[kernel-sec-discuss] r2068 - active
Dann Frazier
dannf at alioth.debian.org
Wed Dec 8 07:34:01 UTC 2010
Author: dannf
Date: 2010-12-08 07:33:45 +0000 (Wed, 08 Dec 2010)
New Revision: 2068
Modified:
active/CVE-2010-0435
active/CVE-2010-3861
active/CVE-2010-3874
active/CVE-2010-3881
active/CVE-2010-4072
active/CVE-2010-4073
active/CVE-2010-4079
active/CVE-2010-4083
active/CVE-2010-4162
active/CVE-2010-4163
active/CVE-2010-4169
active/CVE-2010-4258
Log:
status updates
Modified: active/CVE-2010-0435
===================================================================
--- active/CVE-2010-0435 2010-12-07 09:49:29 UTC (rev 2067)
+++ active/CVE-2010-0435 2010-12-08 07:33:45 UTC (rev 2068)
@@ -9,7 +9,7 @@
jmm> combination with the plethora of KVM patches added by Red Hat?
Bugs:
upstream:
-2.6.32-upstream-stable:
-linux-2.6:
+2.6.32-upstream-stable: pending (2.6.32.27)
+linux-2.6: pending (2.6.32-29) [bugfix/all/stable/2.6.32.27-rc1.patch]
2.6.26-lenny-security:
-2.6.32-squeeze-security:
+2.6.32-squeeze-security: pending (2.6.32-29) [bugfix/all/stable/2.6.32.27-rc1.patch]
Modified: active/CVE-2010-3861
===================================================================
--- active/CVE-2010-3861 2010-12-07 09:49:29 UTC (rev 2067)
+++ active/CVE-2010-3861 2010-12-08 07:33:45 UTC (rev 2068)
@@ -5,7 +5,7 @@
jmm> ae6df5f96a51818d6376da5307d773baeece4014
Bugs:
upstream: released (2.6.36)
-2.6.32-upstream-stable:
-linux-2.6: pending (2.6.32-29) [bugfix/all/net-clear-heap-allocation-for-ETHTOOL_GRXCLSRLALL.patch]
+2.6.32-upstream-stable: pending (2.6.32.27)
+linux-2.6: pending (2.6.32-29) [bugfix/all/stable/2.6.32.27-rc1.patch]
2.6.26-lenny-security: N/A (Introduced in 2.6.27)
-2.6.32-squeeze-security: pending (2.6.32-29) [bugfix/all/net-clear-heap-allocation-for-ETHTOOL_GRXCLSRLALL.patch]
+2.6.32-squeeze-security: pending (2.6.32-29) [bugfix/all/stable/2.6.32.27-rc1.patch]
Modified: active/CVE-2010-3874
===================================================================
--- active/CVE-2010-3874 2010-12-07 09:49:29 UTC (rev 2067)
+++ active/CVE-2010-3874 2010-12-08 07:33:45 UTC (rev 2068)
@@ -6,7 +6,7 @@
jmm> This is hardly a security issue...
Bugs:
upstream: released (2.6.37-rc2) [0597d1b]
-2.6.32-upstream-stable: needed "dannf asked davem about it on 2010.11.20"
-linux-2.6: needed
+2.6.32-upstream-stable: pending (2.6.32.27)
+linux-2.6: pending (2.6.32-29) [bugfix/all/stable/2.6.32.27-rc1.patch]
2.6.26-lenny-security: released (2.6.26-26lenny1) [bugfix/all/can-bcm-fix-minor-heap-overflow.patch]
-2.6.32-squeeze-security: needed
+2.6.32-squeeze-security: pending (2.6.32-29) [bugfix/all/stable/2.6.32.27-rc1.patch]
Modified: active/CVE-2010-3881
===================================================================
--- active/CVE-2010-3881 2010-12-07 09:49:29 UTC (rev 2067)
+++ active/CVE-2010-3881 2010-12-08 07:33:45 UTC (rev 2068)
@@ -5,7 +5,7 @@
jmm> 97e69aa62f8b5d338d6cff49be09e37cc1262838
Bugs:
upstream: needed
-2.6.32-upstream-stable: needed
-linux-2.6: needed
+2.6.32-upstream-stable: pending (2.6.32.27)
+linux-2.6: pending (2.6.32-29) [bugfix/all/stable/2.6.32.27-rc1.patch]
2.6.26-lenny-security: N/A "structures didn't exist in lenny (nor in lenny's kvm-source pkg)"
-2.6.32-squeeze-security: needed
+2.6.32-squeeze-security: pending (2.6.32-29) [bugfix/all/stable/2.6.32.27-rc1.patch]
Modified: active/CVE-2010-4072
===================================================================
--- active/CVE-2010-4072 2010-12-07 09:49:29 UTC (rev 2067)
+++ active/CVE-2010-4072 2010-12-08 07:33:45 UTC (rev 2068)
@@ -6,7 +6,7 @@
jmm> 3af54c9bd9e6f14f896aac1bb0e8405ae0bc7a44
Bugs:
upstream: released (2.6.37-rc1)
-2.6.32-upstream-stable: needed "stable@ was CCed"
-linux-2.6: needed
+2.6.32-upstream-stable: pending (2.6.32.27)
+linux-2.6: pending (2.6.32-29) [bugfix/all/stable/2.6.32.27-rc1.patch]
2.6.26-lenny-security: released (2.6.26-26lenny1) [bugfix/all/ipc-shm-fix-information-leak-to-userland.patch]
-2.6.32-squeeze-security: needed
+2.6.32-squeeze-security: pending (2.6.32-29) [bugfix/all/stable/2.6.32.27-rc1.patch]
Modified: active/CVE-2010-4073
===================================================================
--- active/CVE-2010-4073 2010-12-07 09:49:29 UTC (rev 2067)
+++ active/CVE-2010-4073 2010-12-08 07:33:45 UTC (rev 2068)
@@ -6,7 +6,7 @@
jmm> 03145beb455cf5c20a761e8451e30b8a74ba58d9
Bugs:
upstream: released (2.6.37-rc1)
-2.6.32-upstream-stable: needed (stable@ was CCed)
-linux-2.6: needed
+2.6.32-upstream-stable: pending (2.6.32.27)
+linux-2.6: pending (2.6.32-29) [bugfix/all/stable/2.6.32.27-rc1.patch]
2.6.26-lenny-security: released (2.6.26-26lenny1) [bugfix/all/ipc-initialize-structure-memory-to-zero-for-compat-functions.patch]
-2.6.32-squeeze-security: needed
+2.6.32-squeeze-security: pending (2.6.32-29) [bugfix/all/stable/2.6.32.27-rc1.patch]
Modified: active/CVE-2010-4079
===================================================================
--- active/CVE-2010-4079 2010-12-07 09:49:29 UTC (rev 2067)
+++ active/CVE-2010-4079 2010-12-08 07:33:45 UTC (rev 2068)
@@ -4,7 +4,7 @@
Notes:
Bugs:
upstream: released (2.6.36) [405707985594169cfd0b1d97d29fcb4b4c6f2ac9]
-2.6.32-upstream-stable: needed
-linux-2.6: needed
+2.6.32-upstream-stable: pending (2.6.32.27)
+linux-2.6: pending (2.6.32-29) [bugfix/all/stable/2.6.32.27-rc1.patch]
2.6.26-lenny-security: released (2.6.26-26lenny1) [bugfix/all/ivtvfb-prevent-reading-uninitialized-stack-memory.patch]
-2.6.32-squeeze-security: needed
+2.6.32-squeeze-security: pending (2.6.32-29) [bugfix/all/stable/2.6.32.27-rc1.patch]
Modified: active/CVE-2010-4083
===================================================================
--- active/CVE-2010-4083 2010-12-07 09:49:29 UTC (rev 2067)
+++ active/CVE-2010-4083 2010-12-08 07:33:45 UTC (rev 2068)
@@ -4,7 +4,7 @@
Notes: 982f7c2b2e6a28f8f266e075d92e19c0dd4c6e56
Bugs:
upstream: released (2.6.36)
-2.6.32-upstream-stable: needed "forwarded to stable@ on 2010.11.10"
-linux-2.6: needed
+2.6.32-upstream-stable: pending (2.6.32.27)
+linux-2.6: pending (2.6.32-29) [bugfix/all/stable/2.6.32.27-rc1.patch]
2.6.26-lenny-security: released (2.6.26-26lenny1) [bugfix/all/sys_semctl-fix-kernel-stack-leakage.patch]
-2.6.32-squeeze-security: needed
+2.6.32-squeeze-security: pending (2.6.32-29) [bugfix/all/stable/2.6.32.27-rc1.patch]
Modified: active/CVE-2010-4162
===================================================================
--- active/CVE-2010-4162 2010-12-07 09:49:29 UTC (rev 2067)
+++ active/CVE-2010-4162 2010-12-08 07:33:45 UTC (rev 2068)
@@ -5,7 +5,7 @@
Notes:
Bugs:
upstream: needed
-2.6.32-upstream-stable: needed
-linux-2.6: needed
+2.6.32-upstream-stable: pending (2.6.32.27)
+linux-2.6: pending (2.6.32-29) [bugfix/all/stable/2.6.32.27-rc1.patch]
2.6.26-lenny-security: pending (2.6.26-26lenny2) [bugfix/all/bio-take-care-not-overflow-page-count-when-mapping-copying-user-data.patch]
-2.6.32-squeeze-security: needed
+2.6.32-squeeze-security: pending (2.6.32-29) [bugfix/all/stable/2.6.32.27-rc1.patch]
Modified: active/CVE-2010-4163
===================================================================
--- active/CVE-2010-4163 2010-12-07 09:49:29 UTC (rev 2067)
+++ active/CVE-2010-4163 2010-12-08 07:33:45 UTC (rev 2068)
@@ -6,7 +6,7 @@
Also needs https://patchwork.kernel.org/patch/363282/
Bugs:
upstream: needed
-2.6.32-upstream-stable: needed
-linux-2.6: needed
+2.6.32-upstream-stable: pending (2.6.32.27)
+linux-2.6: pending (2.6.32-29) [debian/patches/bugfix/all/stable/2.6.32.27-rc1.patch]
2.6.26-lenny-security: pending (2.6.26-26lenny2) [bugfix/all/block-check-for-proper-length-of-iov-entries-in-blk_rq_map_user_iov.patch]
-2.6.32-squeeze-security: needed
+2.6.32-squeeze-security: pending (2.6.32-29) [bugfix/all/stable/2.6.32.27-rc1.patch]
Modified: active/CVE-2010-4169
===================================================================
--- active/CVE-2010-4169 2010-12-07 09:49:29 UTC (rev 2067)
+++ active/CVE-2010-4169 2010-12-08 07:33:45 UTC (rev 2068)
@@ -5,7 +5,7 @@
jmm> perf counters were merged post Lenny
Bugs:
upstream: released (2.6.37-rc2) [63bfd7384b119409685a17d5c58f0b56e5dc03da]
-2.6.32-upstream-stable: needed
-linux-2.6: needed
+2.6.32-upstream-stable: pending (2.6.32.27)
+linux-2.6: released (2.6.32-29) [bugfix/all/stable/2.6.32.27-rc1.patch]
2.6.26-lenny-security: N/A
-2.6.32-squeeze-security: needed
+2.6.32-squeeze-security: released (2.6.32-29) [bugfix/all/stable/2.6.32.27-rc1.patch]
Modified: active/CVE-2010-4258
===================================================================
--- active/CVE-2010-4258 2010-12-07 09:49:29 UTC (rev 2067)
+++ active/CVE-2010-4258 2010-12-08 07:33:45 UTC (rev 2068)
@@ -5,7 +5,7 @@
Notes:
Bugs:
upstream: pending [33dd94ae1ccbfb7bf0fb6c692bc3d1c4269e6177]
-2.6.32-upstream-stable: needed
-linux-2.6: needed
+2.6.32-upstream-stable: pending (2.6.32.27)
+linux-2.6: pending (2.6.32-29) [bugfix/all/stable/2.6.32.27-rc1.patch]
2.6.26-lenny-security: needed
-2.6.32-squeeze-security: needed
+2.6.32-squeeze-security: pending (2.6.32-29) [bugfix/all/stable/2.6.32.27-rc1.patch]
More information about the kernel-sec-discuss
mailing list