[kernel-sec-discuss] r1798 - active retired

Michael Gilbert gilbert-guest at alioth.debian.org
Sat Mar 27 17:04:41 UTC 2010 

Author: gilbert-guest
Date: 2010-03-27 17:04:40 +0000 (Sat, 27 Mar 2010)
New Revision: 1798

Added:
   active/CVE-2010-0437
   retired/CVE-2010-0298
   retired/CVE-2010-1085
Removed:
   active/CVE-2010-0298
   active/CVE-2010-1085
Log:
new issue and retire a couple

Deleted: active/CVE-2010-0298
===================================================================
--- active/CVE-2010-0298	2010-03-26 13:59:11 UTC (rev 1797)
+++ active/CVE-2010-0298	2010-03-27 17:04:40 UTC (rev 1798)
@@ -1,15 +0,0 @@
-Candidate: CVE-2010-0298
-Description:
-References:
- https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2010-0298
-Notes:
- jmm> Commit 1871c6020d7308afb99127bba51f04548e7ca84e
- jmm> Submitted to stable at kernel.org
-Bugs:
-upstream: released (2.6.34-rc1)
-2.6.32-upstream-stable: needed
-linux-2.6: released (2.6.32-8) [bugfix/x86/kvm-fix-memory-access-during-x86-emulation.patch]
-2.6.18-etch-security: N/A "kvm introduced in 2.6.25"
-2.6.24-etch-security: N/A "kvm introduced in 2.6.25"
-2.6.26-lenny-security: released (2.6.26-21lenny3) [bugfix/x86/kvm-fix-memory-access-during-x86-emulation.patch]
-2.6.32-squeeze-security: released (2.6.32-8) [bugfix/x86/kvm-fix-memory-access-during-x86-emulation.patch]

Added: active/CVE-2010-0437
===================================================================
--- active/CVE-2010-0437	                        (rev 0)
+++ active/CVE-2010-0437	2010-03-27 17:04:40 UTC (rev 1798)
@@ -0,0 +1,12 @@
+Candidate: CVE-2010-0437
+Description:
+ oops in ip6_dst_lookup_tail
+References:
+ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0437
+Notes:
+Bugs:
+upstream: released (2.6.27) [e550dfb0]
+2.6.32-upstream-stable: N/A "fixed before 2.6.32"
+linux-2.6: released (2.6.27-1)
+2.6.26-lenny-security: needed "commit 4b37352ee in 2.6.26.6"
+2.6.32-squeeze-security: N/A "fixed before 2.6.32"

Deleted: active/CVE-2010-1085
===================================================================
--- active/CVE-2010-1085	2010-03-26 13:59:11 UTC (rev 1797)
+++ active/CVE-2010-1085	2010-03-27 17:04:40 UTC (rev 1798)
@@ -1,13 +0,0 @@
-Candidate: CVE-2010-1085
-Description:
- hda_intel divide by zero
-References:
- https://bugzilla.redhat.com/show_bug.cgi?id=567168
-Notes:
- jmm> fed08d036f2aabd8d0c684439de37f8ebec2bbc2
-Bugs:
-upstream: released (2.6.33) [fed08d03]
-2.6.32-upstream-stable: released (2.6.32.9) [65798849]
-linux-2.6: released (2.6.32-9)
-2.6.26-lenny-security: N/A (The affected call operation isn't present yet)
-2.6.32-squeeze-security: released (2.6.32-9)

Copied: retired/CVE-2010-0298 (from rev 1797, active/CVE-2010-0298)
===================================================================
--- retired/CVE-2010-0298	                        (rev 0)
+++ retired/CVE-2010-0298	2010-03-27 17:04:40 UTC (rev 1798)
@@ -0,0 +1,15 @@
+Candidate: CVE-2010-0298
+Description:
+References:
+ https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2010-0298
+Notes:
+ jmm> Commit 1871c6020d7308afb99127bba51f04548e7ca84e
+ jmm> Submitted to stable at kernel.org
+Bugs:
+upstream: released (2.6.34-rc1)
+2.6.32-upstream-stable: needed
+linux-2.6: released (2.6.32-8) [bugfix/x86/kvm-fix-memory-access-during-x86-emulation.patch]
+2.6.18-etch-security: N/A "kvm introduced in 2.6.25"
+2.6.24-etch-security: N/A "kvm introduced in 2.6.25"
+2.6.26-lenny-security: released (2.6.26-21lenny3) [bugfix/x86/kvm-fix-memory-access-during-x86-emulation.patch]
+2.6.32-squeeze-security: released (2.6.32-8) [bugfix/x86/kvm-fix-memory-access-during-x86-emulation.patch]

Copied: retired/CVE-2010-1085 (from rev 1797, active/CVE-2010-1085)
===================================================================
--- retired/CVE-2010-1085	                        (rev 0)
+++ retired/CVE-2010-1085	2010-03-27 17:04:40 UTC (rev 1798)
@@ -0,0 +1,13 @@
+Candidate: CVE-2010-1085
+Description:
+ hda_intel divide by zero
+References:
+ https://bugzilla.redhat.com/show_bug.cgi?id=567168
+Notes:
+ jmm> fed08d036f2aabd8d0c684439de37f8ebec2bbc2
+Bugs:
+upstream: released (2.6.33) [fed08d03]
+2.6.32-upstream-stable: released (2.6.32.9) [65798849]
+linux-2.6: released (2.6.32-9)
+2.6.26-lenny-security: N/A (The affected call operation isn't present yet)
+2.6.32-squeeze-security: released (2.6.32-9)

More information about the kernel-sec-discuss mailing list