[kernel-sec-discuss] r1750 - active retired

Michael Gilbert gilbert-guest at alioth.debian.org
Fri Feb 26 20:44:11 UTC 2010 

Author: gilbert-guest
Date: 2010-02-26 20:44:11 +0000 (Fri, 26 Feb 2010)
New Revision: 1750

Added:
   retired/CVE-2010-0623
Removed:
   active/CVE-2010-0623
Modified:
   active/CVE-2009-4537
   active/CVE-2010-0622
Log:
updates

Modified: active/CVE-2009-4537
===================================================================
--- active/CVE-2009-4537	2010-02-26 01:01:37 UTC (rev 1749)
+++ active/CVE-2009-4537	2010-02-26 20:44:11 UTC (rev 1750)
@@ -5,6 +5,7 @@
  http://www.openwall.com/lists/oss-security/2009/12/31/1
 Notes:
  jmm> No final upstream patch yet, discussion at http://marc.info/?t=126202986900002&r=1&w=2 
+ gilbert> still no upstream solution as of 2010-02-26
 Bugs:
 upstream:
 2.6.32-upstream-stable:

Modified: active/CVE-2010-0622
===================================================================
--- active/CVE-2010-0622	2010-02-26 01:01:37 UTC (rev 1749)
+++ active/CVE-2010-0622	2010-02-26 20:44:11 UTC (rev 1750)
@@ -6,9 +6,9 @@
 Notes:
 Bugs:
 upstream: released (2.6.33-rc7) [51246bfd1]
-2.6.32-upstream-stable:
-linux-2.6:
+2.6.32-upstream-stable: released (2.6.32.9) [c03d9d422]
+linux-2.6: released (2.6.32-9)
 2.6.18-etch-security: pending (2.6.18.dfsg.1-26etch2) [bugfix/all/futex-handle-user-space-corruption-gracefully.patch]
 2.6.24-etch-security: pending (2.6.24~6etchnhalf.9etch2) [bugfix/all/futex-handle-user-space-corruption-gracefully.patch]
 2.6.26-lenny-security: pending (2.6.26-21lenny4) [bugfix/all/futex-handle-user-space-corruption-gracefully.patch]
-2.6.32-squeeze-security:
+2.6.32-squeeze-security: released (2.6.32-9)

Deleted: active/CVE-2010-0623
===================================================================
--- active/CVE-2010-0623	2010-02-26 01:01:37 UTC (rev 1749)
+++ active/CVE-2010-0623	2010-02-26 20:44:11 UTC (rev 1750)
@@ -1,13 +0,0 @@
-Candidate: CVE-2010-0623
-Description:
- futex refcount leak
-References:
-Notes:
-Bugs:
-upstream: pending [5ecb01c]
-2.6.32-upstream-stable:
-linux-2.6:
-2.6.18-etch-security: N/A "introduced in 2.6.28 commit 38d47c1b"
-2.6.24-etch-security: N/A "introduced in 2.6.28 commit 38d47c1b"
-2.6.26-lenny-security: N/A "introduced in 2.6.28 commit 38d47c1b"
-2.6.32-squeeze-security:

Copied: retired/CVE-2010-0623 (from rev 1749, active/CVE-2010-0623)
===================================================================
--- retired/CVE-2010-0623	                        (rev 0)
+++ retired/CVE-2010-0623	2010-02-26 20:44:11 UTC (rev 1750)
@@ -0,0 +1,13 @@
+Candidate: CVE-2010-0623
+Description:
+ futex refcount leak
+References:
+Notes:
+Bugs:
+upstream: released (2.6.33) [5ecb01c]
+2.6.32-upstream-stable: released (2.6.32.9) [5f6af116]
+linux-2.6: released (2.6.32-9)
+2.6.18-etch-security: N/A "introduced in 2.6.28 commit 38d47c1b"
+2.6.24-etch-security: N/A "introduced in 2.6.28 commit 38d47c1b"
+2.6.26-lenny-security: N/A "introduced in 2.6.28 commit 38d47c1b"
+2.6.32-squeeze-security: released (2.6.32-9)

More information about the kernel-sec-discuss mailing list