[kernel-sec-discuss] r1814 - active

[Michael Gilbert]

Author: gilbert-guest
Date: 2010-04-18 03:09:59 +0000 (Sun, 18 Apr 2010)
New Revision: 1814

Modified:
   active/CVE-2010-1146
   active/CVE-2010-hvc-race
   active/CVE-2010-thinkpad-dos
Log:
info

Modified: active/CVE-2010-1146
===================================================================
--- active/CVE-2010-1146	2010-04-17 22:14:48 UTC (rev 1813)
+++ active/CVE-2010-1146	2010-04-18 03:09:59 UTC (rev 1814)
@@ -9,6 +9,6 @@
 Bugs:
 upstream: needed
 2.6.32-upstream-stable: needed
-linux-2.6: needed
+linux-2.6: pending (2.6.32-12) [bugfix/all/reiserfs-fix-permissions-on-reiserfs_priv.patch]
 2.6.26-lenny-security: N/A "introduced in 2.6.30 commit 677c9b2e"
-2.6.32-squeeze-security: needed
+2.6.32-squeeze-security: pending (2.6.32-12) [bugfix/all/reiserfs-fix-permissions-on-reiserfs_priv.patch]

Modified: active/CVE-2010-hvc-race
===================================================================
--- active/CVE-2010-hvc-race	2010-04-17 22:14:48 UTC (rev 1813)
+++ active/CVE-2010-hvc-race	2010-04-18 03:09:59 UTC (rev 1814)
@@ -4,6 +4,8 @@
 References:
  http://www.openwall.com/lists/oss-security/2010/03/04/3
 Notes:
+ hvc driver not enabled by default in 2.6.26, and hvc_console not enabled by default
+ in 2.6.32.  is effort spent on features that are disabled by default?
 Bugs:
 upstream: released (2.6.34-rc2) [e74d098c]
 2.6.32-upstream-stable: needed

Modified: active/CVE-2010-thinkpad-dos
===================================================================
--- active/CVE-2010-thinkpad-dos	2010-04-17 22:14:48 UTC (rev 1813)
+++ active/CVE-2010-thinkpad-dos	2010-04-18 03:09:59 UTC (rev 1814)
@@ -7,6 +7,7 @@
  vulnerable ibm_init() code not present in < 2.6.33; would just the
  addition of the CAP_SYS_ADMIN checks be sufficient?
 Bugs:
+ http://bugs.debian.org/565790 
 upstream: released (2.6.34-rc1) [b525c06c]
 2.6.32-upstream-stable: needed 
 linux-2.6: needed