++ active/CVE-2009-0675 2009-03-09 14:58:41 UTC (rev 1306)
@@ -22,7 +22,7 @@
linux-2.6: needed
2.6.18-etch-security:
2.6.24-etch-security:
-2.6.26-lenny-security:
+2.6.26-lenny-security: pending (2.6.26-13lenny2) [bugfix/all/skfp-fix-inverted-cap-logic.patch]
2.6.15-dapper-security:
2.6.22-gutsy-security:
2.6.24-hardy-security:
Modified: active/CVE-2009-0745
===================================================================
--- active/CVE-2009-0745 2009-03-04 11:53:31 UTC (rev 1305)
+++ active/CVE-2009-0745 2009-03-09 14:58:41 UTC (rev 1306)
@@ -17,12 +17,14 @@
jmm> obscure, I don't think we should spend energy on this. Dann,
jmm> if you don't object I'll mark this as "unimportant" in the
jmm> security tracker
+ dannf> Yeah, certainly unimportant, but I'll apply anyway since it
+ dannf> applies trivially
Bugs:
upstream: released (2.6.28.7)
-linux-2.6: needed
-2.6.18-etch-security: N/A
+linux-2.6: pending (2.6.28-2) [bugfix/all/stable/2.6.28.7.patch]
+2.6.18-etch-security: N/A "code not present"
2.6.24-etch-security:
-2.6.26-lenny-security:
+2.6.26-lenny-security: pending (2.6.26-13lenny2) [bugfix/all/ext4-initialize-the-new-group-descriptor-when-resizing-the-filesystem.patch]
2.6.15-dapper-security:
2.6.22-gutsy-security:
2.6.24-hardy-security:
Modified: active/CVE-2009-0746
===================================================================
--- active/CVE-2009-0746 2009-03-04 11:53:31 UTC (rev 1305)
+++ active/CVE-2009-0746 2009-03-09 14:58:41 UTC (rev 1306)
@@ -17,10 +17,10 @@
jmm> security tracker
Bugs:
upstream: released (2.6.28.7)
-linux-2.6: needed
+linux-2.6: pending (2.6.28-2) [bugfix/all/stable/2.6.28.7.patch]
2.6.18-etch-security: N/A
2.6.24-etch-security:
-2.6.26-lenny-security:
+2.6.26-lenny-security: pending (2.6.26-13lenny2) [bugfix/all/ext4-add-sanity-check-to-make_indexed_dir.patch]
2.6.15-dapper-security:
2.6.22-gutsy-security:
2.6.24-hardy-security:
Modified: active/CVE-2009-0747
===================================================================
--- active/CVE-2009-0747 2009-03-04 11:53:31 UTC (rev 1305)
+++ active/CVE-2009-0747 2009-03-09 14:58:41 UTC (rev 1306)
@@ -19,10 +19,10 @@
jmm> security tracker
Bugs:
upstream: released (2.6.28.7)
-linux-2.6: needed
+linux-2.6: pending (2.6.28-2) [bugfix/all/stable/2.6.28.7.patch]
2.6.18-etch-security: N/A
2.6.24-etch-security:
-2.6.26-lenny-security:
+2.6.26-lenny-security: pending (2.6.26-13lenny2) [bugfix/all/ext4-only-use-i_size_high-for-regular-files.patch]
2.6.15-dapper-security:
2.6.22-gutsy-security:
2.6.24-hardy-security:
Modified: active/CVE-2009-0748
===================================================================
--- active/CVE-2009-0748 2009-03-04 11:53:31 UTC (rev 1305)
+++ active/CVE-2009-0748 2009-03-09 14:58:41 UTC (rev 1306)
@@ -14,10 +14,10 @@
jmm> security tracker
Bugs:
upstream: released (2.6.28.7)
-linux-2.6: needed
+linux-2.6: pending (2.6.28-2) [bugfix/all/stable/2.6.28.7.patch]
2.6.18-etch-security: N/A
2.6.24-etch-security:
-2.6.26-lenny-security:
+2.6.26-lenny-security: pending (2.6.26-13lenny2) [bugfix/all/ext4-add-sanity-checks-for-the-superblock-before-mounting.patch]
2.6.15-dapper-security:
2.6.22-gutsy-security:
2.6.24-hardy-security:
More information about the kernel-sec-discuss
mailing list