[kernel-sec-discuss] r2072 - active
Moritz Muehlenhoff
jmm at alioth.debian.org
Fri Dec 10 15:31:08 UTC 2010
Author: jmm
Date: 2010-12-10 15:31:08 +0000 (Fri, 10 Dec 2010)
New Revision: 2072
Modified:
active/CVE-2010-3873
active/CVE-2010-4157
Log:
updates
Modified: active/CVE-2010-3873
===================================================================
--- active/CVE-2010-3873 2010-12-09 03:04:58 UTC (rev 2071)
+++ active/CVE-2010-3873 2010-12-10 15:31:08 UTC (rev 2072)
@@ -6,8 +6,8 @@
Notes:
jmm> a6331d6f9a4298173b413cf99a40cc86a9d92c37
Bugs:
-upstream: needed
-2.6.32-upstream-stable: needed "forwarded to stable@ on 2010.11.08"
+upstream: released (2.6.37-rc2)
+2.6.32-upstream-stable: released (2.6.32.27)
linux-2.6: released (2.6.32-28) [bugfix/all/x25-Patch-to-fix-bug-15678-x25-accesses-fields-beyon.patch, bugfix/all/x25-memory-corruption-in-X.25-facilities-parsing.patch]
2.6.26-lenny-security: released (2.6.26-26lenny1) [bugfix/all/x25-fix-field-accesses-beyond-end-of-packet.patch, bugfix/all/x25-fix-memory-corruption-in-facilities-parsing.patch]
2.6.32-squeeze-security: released (2.6.32-28) [bugfix/all/x25-Patch-to-fix-bug-15678-x25-accesses-fields-beyon.patch, bugfix/all/x25-memory-corruption-in-X.25-facilities-parsing.patch]
Modified: active/CVE-2010-4157
===================================================================
--- active/CVE-2010-4157 2010-12-09 03:04:58 UTC (rev 2071)
+++ active/CVE-2010-4157 2010-12-10 15:31:08 UTC (rev 2072)
@@ -3,6 +3,7 @@
References:
Notes:
dannf> Not a security issue (discussed on oss-security, iirc)
+ jmm> It was clarified later on oss-sec, that this is in fact exploitable
Bugs:
upstream: released (2.6.37-rc1) [f63ae56e4e97fb12053590e41a4fa59e7daa74a4]
2.6.32-upstream-stable: released (2.6.32.26)
More information about the kernel-sec-discuss
mailing list