[kernel-sec-discuss] r1381 - active retired
Moritz Muehlenhoff
jmm at alioth.debian.org
Tue May 19 08:56:26 UTC 2009
Author: jmm
Date: 2009-05-19 08:56:26 +0000 (Tue, 19 May 2009)
New Revision: 1381
Added:
retired/CVE-2008-0598
retired/CVE-2008-2750
Removed:
active/CVE-2008-0598
active/CVE-2008-2750
Log:
retire issues
Deleted: active/CVE-2008-0598
===================================================================
--- active/CVE-2008-0598 2009-05-19 08:56:17 UTC (rev 1380)
+++ active/CVE-2008-0598 2009-05-19 08:56:26 UTC (rev 1381)
@@ -1,18 +0,0 @@
-Candidate: CVE-2008-0598
-Description:
-References:
- http://lkml.org/lkml/2008/6/25/157
- 42a886af728c089df8da1b0017b0e7e6c81b5335
- 64649a58919e66ec21792dbb6c48cb3da22cbd7f
-Ubuntu-Description:
-Notes:
-Bugs: 490910
-upstream: released (2.6.27-rc1)
-linux-2.6: released (2.6.26-4) [bugfix/x86-add-copy_user_handle_tail.patch, bugfix/x86-fix-copy_user.patch]
-2.6.18-etch-security: released (2.6.18.dfsg.1-22etch2) [bugfix/x86-add-copy_user_handle_tail.patch, bugfix/x86-fix-copy_user.patch, bugfix/x86-wrong-register-was-used-in-align-macro.patch]
-2.6.24-etch-security: released (2.6.24-6~etchnhalf.5) [bugfix/x86-add-copy_user_handle_tail.patch, bugfix/x86-fix-copy_user.patch, bugfix/x86-wrong-register-was-used-in-align-macro.patch]
-2.6.26-lenny-security: released (2.6.26-4) [bugfix/x86-add-copy_user_handle_tail.patch, bugfix/x86-fix-copy_user.patch]
-2.6.15-dapper-security: released (2.6.15-52.69)
-2.6.20-feisty-security: N/A
-2.6.22-gutsy-security: N/A
-2.6.24-hardy-security: N/A
Deleted: active/CVE-2008-2750
===================================================================
--- active/CVE-2008-2750 2009-05-19 08:56:17 UTC (rev 1380)
+++ active/CVE-2008-2750 2009-05-19 08:56:26 UTC (rev 1381)
@@ -1,21 +0,0 @@
-Candidate: CVE-2008-2750
-Description:
- The pppol2tp_recvmsg function in drivers/net/pppol2tp.c in the Linux
- kernel 2.6 before 2.6.26-rc6 allows remote attackers to cause a denial
- of service (kernel heap memory corruption and system crash) and possibly
- have unspecified other impact via a crafted PPPOL2TP packet that results
- in a large value for a certain length variable.
-References:
-Ubuntu-Description:
-Notes:
- kees> linux-2.6: 6b6707a50c7598a83820077393f8823ab791abf8
-Bugs:
-upstream: released (2.6.26-rc6)
-linux-2.6: released (2.6.26-1)
-2.6.18-etch-security: N/A "code added after 2.6.18"
-2.6.24-etch-security: released (2.6.24-6~etchnhalf.4) "bugfix/l2tp-pppol2tp_recvmsg-corruption.patch"
-2.6.26-lenny-security: N/A
-2.6.15-dapper-security: N/A
-2.6.20-feisty-security: N/A
-2.6.22-gutsy-security: N/A
-2.6.24-hardy-security: released (2.6.24-19.36)
Copied: retired/CVE-2008-0598 (from rev 1361, active/CVE-2008-0598)
===================================================================
--- retired/CVE-2008-0598 (rev 0)
+++ retired/CVE-2008-0598 2009-05-19 08:56:26 UTC (rev 1381)
@@ -0,0 +1,18 @@
+Candidate: CVE-2008-0598
+Description:
+References:
+ http://lkml.org/lkml/2008/6/25/157
+ 42a886af728c089df8da1b0017b0e7e6c81b5335
+ 64649a58919e66ec21792dbb6c48cb3da22cbd7f
+Ubuntu-Description:
+Notes:
+Bugs: 490910
+upstream: released (2.6.27-rc1)
+linux-2.6: released (2.6.26-4) [bugfix/x86-add-copy_user_handle_tail.patch, bugfix/x86-fix-copy_user.patch]
+2.6.18-etch-security: released (2.6.18.dfsg.1-22etch2) [bugfix/x86-add-copy_user_handle_tail.patch, bugfix/x86-fix-copy_user.patch, bugfix/x86-wrong-register-was-used-in-align-macro.patch]
+2.6.24-etch-security: released (2.6.24-6~etchnhalf.5) [bugfix/x86-add-copy_user_handle_tail.patch, bugfix/x86-fix-copy_user.patch, bugfix/x86-wrong-register-was-used-in-align-macro.patch]
+2.6.26-lenny-security: released (2.6.26-4) [bugfix/x86-add-copy_user_handle_tail.patch, bugfix/x86-fix-copy_user.patch]
+2.6.15-dapper-security: released (2.6.15-52.69)
+2.6.20-feisty-security: N/A
+2.6.22-gutsy-security: N/A
+2.6.24-hardy-security: N/A
Copied: retired/CVE-2008-2750 (from rev 1361, active/CVE-2008-2750)
===================================================================
--- retired/CVE-2008-2750 (rev 0)
+++ retired/CVE-2008-2750 2009-05-19 08:56:26 UTC (rev 1381)
@@ -0,0 +1,21 @@
+Candidate: CVE-2008-2750
+Description:
+ The pppol2tp_recvmsg function in drivers/net/pppol2tp.c in the Linux
+ kernel 2.6 before 2.6.26-rc6 allows remote attackers to cause a denial
+ of service (kernel heap memory corruption and system crash) and possibly
+ have unspecified other impact via a crafted PPPOL2TP packet that results
+ in a large value for a certain length variable.
+References:
+Ubuntu-Description:
+Notes:
+ kees> linux-2.6: 6b6707a50c7598a83820077393f8823ab791abf8
+Bugs:
+upstream: released (2.6.26-rc6)
+linux-2.6: released (2.6.26-1)
+2.6.18-etch-security: N/A "code added after 2.6.18"
+2.6.24-etch-security: released (2.6.24-6~etchnhalf.4) "bugfix/l2tp-pppol2tp_recvmsg-corruption.patch"
+2.6.26-lenny-security: N/A
+2.6.15-dapper-security: N/A
+2.6.20-feisty-security: N/A
+2.6.22-gutsy-security: N/A
+2.6.24-hardy-security: released (2.6.24-19.36)
More information about the kernel-sec-discuss
mailing list