[kernel-sec-discuss] r1379 - active retired
Moritz Muehlenhoff
jmm at alioth.debian.org
Tue May 19 08:52:02 UTC 2009
Author: jmm
Date: 2009-05-19 08:52:02 +0000 (Tue, 19 May 2009)
New Revision: 1379
Added:
retired/CVE-2008-2358
retired/CVE-2008-2931
retired/CVE-2008-3077
Removed:
active/CVE-2008-2358
active/CVE-2008-2931
active/CVE-2008-3077
Log:
retire issues
Deleted: active/CVE-2008-2358
===================================================================
--- active/CVE-2008-2358 2009-05-19 08:48:41 UTC (rev 1378)
+++ active/CVE-2008-2358 2009-05-19 08:52:02 UTC (rev 1379)
@@ -1,23 +0,0 @@
-Candidate: CVE-2008-2358
-Description:
- The Datagram Congestion Control Protocol (DCCP) subsystem in the Linux
- kernel 2.6.18, and probably other versions, does not properly check
- feature lengths, which might allow remote attackers to execute arbitrary
- code, related to an unspecified "overflow."
-References:
-Ubuntu-Description:
-Notes:
- kees> linux-2.6: 19443178fbfbf40db15c86012fc37df1a44ab857
- dannf> Only effects 2.6.17-2.6.19, between
- dannf> afe00251dd9b53d51de91ff0099961f42bbf3754 and
- dannf> c02fdc0e81e9c735d8d895af1e201b235df326d8
-Bugs:
-upstream: released (2.6.26)
-linux-2.6: released (2.6.26-1)
-2.6.18-etch-security: released (2.6.18.dfsg.1-18etch6) [bugfix/dccp-feature-length-check.patch]
-2.6.24-etch-security: N/A
-2.6.26-lenny-security: N/A
-2.6.15-dapper-security: N/A
-2.6.20-feisty-security: released (2.6.20-17.37)
-2.6.22-gutsy-security: released (2.6.22-15.56)
-2.6.24-hardy-security: released (2.6.24-19.36)
Deleted: active/CVE-2008-2931
===================================================================
--- active/CVE-2008-2931 2009-05-19 08:48:41 UTC (rev 1378)
+++ active/CVE-2008-2931 2009-05-19 08:52:02 UTC (rev 1379)
@@ -1,18 +0,0 @@
-Candidate: CVE-2008-2931
-Description:
-References:
- http://article.gmane.org/gmane.comp.security.oss.general/630
- https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2008-2931
-Ubuntu-Description:
-Notes:
-Bugs:
-upstream: released (2.6.21)
-linux-2.6: N/A
-2.6.18-etch-security: released (2.6.18.dfsg.1-22etch1) [bugfix/check-privileges-before-setting-mount-propagation.patch]
-2.6.24-etch-security: N/A
-2.6.26-lenny-security: N/A
-2.6.15-dapper-security: released (2.6.15-52.71)
-2.6.20-feisty-security: released (2.6.20-17.39)
-2.6.22-gutsy-security: N/A
-2.6.24-hardy-security: N/A
-2.6.27-intrepid-security: N/A
Deleted: active/CVE-2008-3077
===================================================================
--- active/CVE-2008-3077 2009-05-19 08:48:41 UTC (rev 1378)
+++ active/CVE-2008-3077 2009-05-19 08:52:02 UTC (rev 1379)
@@ -1,18 +0,0 @@
-Candidate: CVE-2008-3077
-Description:
-References:
- http://git.kernel.org/?p=linux/kernel/git/stable/linux-2.6.25.y.git;a=commitdiff;h=1e9a615bfce7996ea4d815d45d364b47ac6a74e8
-Ubuntu-Description:
-Notes:
- dannf> 2.6.25-specific
-Bugs:
-upstream: released (2.6.25.10, 2.6.26)
-linux-2.6: N/A
-2.6.18-etch-security: N/A
-2.6.24-etch-security: N/A
-2.6.26-lenny-security: N/A
-2.6.15-dapper-security: N/A
-2.6.20-feisty-security: N/A
-2.6.22-gutsy-security: N/A
-2.6.24-hardy-security: N/A
-2.6.27-intrepid-security: N/A
Copied: retired/CVE-2008-2358 (from rev 1361, active/CVE-2008-2358)
===================================================================
--- retired/CVE-2008-2358 (rev 0)
+++ retired/CVE-2008-2358 2009-05-19 08:52:02 UTC (rev 1379)
@@ -0,0 +1,23 @@
+Candidate: CVE-2008-2358
+Description:
+ The Datagram Congestion Control Protocol (DCCP) subsystem in the Linux
+ kernel 2.6.18, and probably other versions, does not properly check
+ feature lengths, which might allow remote attackers to execute arbitrary
+ code, related to an unspecified "overflow."
+References:
+Ubuntu-Description:
+Notes:
+ kees> linux-2.6: 19443178fbfbf40db15c86012fc37df1a44ab857
+ dannf> Only effects 2.6.17-2.6.19, between
+ dannf> afe00251dd9b53d51de91ff0099961f42bbf3754 and
+ dannf> c02fdc0e81e9c735d8d895af1e201b235df326d8
+Bugs:
+upstream: released (2.6.26)
+linux-2.6: released (2.6.26-1)
+2.6.18-etch-security: released (2.6.18.dfsg.1-18etch6) [bugfix/dccp-feature-length-check.patch]
+2.6.24-etch-security: N/A
+2.6.26-lenny-security: N/A
+2.6.15-dapper-security: N/A
+2.6.20-feisty-security: released (2.6.20-17.37)
+2.6.22-gutsy-security: released (2.6.22-15.56)
+2.6.24-hardy-security: released (2.6.24-19.36)
Copied: retired/CVE-2008-2931 (from rev 1361, active/CVE-2008-2931)
===================================================================
--- retired/CVE-2008-2931 (rev 0)
+++ retired/CVE-2008-2931 2009-05-19 08:52:02 UTC (rev 1379)
@@ -0,0 +1,18 @@
+Candidate: CVE-2008-2931
+Description:
+References:
+ http://article.gmane.org/gmane.comp.security.oss.general/630
+ https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2008-2931
+Ubuntu-Description:
+Notes:
+Bugs:
+upstream: released (2.6.21)
+linux-2.6: N/A
+2.6.18-etch-security: released (2.6.18.dfsg.1-22etch1) [bugfix/check-privileges-before-setting-mount-propagation.patch]
+2.6.24-etch-security: N/A
+2.6.26-lenny-security: N/A
+2.6.15-dapper-security: released (2.6.15-52.71)
+2.6.20-feisty-security: released (2.6.20-17.39)
+2.6.22-gutsy-security: N/A
+2.6.24-hardy-security: N/A
+2.6.27-intrepid-security: N/A
Copied: retired/CVE-2008-3077 (from rev 1361, active/CVE-2008-3077)
===================================================================
--- retired/CVE-2008-3077 (rev 0)
+++ retired/CVE-2008-3077 2009-05-19 08:52:02 UTC (rev 1379)
@@ -0,0 +1,18 @@
+Candidate: CVE-2008-3077
+Description:
+References:
+ http://git.kernel.org/?p=linux/kernel/git/stable/linux-2.6.25.y.git;a=commitdiff;h=1e9a615bfce7996ea4d815d45d364b47ac6a74e8
+Ubuntu-Description:
+Notes:
+ dannf> 2.6.25-specific
+Bugs:
+upstream: released (2.6.25.10, 2.6.26)
+linux-2.6: N/A
+2.6.18-etch-security: N/A
+2.6.24-etch-security: N/A
+2.6.26-lenny-security: N/A
+2.6.15-dapper-security: N/A
+2.6.20-feisty-security: N/A
+2.6.22-gutsy-security: N/A
+2.6.24-hardy-security: N/A
+2.6.27-intrepid-security: N/A
More information about the kernel-sec-discuss
mailing list