[kernel-sec-discuss] r2077 - active retired

Moritz Muehlenhoff jmm at alioth.debian.org
Fri Dec 10 15:40:31 UTC 2010 

Author: jmm
Date: 2010-12-10 15:40:30 +0000 (Fri, 10 Dec 2010)
New Revision: 2077

Added:
   retired/CVE-2010-3861
   retired/CVE-2010-3874
   retired/CVE-2010-4083
Removed:
   active/CVE-2010-3861
   active/CVE-2010-3874
   active/CVE-2010-4083
Log:
retire three issues


Deleted: active/CVE-2010-3861
===================================================================
--- active/CVE-2010-3861	2010-12-10 15:39:42 UTC (rev 2076)
+++ active/CVE-2010-3861	2010-12-10 15:40:30 UTC (rev 2077)
@@ -1,10 +0,0 @@
-Candidate: CVE-2010-3861
-Description: heap contents leak from ETHTOOL_GRXCLSRLALL
-References:
-Notes:
-Bugs:
-upstream: released (2.6.36) [ae6df5f96a51818d6376da5307d773baeece4014]
-2.6.32-upstream-stable: released (2.6.32.27)
-linux-2.6: released (2.6.32-29) [bugfix/all/stable/2.6.32.27-rc1.patch]
-2.6.26-lenny-security: N/A (Introduced in 2.6.27)
-2.6.32-squeeze-security: released (2.6.32-29) [bugfix/all/stable/2.6.32.27-rc1.patch]

Deleted: active/CVE-2010-3874
===================================================================
--- active/CVE-2010-3874	2010-12-10 15:39:42 UTC (rev 2076)
+++ active/CVE-2010-3874	2010-12-10 15:40:30 UTC (rev 2077)
@@ -1,12 +0,0 @@
-Candidate: CVE-2010-3874
-Description:
- http://marc.info/?l=linux-netdev&m=128872251418192&w=2
-References:
-Notes:
- jmm> This is hardly a security issue...  
-Bugs:
-upstream: released (2.6.37-rc2) [0597d1b]
-2.6.32-upstream-stable: released (2.6.32.27)
-linux-2.6: released (2.6.32-29) [bugfix/all/stable/2.6.32.27-rc1.patch]
-2.6.26-lenny-security: released (2.6.26-26lenny1) [bugfix/all/can-bcm-fix-minor-heap-overflow.patch]
-2.6.32-squeeze-security: released (2.6.32-29) [bugfix/all/stable/2.6.32.27-rc1.patch]

Deleted: active/CVE-2010-4083
===================================================================
--- active/CVE-2010-4083	2010-12-10 15:39:42 UTC (rev 2076)
+++ active/CVE-2010-4083	2010-12-10 15:40:30 UTC (rev 2077)
@@ -1,10 +0,0 @@
-Candidate: CVE-2010-4083
-Description: system call stack leak
-References:
-Notes: 982f7c2b2e6a28f8f266e075d92e19c0dd4c6e56
-Bugs:
-upstream: released (2.6.36)
-2.6.32-upstream-stable: released (2.6.32.27)
-linux-2.6: released (2.6.32-29) [bugfix/all/stable/2.6.32.27-rc1.patch]
-2.6.26-lenny-security: released (2.6.26-26lenny1) [bugfix/all/sys_semctl-fix-kernel-stack-leakage.patch]
-2.6.32-squeeze-security: released (2.6.32-29) [bugfix/all/stable/2.6.32.27-rc1.patch]

Copied: retired/CVE-2010-3861 (from rev 2076, active/CVE-2010-3861)
===================================================================
--- retired/CVE-2010-3861	                        (rev 0)
+++ retired/CVE-2010-3861	2010-12-10 15:40:30 UTC (rev 2077)
@@ -0,0 +1,10 @@
+Candidate: CVE-2010-3861
+Description: heap contents leak from ETHTOOL_GRXCLSRLALL
+References:
+Notes:
+Bugs:
+upstream: released (2.6.36) [ae6df5f96a51818d6376da5307d773baeece4014]
+2.6.32-upstream-stable: released (2.6.32.27)
+linux-2.6: released (2.6.32-29) [bugfix/all/stable/2.6.32.27-rc1.patch]
+2.6.26-lenny-security: N/A (Introduced in 2.6.27)
+2.6.32-squeeze-security: released (2.6.32-29) [bugfix/all/stable/2.6.32.27-rc1.patch]


Property changes on: retired/CVE-2010-3861
___________________________________________________________________
Added: svn:mergeinfo
   + 

Copied: retired/CVE-2010-3874 (from rev 2076, active/CVE-2010-3874)
===================================================================
--- retired/CVE-2010-3874	                        (rev 0)
+++ retired/CVE-2010-3874	2010-12-10 15:40:30 UTC (rev 2077)
@@ -0,0 +1,12 @@
+Candidate: CVE-2010-3874
+Description:
+ http://marc.info/?l=linux-netdev&m=128872251418192&w=2
+References:
+Notes:
+ jmm> This is hardly a security issue...  
+Bugs:
+upstream: released (2.6.37-rc2) [0597d1b]
+2.6.32-upstream-stable: released (2.6.32.27)
+linux-2.6: released (2.6.32-29) [bugfix/all/stable/2.6.32.27-rc1.patch]
+2.6.26-lenny-security: released (2.6.26-26lenny1) [bugfix/all/can-bcm-fix-minor-heap-overflow.patch]
+2.6.32-squeeze-security: released (2.6.32-29) [bugfix/all/stable/2.6.32.27-rc1.patch]


Property changes on: retired/CVE-2010-3874
___________________________________________________________________
Added: svn:mergeinfo
   + 

Copied: retired/CVE-2010-4083 (from rev 2076, active/CVE-2010-4083)
===================================================================
--- retired/CVE-2010-4083	                        (rev 0)
+++ retired/CVE-2010-4083	2010-12-10 15:40:30 UTC (rev 2077)
@@ -0,0 +1,10 @@
+Candidate: CVE-2010-4083
+Description: system call stack leak
+References:
+Notes: 982f7c2b2e6a28f8f266e075d92e19c0dd4c6e56
+Bugs:
+upstream: released (2.6.36)
+2.6.32-upstream-stable: released (2.6.32.27)
+linux-2.6: released (2.6.32-29) [bugfix/all/stable/2.6.32.27-rc1.patch]
+2.6.26-lenny-security: released (2.6.26-26lenny1) [bugfix/all/sys_semctl-fix-kernel-stack-leakage.patch]
+2.6.32-squeeze-security: released (2.6.32-29) [bugfix/all/stable/2.6.32.27-rc1.patch]


Property changes on: retired/CVE-2010-4083
___________________________________________________________________
Added: svn:mergeinfo
   +

More information about the kernel-sec-discuss mailing list