[kernel-sec-discuss] r1565 - active

Dann Frazier dannf at alioth.debian.org
Wed Nov 4 20:05:25 UTC 2009 

Author: dannf
Date: 2009-11-04 20:05:25 +0000 (Wed, 04 Nov 2009)
New Revision: 1565

Modified:
   active/CVE-2009-3547
   active/CVE-2009-3638
   active/CVE-2009-3640
   active/CVE-2009-3725
Log:
status updates


Modified: active/CVE-2009-3547
===================================================================
--- active/CVE-2009-3547	2009-11-04 19:20:20 UTC (rev 1564)
+++ active/CVE-2009-3547	2009-11-04 20:05:25 UTC (rev 1565)
@@ -17,5 +17,5 @@
 upstream: pending [ad3960243e55320d74195fb85c975e0a8cc4466c]
 linux-2.6: needed
 2.6.18-etch-security: needed
-2.6.24-etch-security: needed
-2.6.26-lenny-security: needed
+2.6.24-etch-security: pending (2.6.24-6~etchnhalf.8etch4) [bugfix/all/fs-pipe-null-pointer-dereference.patch]
+2.6.26-lenny-security: pending (2.6.26-19lenny2) [bugfix/all/fs-pipe-null-pointer-dereference.patch]

Modified: active/CVE-2009-3638
===================================================================
--- active/CVE-2009-3638	2009-11-04 19:20:20 UTC (rev 1564)
+++ active/CVE-2009-3638	2009-11-04 20:05:25 UTC (rev 1565)
@@ -12,4 +12,4 @@
 linux-2.6: released (2.6.31-1)
 2.6.18-etch-security: N/A "introduced in 2.6.25"
 2.6.24-etch-security: N/A "introduced in 2.6.25"
-2.6.26-lenny-security: needed
+2.6.26-lenny-security: pending (2.6.26-19lenny2) [bugfix/x86/kvm-prevent-overflow-in-KVM_GET_SUPPORTED_CPUID.patch]

Modified: active/CVE-2009-3640
===================================================================
--- active/CVE-2009-3640	2009-11-04 19:20:20 UTC (rev 1564)
+++ active/CVE-2009-3640	2009-11-04 20:05:25 UTC (rev 1565)
@@ -9,6 +9,6 @@
 Bugs:
 upstream: released (2.6.32-rc1) [88c808fd42b53a7e01a2ac3253ef31fef74cb5af]
 linux-2.6: needed
-2.6.18-etch-security: N/A "introduced in 2.6.25"
-2.6.24-etch-security: N/A "introduced in 2.6.25"
-2.6.26-lenny-security: needed
+2.6.18-etch-security: N/A "no kvm"
+2.6.24-etch-security: N/A "no kvm"
+2.6.26-lenny-security: ignored (2.6.26-19lenny2) "unclear if affected, code has changed a lot"

Modified: active/CVE-2009-3725
===================================================================
--- active/CVE-2009-3725	2009-11-04 19:20:20 UTC (rev 1564)
+++ active/CVE-2009-3725	2009-11-04 20:05:25 UTC (rev 1565)
@@ -11,6 +11,6 @@
 Bugs:
 upstream: released (2.6.31-rc1,2.6.31-rc3), pending (staging)
 linux-2.6:
-2.6.18-etch-security:
-2.6.24-etch-security:
-2.6.26-lenny-security:
+2.6.18-etch-security: N/A
+2.6.24-etch-security: needed "upstream fix requires API changes"
+2.6.26-lenny-security: needed "upstream fix requires API changes"

More information about the kernel-sec-discuss mailing list