[kernel-sec-discuss] r1677 - active

Dann Frazier dannf at alioth.debian.org
Wed Jan 20 04:29:27 UTC 2010 

Author: dannf
Date: 2010-01-20 04:29:27 +0000 (Wed, 20 Jan 2010)
New Revision: 1677

Modified:
   active/CVE-2009-3080
   active/CVE-2009-3726
   active/CVE-2009-3889
   active/CVE-2009-4005
   active/CVE-2009-4020
   active/CVE-2009-4021
   active/CVE-2009-4031
   active/CVE-2009-4138
   active/CVE-2009-4308
Log:
2.6.26-21 is in p-u

Modified: active/CVE-2009-3080
===================================================================
--- active/CVE-2009-3080	2010-01-20 04:29:07 UTC (rev 1676)
+++ active/CVE-2009-3080	2010-01-20 04:29:27 UTC (rev 1677)
@@ -10,4 +10,4 @@
 linux-2.6: released (2.6.32-1)
 2.6.18-etch-security: needed
 2.6.24-etch-security: needed
-2.6.26-lenny-security: pending (2.6.26-21) [bugfix/all/gdth-prevent-negative-offsets-in-ioctl.patch]
+2.6.26-lenny-security: released (2.6.26-21) [bugfix/all/gdth-prevent-negative-offsets-in-ioctl.patch]

Modified: active/CVE-2009-3726
===================================================================
--- active/CVE-2009-3726	2010-01-20 04:29:07 UTC (rev 1676)
+++ active/CVE-2009-3726	2010-01-20 04:29:27 UTC (rev 1677)
@@ -10,4 +10,4 @@
 linux-2.6: released (2.6.31-1)
 2.6.18-etch-security:
 2.6.24-etch-security:
-2.6.26-lenny-security: pending (2.6.26-21) [bugfix/all/nfsv4-buggy-server-oops.patch]
+2.6.26-lenny-security: released (2.6.26-21) [bugfix/all/nfsv4-buggy-server-oops.patch]

Modified: active/CVE-2009-3889
===================================================================
--- active/CVE-2009-3889	2010-01-20 04:29:07 UTC (rev 1676)
+++ active/CVE-2009-3889	2010-01-20 04:29:27 UTC (rev 1677)
@@ -13,4 +13,4 @@
 linux-2.6: released (2.6.27-1)
 2.6.18-etch-security: N/A (Vulnerable code not present)
 2.6.24-etch-security:
-2.6.26-lenny-security: pending (2.6.26-21) [bugfix/all/megaraid_sas-fix-sysfs-dbg_lvl-permissions.patch]
+2.6.26-lenny-security: released (2.6.26-21) [bugfix/all/megaraid_sas-fix-sysfs-dbg_lvl-permissions.patch]

Modified: active/CVE-2009-4005
===================================================================
--- active/CVE-2009-4005	2010-01-20 04:29:07 UTC (rev 1676)
+++ active/CVE-2009-4005	2010-01-20 04:29:27 UTC (rev 1677)
@@ -10,5 +10,5 @@
 linux-2.6: released (2.6.32-1)
 2.6.18-etch-security: needed
 2.6.24-etch-security: needed
-2.6.26-lenny-security: pending (2.6.26-21) [bugfix/all/isdn-hfc_usb-fix-read-buffer-overflow.patch]
+2.6.26-lenny-security: released (2.6.26-21) [bugfix/all/isdn-hfc_usb-fix-read-buffer-overflow.patch]
 2.6.32-squeeze-security: released (2.6.32-1) 

Modified: active/CVE-2009-4020
===================================================================
--- active/CVE-2009-4020	2010-01-20 04:29:07 UTC (rev 1676)
+++ active/CVE-2009-4020	2010-01-20 04:29:27 UTC (rev 1677)
@@ -10,5 +10,5 @@
 linux-2.6: released (2.6.32-3)
 2.6.18-etch-security: needed
 2.6.24-etch-security: needed
-2.6.26-lenny-security: needed
+2.6.26-lenny-security: released (2.6.26-21) [bugfix/all/hfs-fix-a-potential-buffer-overflow.patch]
 2.6.32-squeeze-security: released (2.6.32-3)

Modified: active/CVE-2009-4021
===================================================================
--- active/CVE-2009-4021	2010-01-20 04:29:07 UTC (rev 1676)
+++ active/CVE-2009-4021	2010-01-20 04:29:27 UTC (rev 1677)
@@ -11,5 +11,5 @@
 linux-2.6: released (2.6.32-1)
 2.6.18-etch-security: needed
 2.6.24-etch-security: needed
-2.6.26-lenny-security: pending (2.6.26-21) [bugfix/all/fuse-prevent-fuse_put_request-on-invalid-pointer.patch]
+2.6.26-lenny-security: released (2.6.26-21) [bugfix/all/fuse-prevent-fuse_put_request-on-invalid-pointer.patch]
 2.6.32-squeeze-security: released (2.6.32-1)

Modified: active/CVE-2009-4031
===================================================================
--- active/CVE-2009-4031	2010-01-20 04:29:07 UTC (rev 1676)
+++ active/CVE-2009-4031	2010-01-20 04:29:27 UTC (rev 1677)
@@ -11,4 +11,4 @@
 linux-2.6: released (2.6.32-3)
 2.6.18-etch-security: N/A "kvm introduced in 2.6.25"
 2.6.24-etch-security: N/A "kvm introduced in 2.6.25"
-2.6.26-lenny-security: needed
+2.6.26-lenny-security: released (2.6.26-21) [bugfix/x86/kvm-limit-instructions-to-15-bytes.patch]

Modified: active/CVE-2009-4138
===================================================================
--- active/CVE-2009-4138	2010-01-20 04:29:07 UTC (rev 1676)
+++ active/CVE-2009-4138	2010-01-20 04:29:27 UTC (rev 1677)
@@ -10,5 +10,5 @@
 linux-2.6: released (2.6.32-3)
 2.6.18-etch-security: N/A "ohci introduced in 2.6.22"
 2.6.24-etch-security: needed
-2.6.26-lenny-security: needed
+2.6.26-lenny-security: released (2.6.26-21) [bugfix/all/firewire-ohci-handle-receive-packets-with-a-data-length-of-zero.patch]
 2.6.32-squeeze-security: released (2.6.32-3)

Modified: active/CVE-2009-4308
===================================================================
--- active/CVE-2009-4308	2010-01-20 04:29:07 UTC (rev 1676)
+++ active/CVE-2009-4308	2010-01-20 04:29:27 UTC (rev 1677)
@@ -9,5 +9,5 @@
 linux-2.6: released (2.6.32-1)
 2.6.18-etch-security: N/A "ext4 introduced in 2.6.19"
 2.6.24-etch-security: needed
-2.6.26-lenny-security: needed
+2.6.26-lenny-security: released (2.6.26-21) [bugfix/all/ext4-avoid-null-pointer-deref-when-decoding-EROFS-wo-a-journal.patch]
 2.6.32-squeeze-security: released (2.6.32-1)

More information about the kernel-sec-discuss mailing list