[kernel-sec-discuss] r2068 - active

Dann Frazier dannf at alioth.debian.org
Wed Dec 8 07:34:01 UTC 2010 

Author: dannf
Date: 2010-12-08 07:33:45 +0000 (Wed, 08 Dec 2010)
New Revision: 2068

Modified:
   active/CVE-2010-0435
   active/CVE-2010-3861
   active/CVE-2010-3874
   active/CVE-2010-3881
   active/CVE-2010-4072
   active/CVE-2010-4073
   active/CVE-2010-4079
   active/CVE-2010-4083
   active/CVE-2010-4162
   active/CVE-2010-4163
   active/CVE-2010-4169
   active/CVE-2010-4258
Log:
status updates

Modified: active/CVE-2010-0435
===================================================================
--- active/CVE-2010-0435	2010-12-07 09:49:29 UTC (rev 2067)
+++ active/CVE-2010-0435	2010-12-08 07:33:45 UTC (rev 2068)
@@ -9,7 +9,7 @@
  jmm> combination with the plethora of KVM patches added by Red Hat?
 Bugs:
 upstream:
-2.6.32-upstream-stable:
-linux-2.6:
+2.6.32-upstream-stable: pending (2.6.32.27)
+linux-2.6: pending (2.6.32-29) [bugfix/all/stable/2.6.32.27-rc1.patch]
 2.6.26-lenny-security:
-2.6.32-squeeze-security:
+2.6.32-squeeze-security: pending (2.6.32-29) [bugfix/all/stable/2.6.32.27-rc1.patch]

Modified: active/CVE-2010-3861
===================================================================
--- active/CVE-2010-3861	2010-12-07 09:49:29 UTC (rev 2067)
+++ active/CVE-2010-3861	2010-12-08 07:33:45 UTC (rev 2068)
@@ -5,7 +5,7 @@
  jmm> ae6df5f96a51818d6376da5307d773baeece4014
 Bugs:
 upstream: released (2.6.36)
-2.6.32-upstream-stable:
-linux-2.6: pending (2.6.32-29) [bugfix/all/net-clear-heap-allocation-for-ETHTOOL_GRXCLSRLALL.patch]
+2.6.32-upstream-stable: pending (2.6.32.27)
+linux-2.6: pending (2.6.32-29) [bugfix/all/stable/2.6.32.27-rc1.patch]
 2.6.26-lenny-security: N/A (Introduced in 2.6.27)
-2.6.32-squeeze-security: pending (2.6.32-29) [bugfix/all/net-clear-heap-allocation-for-ETHTOOL_GRXCLSRLALL.patch]
+2.6.32-squeeze-security: pending (2.6.32-29) [bugfix/all/stable/2.6.32.27-rc1.patch]

Modified: active/CVE-2010-3874
===================================================================
--- active/CVE-2010-3874	2010-12-07 09:49:29 UTC (rev 2067)
+++ active/CVE-2010-3874	2010-12-08 07:33:45 UTC (rev 2068)
@@ -6,7 +6,7 @@
  jmm> This is hardly a security issue...
 Bugs:
 upstream: released (2.6.37-rc2) [0597d1b]
-2.6.32-upstream-stable: needed "dannf asked davem about it on 2010.11.20"
-linux-2.6: needed
+2.6.32-upstream-stable: pending (2.6.32.27)
+linux-2.6: pending (2.6.32-29) [bugfix/all/stable/2.6.32.27-rc1.patch]
 2.6.26-lenny-security: released (2.6.26-26lenny1) [bugfix/all/can-bcm-fix-minor-heap-overflow.patch]
-2.6.32-squeeze-security: needed
+2.6.32-squeeze-security: pending (2.6.32-29) [bugfix/all/stable/2.6.32.27-rc1.patch]

Modified: active/CVE-2010-3881
===================================================================
--- active/CVE-2010-3881	2010-12-07 09:49:29 UTC (rev 2067)
+++ active/CVE-2010-3881	2010-12-08 07:33:45 UTC (rev 2068)
@@ -5,7 +5,7 @@
  jmm> 97e69aa62f8b5d338d6cff49be09e37cc1262838
 Bugs: 
 upstream: needed
-2.6.32-upstream-stable: needed
-linux-2.6: needed
+2.6.32-upstream-stable: pending (2.6.32.27)
+linux-2.6: pending (2.6.32-29) [bugfix/all/stable/2.6.32.27-rc1.patch]
 2.6.26-lenny-security: N/A "structures didn't exist in lenny (nor in lenny's kvm-source pkg)"
-2.6.32-squeeze-security: needed
+2.6.32-squeeze-security: pending (2.6.32-29) [bugfix/all/stable/2.6.32.27-rc1.patch]

Modified: active/CVE-2010-4072
===================================================================
--- active/CVE-2010-4072	2010-12-07 09:49:29 UTC (rev 2067)
+++ active/CVE-2010-4072	2010-12-08 07:33:45 UTC (rev 2068)
@@ -6,7 +6,7 @@
  jmm> 3af54c9bd9e6f14f896aac1bb0e8405ae0bc7a44
 Bugs:
 upstream: released (2.6.37-rc1)
-2.6.32-upstream-stable: needed "stable@ was CCed"
-linux-2.6: needed
+2.6.32-upstream-stable: pending (2.6.32.27)
+linux-2.6: pending (2.6.32-29) [bugfix/all/stable/2.6.32.27-rc1.patch]
 2.6.26-lenny-security: released (2.6.26-26lenny1) [bugfix/all/ipc-shm-fix-information-leak-to-userland.patch]
-2.6.32-squeeze-security: needed
+2.6.32-squeeze-security: pending (2.6.32-29) [bugfix/all/stable/2.6.32.27-rc1.patch]

Modified: active/CVE-2010-4073
===================================================================
--- active/CVE-2010-4073	2010-12-07 09:49:29 UTC (rev 2067)
+++ active/CVE-2010-4073	2010-12-08 07:33:45 UTC (rev 2068)
@@ -6,7 +6,7 @@
  jmm> 03145beb455cf5c20a761e8451e30b8a74ba58d9
 Bugs:
 upstream: released (2.6.37-rc1)
-2.6.32-upstream-stable: needed (stable@ was CCed)
-linux-2.6: needed
+2.6.32-upstream-stable: pending (2.6.32.27)
+linux-2.6: pending (2.6.32-29) [bugfix/all/stable/2.6.32.27-rc1.patch]
 2.6.26-lenny-security: released (2.6.26-26lenny1) [bugfix/all/ipc-initialize-structure-memory-to-zero-for-compat-functions.patch]
-2.6.32-squeeze-security: needed
+2.6.32-squeeze-security: pending (2.6.32-29) [bugfix/all/stable/2.6.32.27-rc1.patch]

Modified: active/CVE-2010-4079
===================================================================
--- active/CVE-2010-4079	2010-12-07 09:49:29 UTC (rev 2067)
+++ active/CVE-2010-4079	2010-12-08 07:33:45 UTC (rev 2068)
@@ -4,7 +4,7 @@
 Notes:
 Bugs:
 upstream: released (2.6.36) [405707985594169cfd0b1d97d29fcb4b4c6f2ac9]
-2.6.32-upstream-stable: needed
-linux-2.6: needed
+2.6.32-upstream-stable: pending (2.6.32.27)
+linux-2.6: pending (2.6.32-29) [bugfix/all/stable/2.6.32.27-rc1.patch]
 2.6.26-lenny-security: released (2.6.26-26lenny1) [bugfix/all/ivtvfb-prevent-reading-uninitialized-stack-memory.patch]
-2.6.32-squeeze-security: needed
+2.6.32-squeeze-security: pending (2.6.32-29) [bugfix/all/stable/2.6.32.27-rc1.patch]

Modified: active/CVE-2010-4083
===================================================================
--- active/CVE-2010-4083	2010-12-07 09:49:29 UTC (rev 2067)
+++ active/CVE-2010-4083	2010-12-08 07:33:45 UTC (rev 2068)
@@ -4,7 +4,7 @@
 Notes: 982f7c2b2e6a28f8f266e075d92e19c0dd4c6e56
 Bugs:
 upstream: released (2.6.36)
-2.6.32-upstream-stable: needed "forwarded to stable@ on 2010.11.10"
-linux-2.6: needed
+2.6.32-upstream-stable: pending (2.6.32.27)
+linux-2.6: pending (2.6.32-29) [bugfix/all/stable/2.6.32.27-rc1.patch]
 2.6.26-lenny-security: released (2.6.26-26lenny1) [bugfix/all/sys_semctl-fix-kernel-stack-leakage.patch]
-2.6.32-squeeze-security: needed
+2.6.32-squeeze-security: pending (2.6.32-29) [bugfix/all/stable/2.6.32.27-rc1.patch]

Modified: active/CVE-2010-4162
===================================================================
--- active/CVE-2010-4162	2010-12-07 09:49:29 UTC (rev 2067)
+++ active/CVE-2010-4162	2010-12-08 07:33:45 UTC (rev 2068)
@@ -5,7 +5,7 @@
 Notes:
 Bugs:
 upstream: needed
-2.6.32-upstream-stable: needed
-linux-2.6: needed
+2.6.32-upstream-stable: pending (2.6.32.27)
+linux-2.6: pending (2.6.32-29) [bugfix/all/stable/2.6.32.27-rc1.patch]
 2.6.26-lenny-security: pending (2.6.26-26lenny2) [bugfix/all/bio-take-care-not-overflow-page-count-when-mapping-copying-user-data.patch]
-2.6.32-squeeze-security: needed
+2.6.32-squeeze-security: pending (2.6.32-29) [bugfix/all/stable/2.6.32.27-rc1.patch]

Modified: active/CVE-2010-4163
===================================================================
--- active/CVE-2010-4163	2010-12-07 09:49:29 UTC (rev 2067)
+++ active/CVE-2010-4163	2010-12-08 07:33:45 UTC (rev 2068)
@@ -6,7 +6,7 @@
  Also needs https://patchwork.kernel.org/patch/363282/
 Bugs:
 upstream: needed
-2.6.32-upstream-stable: needed
-linux-2.6: needed
+2.6.32-upstream-stable: pending (2.6.32.27)
+linux-2.6: pending (2.6.32-29) [debian/patches/bugfix/all/stable/2.6.32.27-rc1.patch]
 2.6.26-lenny-security: pending (2.6.26-26lenny2) [bugfix/all/block-check-for-proper-length-of-iov-entries-in-blk_rq_map_user_iov.patch]
-2.6.32-squeeze-security: needed
+2.6.32-squeeze-security: pending (2.6.32-29) [bugfix/all/stable/2.6.32.27-rc1.patch]

Modified: active/CVE-2010-4169
===================================================================
--- active/CVE-2010-4169	2010-12-07 09:49:29 UTC (rev 2067)
+++ active/CVE-2010-4169	2010-12-08 07:33:45 UTC (rev 2068)
@@ -5,7 +5,7 @@
  jmm> perf counters were merged post Lenny
 Bugs:
 upstream: released (2.6.37-rc2) [63bfd7384b119409685a17d5c58f0b56e5dc03da]
-2.6.32-upstream-stable: needed
-linux-2.6: needed
+2.6.32-upstream-stable: pending (2.6.32.27)
+linux-2.6: released (2.6.32-29) [bugfix/all/stable/2.6.32.27-rc1.patch]
 2.6.26-lenny-security: N/A
-2.6.32-squeeze-security: needed
+2.6.32-squeeze-security: released (2.6.32-29) [bugfix/all/stable/2.6.32.27-rc1.patch]

Modified: active/CVE-2010-4258
===================================================================
--- active/CVE-2010-4258	2010-12-07 09:49:29 UTC (rev 2067)
+++ active/CVE-2010-4258	2010-12-08 07:33:45 UTC (rev 2068)
@@ -5,7 +5,7 @@
 Notes:
 Bugs:
 upstream: pending [33dd94ae1ccbfb7bf0fb6c692bc3d1c4269e6177]
-2.6.32-upstream-stable: needed
-linux-2.6: needed
+2.6.32-upstream-stable: pending (2.6.32.27)
+linux-2.6: pending (2.6.32-29) [bugfix/all/stable/2.6.32.27-rc1.patch]
 2.6.26-lenny-security: needed
-2.6.32-squeeze-security: needed
+2.6.32-squeeze-security: pending (2.6.32-29) [bugfix/all/stable/2.6.32.27-rc1.patch]

More information about the kernel-sec-discuss mailing list