[kernel-sec-discuss] r1306 - active

dannf at alioth.debian.org dannf at alioth.debian.org
Mon Mar 9 14:58:41 UTC 2009


Author: dannf
Date: 2009-03-09 14:58:41 +0000 (Mon, 09 Mar 2009)
New Revision: 1306

Modified:
   active/CVE-2009-0028
   active/CVE-2009-0675
   active/CVE-2009-0745
   active/CVE-2009-0746
   active/CVE-2009-0747
   active/CVE-2009-0748
Log:
debian updates

Modified: active/CVE-2009-0028
===================================================================
--- active/CVE-2009-0028	2009-03-04 11:53:31 UTC (rev 1305)
+++ active/CVE-2009-0028	2009-03-09 14:58:41 UTC (rev 1306)
@@ -1,14 +1,18 @@
 Candidate: CVE-2009-0028
 Description:
+ The clone system call in the Linux kernel 2.6.28 and earlier allows local
+ users to send arbitrary signals to a parent process from an unprivileged
+ child process by launching an additional child process with the CLONE_PARENT
+ flag, and then letting this new process exit. 
 References:
 Ubuntu-Description:
 Notes:
 Bugs:
 upstream:
 linux-2.6:
-2.6.18-etch-security:
-2.6.24-etch-security:
-2.6.26-lenny-security:
+2.6.18-etch-security: ignored "No upstream fix"
+2.6.24-etch-security: ignored "No upstream fix"
+2.6.26-lenny-security: ignored "No upstream fix"
 2.6.15-dapper-security:
 2.6.22-gutsy-security:
 2.6.24-hardy-security:

Modified: active/CVE-2009-0675
===================================================================
--- active/CVE-2009-0675	2009-03-04 11:53:31 UTC (rev 1305)
+++ active/CVE-2009-0675	2009-03-09 14:58:41 UTC (rev 1306)
@@ -22,7 +22,7 @@
 linux-2.6: needed
 2.6.18-etch-security:
 2.6.24-etch-security:
-2.6.26-lenny-security:
+2.6.26-lenny-security: pending (2.6.26-13lenny2) [bugfix/all/skfp-fix-inverted-cap-logic.patch]
 2.6.15-dapper-security:
 2.6.22-gutsy-security:
 2.6.24-hardy-security:

Modified: active/CVE-2009-0745
===================================================================
--- active/CVE-2009-0745	2009-03-04 11:53:31 UTC (rev 1305)
+++ active/CVE-2009-0745	2009-03-09 14:58:41 UTC (rev 1306)
@@ -17,12 +17,14 @@
  jmm> obscure, I don't think we should spend energy on this. Dann,
  jmm> if you don't object I'll mark this as "unimportant" in the
  jmm> security tracker
+ dannf> Yeah, certainly unimportant, but I'll apply anyway since it
+ dannf> applies trivially
 Bugs:
 upstream: released (2.6.28.7)
-linux-2.6: needed
-2.6.18-etch-security: N/A
+linux-2.6: pending (2.6.28-2) [bugfix/all/stable/2.6.28.7.patch]
+2.6.18-etch-security: N/A "code not present"
 2.6.24-etch-security:
-2.6.26-lenny-security:
+2.6.26-lenny-security: pending (2.6.26-13lenny2) [bugfix/all/ext4-initialize-the-new-group-descriptor-when-resizing-the-filesystem.patch]
 2.6.15-dapper-security:
 2.6.22-gutsy-security:
 2.6.24-hardy-security:

Modified: active/CVE-2009-0746
===================================================================
--- active/CVE-2009-0746	2009-03-04 11:53:31 UTC (rev 1305)
+++ active/CVE-2009-0746	2009-03-09 14:58:41 UTC (rev 1306)
@@ -17,10 +17,10 @@
  jmm> security tracker
 Bugs:
 upstream: released (2.6.28.7)
-linux-2.6: needed
+linux-2.6: pending (2.6.28-2) [bugfix/all/stable/2.6.28.7.patch]
 2.6.18-etch-security: N/A
 2.6.24-etch-security:
-2.6.26-lenny-security:
+2.6.26-lenny-security: pending (2.6.26-13lenny2) [bugfix/all/ext4-add-sanity-check-to-make_indexed_dir.patch]
 2.6.15-dapper-security:
 2.6.22-gutsy-security:
 2.6.24-hardy-security:

Modified: active/CVE-2009-0747
===================================================================
--- active/CVE-2009-0747	2009-03-04 11:53:31 UTC (rev 1305)
+++ active/CVE-2009-0747	2009-03-09 14:58:41 UTC (rev 1306)
@@ -19,10 +19,10 @@
  jmm> security tracker
 Bugs:
 upstream: released (2.6.28.7)
-linux-2.6: needed
+linux-2.6: pending (2.6.28-2) [bugfix/all/stable/2.6.28.7.patch]
 2.6.18-etch-security: N/A
 2.6.24-etch-security:
-2.6.26-lenny-security:
+2.6.26-lenny-security: pending (2.6.26-13lenny2) [bugfix/all/ext4-only-use-i_size_high-for-regular-files.patch]
 2.6.15-dapper-security:
 2.6.22-gutsy-security:
 2.6.24-hardy-security:

Modified: active/CVE-2009-0748
===================================================================
--- active/CVE-2009-0748	2009-03-04 11:53:31 UTC (rev 1305)
+++ active/CVE-2009-0748	2009-03-09 14:58:41 UTC (rev 1306)
@@ -14,10 +14,10 @@
  jmm> security tracker
 Bugs:
 upstream: released (2.6.28.7)
-linux-2.6: needed
+linux-2.6: pending (2.6.28-2) [bugfix/all/stable/2.6.28.7.patch]
 2.6.18-etch-security: N/A
 2.6.24-etch-security:
-2.6.26-lenny-security:
+2.6.26-lenny-security: pending (2.6.26-13lenny2) [bugfix/all/ext4-add-sanity-checks-for-the-superblock-before-mounting.patch]
 2.6.15-dapper-security:
 2.6.22-gutsy-security:
 2.6.24-hardy-security:




More information about the kernel-sec-discuss mailing list