[kernel-sec-discuss] r1852 - active

[Dann Frazier]

Author: dannf
Date: 2010-06-15 23:16:40 +0000 (Tue, 15 Jun 2010)
New Revision: 1852

Added:
   active/CVE-2009-4895
Removed:
   active/CVE-2009-tty-null-ptr-dereference
Log:
CVE assigned, also reference "proper" fix vs. the original buggy one


Copied: active/CVE-2009-4895 (from rev 1851, active/CVE-2009-tty-null-ptr-dereference)
===================================================================
--- active/CVE-2009-4895	                        (rev 0)
+++ active/CVE-2009-4895	2010-06-15 23:16:40 UTC (rev 1852)
@@ -0,0 +1,14 @@
+Candidate: CVE-2009-4895
+Description:
+ tty null ptr dereference
+References:
+ http://bugzilla.kernel.org/show_bug.cgi?id=14605
+ http://xorl.wordpress.com/2009/11/30/linux-kernel-tty-null-pointer-dereference-race-condition/
+Notes:
+ supposedly fixed in redhat kernels (see bug report above)
+Bugs:
+upstream: released (2.6.33) [80e1e823989ec44d8e35bdfddadbddcffec90424] 
+2.6.32-upstream-stable: released (2.6.32.9)
+linux-2.6: released (2.6.32-9) [bugfix/all/stable/2.6.32.9.patch]
+2.6.26-lenny-security: needed
+2.6.32-squeeze-security: released (2.6.32-9) [bugfix/all/stable/2.6.32.9.patch]

Deleted: active/CVE-2009-tty-null-ptr-dereference
===================================================================
--- active/CVE-2009-tty-null-ptr-dereference	2010-06-15 06:36:57 UTC (rev 1851)
+++ active/CVE-2009-tty-null-ptr-dereference	2010-06-15 23:16:40 UTC (rev 1852)
@@ -1,14 +0,0 @@
-Candidate:
-Description:
- tty null ptr dereference
-References:
- http://bugzilla.kernel.org/show_bug.cgi?id=14605
- http://xorl.wordpress.com/2009/11/30/linux-kernel-tty-null-pointer-dereference-race-condition/
-Notes:
- supposedly fixed in redhat kernels (see bug report above)
-Bugs:
-upstream: released (2.6.33) [70362511] 
-2.6.32-upstream-stable: released (2.6.32.6) [179b7e53]
-linux-2.6: released (2.6.32-6) [bugfix/all/stable/2.6.32.6.patch]
-2.6.26-lenny-security: needed
-2.6.32-squeeze-security: released (2.6.32-6) [bugfix/all/stable/2.6.32.6.patch]