[kernel-sec-discuss] r1601 - active retired
Michael Gilbert
gilbert-guest at alioth.debian.org
Mon Nov 16 21:02:29 UTC 2009
Author: gilbert-guest
Date: 2009-11-16 21:02:27 +0000 (Mon, 16 Nov 2009)
New Revision: 1601
Modified:
active/CVE-2009-2584
active/CVE-2009-2691
active/CVE-2009-3621
retired/CVE-2009-2848
Log:
updates
Modified: active/CVE-2009-2584
===================================================================
--- active/CVE-2009-2584 2009-11-16 19:34:06 UTC (rev 1600)
+++ active/CVE-2009-2584 2009-11-16 21:02:27 UTC (rev 1601)
@@ -15,12 +15,8 @@
- the patch is still not applied upstream so i've sent a message upstream to lkml:
http://lkml.org/lkml/2009/11/4/538
Bugs:
-upstream: pending (2.6.32-rc7) [d39b7dd1dcbf394a1cb897457c862dafe9a20ac5]
-linux-2.6: needed
+upstream: released (2.6.32-rc7) [d39b7dd1dcbf394a1cb897457c862dafe9a20ac5], released (2.6.31.6) [42d7bdfc3320039bb9310703d6475a62f5c74772]
+linux-2.6: 3.6.31-2
2.6.18-etch-security: N/A "code not present"
2.6.24-etch-security: N/A "code not present"
2.6.26-lenny-security: N/A "code not present"
-2.6.15-dapper-security:
-2.6.22-gutsy-security:
-2.6.24-hardy-security:
-2.6.27-intrepid-security:
Modified: active/CVE-2009-2691
===================================================================
--- active/CVE-2009-2691 2009-11-16 19:34:06 UTC (rev 1600)
+++ active/CVE-2009-2691 2009-11-16 21:02:27 UTC (rev 1601)
@@ -9,8 +9,8 @@
<dannf> lenny is vulnerable, but the upstream fix works by using a mutex
construct that didn't exist until after 2.6.27
Bugs:
-upstream: released (2.6.31-rc6) [13f0fea, 00f89d2, 704b836]
-linux-2.6: released (2.6.31-1)
+upstream: released (2.6.31-rc6) [13f0fea, 00f89d2, 704b836], released (2.6.30.5) [95d7e670e3158b6a52a8279290a0d6f7047250b4, 17dc3e97d6d51df33cb6e35fabb62b91ef14cf2c, c6d59cb0341e2c3aed3eb65cbf166a686c3443aa]
+linux-2.6: released (2.6.30-7)
2.6.18-etch-security: ignored (2.6.18.dfsg.1-24etch4) "needs port"
2.6.24-etch-security:
2.6.26-lenny-security: ignored (2.6.26-19) "needs port"
Modified: active/CVE-2009-3621
===================================================================
--- active/CVE-2009-3621 2009-11-16 19:34:06 UTC (rev 1600)
+++ active/CVE-2009-3621 2009-11-16 21:02:27 UTC (rev 1601)
@@ -6,8 +6,8 @@
http://www.openwall.com/lists/oss-security/2009/10/19/2
Notes:
Bugs:
-upstream: released (2.6.32-rc6) [77238f2b942b38ab4e7f3aced44084493e4a8675]
-linux-2.6: needed
+upstream: released (2.6.32-rc6) [77238f2b942b38ab4e7f3aced44084493e4a8675], released (2.6.31.6) [027590f053888a282d09f420a39ad08a17dda76f]
+linux-2.6: 2.6.31-2
2.6.18-etch-security: released (2.6.18.dfsg.1-26etch1) [bugfix/all/af_unix-fix-deadlock-on-connecting-to-shutdown-socket.patch]
2.6.24-etch-security: released (2.6.24-6~etchnhalf.9etch1) [bugfix/all/af_unix-fix-deadlock-on-connecting-to-shutdown-socket.patch]
2.6.26-lenny-security: released (2.6.26-19lenny2) [bugfix/all/af_unix-fix-deadlock-on-connecting-to-shutdown-socket.patch]
Modified: retired/CVE-2009-2848
===================================================================
--- retired/CVE-2009-2848 2009-11-16 19:34:06 UTC (rev 1600)
+++ retired/CVE-2009-2848 2009-11-16 21:02:27 UTC (rev 1601)
@@ -7,8 +7,8 @@
Ubuntu-Description:
Notes:
Bugs:
-upstream: released (2.6.31) [9c8a8228d0827e0d91d28527209988f672f97d28]
-linux-2.6: released (2.6.31-1)
+upstream: released (2.6.31) [9c8a8228d0827e0d91d28527209988f672f97d28], released (2.6.30.5) [36bd78649e79b5689d263e51eec98e965c43ca3a]
+linux-2.6: released (2.6.30-7)
2.6.18-etch-security: released (2.6.18.dfsg.1-24etch4) [bugfix/all/execve-must-clear-current-clear_child_tid.patch]
2.6.24-etch-security: released (2.6.24-6~etchnhalf.9etch1) [bugfix/all/execve-must-clear-current-clear_child_tid.patch]
2.6.26-lenny-security: released (2.6.26-19) [bugfix/all/execve-must-clear-current-clear_child_tid.patch]
More information about the kernel-sec-discuss
mailing list