[kernel-sec-discuss] r1836 - active retired
Moritz Muehlenhoff
jmm at alioth.debian.org
Tue May 25 09:33:02 UTC 2010
Author: jmm
Date: 2010-05-25 09:32:56 +0000 (Tue, 25 May 2010)
New Revision: 1836
Added:
retired/CVE-2010-0727
retired/CVE-2010-1083
retired/CVE-2010-1084
retired/CVE-2010-1086
retired/CVE-2010-1087
retired/CVE-2010-1088
retired/CVE-2010-1162
retired/CVE-2010-1446
retired/CVE-2010-1451
Removed:
active/CVE-2010-0727
active/CVE-2010-1083
active/CVE-2010-1084
active/CVE-2010-1086
active/CVE-2010-1087
active/CVE-2010-1088
active/CVE-2010-1162
active/CVE-2010-1446
active/CVE-2010-1451
Log:
retire issues
Deleted: active/CVE-2010-0727
===================================================================
--- active/CVE-2010-0727 2010-05-25 09:29:10 UTC (rev 1835)
+++ active/CVE-2010-0727 2010-05-25 09:32:56 UTC (rev 1836)
@@ -1,14 +0,0 @@
-Candidate: CVE-2010-0727
-Description:
- gfs2_lock denial-of-service
-References:
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0727
-Notes:
- jmm> 720e7749279bde0d08684b1bb4e7a2eedeec6394
- jmm> Submitted for 2.6.32.x stable
-Bugs:
-upstream: released (2.6.34-rc2) [720e77492]
-2.6.32-upstream-stable: released (2.6.32.11) [788b99c4]
-linux-2.6: released (2.6.32-11) [bugfix/all/stable/2.6.32.11.patch]
-2.6.26-lenny-security: released (2.6.26-22lenny1) [bugfix/all/gfs2-skip-check-for-mandatory-locks-when-unlocking.patch]
-2.6.32-squeeze-security: released (2.6.32-11) [bugfix/all/stable/2.6.32.11.patch]
Deleted: active/CVE-2010-1083
===================================================================
--- active/CVE-2010-1083 2010-05-25 09:29:10 UTC (rev 1835)
+++ active/CVE-2010-1083 2010-05-25 09:32:56 UTC (rev 1836)
@@ -1,11 +0,0 @@
-Candidate: CVE-2010-1083
-Description: kernel information leak via userspace USB interface
-References:
-Notes:
- jmm> d4a4683ca054ed9917dfc9e3ff0f7ecf74ad90d6
-Bugs:
-upstream: released (2.6.33)
-2.6.32-upstream-stable: released (2.6.32.9)
-linux-2.6: released (2.6.32-9)
-2.6.26-lenny-security: released (2.6.26-22lenny1) [bugfix/all/usbfs-only-copy-received-data.patch]
-2.6.32-squeeze-security: released (2.6.32-9)
Deleted: active/CVE-2010-1084
===================================================================
--- active/CVE-2010-1084 2010-05-25 09:29:10 UTC (rev 1835)
+++ active/CVE-2010-1084 2010-05-25 09:32:56 UTC (rev 1836)
@@ -1,12 +0,0 @@
-Candidate: CVE-2010-1084
-Description: bluetooth: potential bad memory access with sysfs files
-References:
-Notes:
- jmm> 101545f6fef4a0a3ea8daf0b5b880df2c6a92a69
- jmm> Submitted for stable at kernel.org
-Bugs:
-upstream: released (2.6.34-rc3) [101545f6]
-2.6.32-upstream-stable: released (2.6.32.11) [e1c20f72]
-linux-2.6: released (2.6.32-11) [bugfix/all/stable/2.6.32.11.patch]
-2.6.26-lenny-security: released (2.6.26-22lenny1) [bugfix/all/bluetooth-fix-potential-bad-memory-access-with-sysfs-files.patch]
-2.6.32-squeeze-security: released (2.6.32-11) [bugfix/all/stable/2.6.32.11.patch]
Deleted: active/CVE-2010-1086
===================================================================
--- active/CVE-2010-1086 2010-05-25 09:29:10 UTC (rev 1835)
+++ active/CVE-2010-1086 2010-05-25 09:32:56 UTC (rev 1836)
@@ -1,11 +0,0 @@
-Candidate: CVE-2010-1086
-Description: dvb-core: ULE decapsulation DoS
-References:
-Notes:
- jmm> 29e1fa3565a7951cc415c634eb2b78dbdbee151d
-Bugs:
-upstream: released (2.6.32.10)
-2.6.32-upstream-stable: released (2.6.32.10)
-linux-2.6: released (2.6.32-10)
-2.6.26-lenny-security: released (2.6.26-22lenny1) [bugfix/all/dvb-core-fix-dos-in-ule-decapsulation.patch]
-2.6.32-squeeze-security: released (2.6.32-10)
Deleted: active/CVE-2010-1087
===================================================================
--- active/CVE-2010-1087 2010-05-25 09:29:10 UTC (rev 1835)
+++ active/CVE-2010-1087 2010-05-25 09:32:56 UTC (rev 1836)
@@ -1,11 +0,0 @@
-Candidate: CVE-2010-1087
-Description: NFS: Fix an Oops when truncating a file
-References:
-Notes:
- jmm> 9f557cd8073104b39528794d44e129331ded649f
-Bugs:
-upstream: released (2.6.33)
-2.6.32-upstream-stable: released (2.6.32.9)
-linux-2.6: released (2.6.32-9)
-2.6.26-lenny-security: released (2.6.26-22lenny1) [bugfix/all/nfs-fix-an-oops-when-truncating-a-file.patch]
-2.6.32-squeeze-security: released (2.6.32-9)
Deleted: active/CVE-2010-1088
===================================================================
--- active/CVE-2010-1088 2010-05-25 09:29:10 UTC (rev 1835)
+++ active/CVE-2010-1088 2010-05-25 09:32:56 UTC (rev 1836)
@@ -1,11 +0,0 @@
-Candidate: CVE-2010-1088
-Description: kernel: NFS DoS related to "automount" symlinks
-References:
-Notes:
- jmm> ac278a9c505092dd82077a2446af8f9fc0d9c095
-Bugs:
-upstream: released (2.6.32.10)
-2.6.32-upstream-stable: released (2.6.32.10)
-linux-2.6: released (2.6.32-10)
-2.6.26-lenny-security: released (2.6.26-22lenny1) [bugfix/all/fix-LOOKUP_FOLLOW-on-automount-symlinks.patch]
-2.6.32-squeeze-security: released (2.6.32-10)
Deleted: active/CVE-2010-1162
===================================================================
--- active/CVE-2010-1162 2010-05-25 09:29:10 UTC (rev 1835)
+++ active/CVE-2010-1162 2010-05-25 09:32:56 UTC (rev 1836)
@@ -1,12 +0,0 @@
-Candidate: CVE-2010-1162
-Description:
- tty: release_one_tty() forgets to put pids
-References:
- http://www.openwall.com/lists/oss-security/2010/04/14/1
-Notes:
-Bugs:
-upstream: released (2.6.34-rc4) [6da8d866]
-2.6.32-upstream-stable: released (2.6.32.12) [e2278e63]
-linux-2.6: released (2.6.32-12) [bugfix/all/stable/2.6.32.12.patch]
-2.6.26-lenny-security: released (2.6.26-22lenny1) [bugfix/all/tty-release_one_tty-forgets-to-put-pids.patch]
-2.6.32-squeeze-security: released (2.6.32-12) [bugfix/all/stable/2.6.32.12.patch]
Deleted: active/CVE-2010-1446
===================================================================
--- active/CVE-2010-1446 2010-05-25 09:29:10 UTC (rev 1835)
+++ active/CVE-2010-1446 2010-05-25 09:32:56 UTC (rev 1836)
@@ -1,12 +0,0 @@
-Candidate: CVE-2010-1446
-Description:
-References:
- http://www.openwall.com/lists/oss-security/2010/04/29/3
-Notes:
-jmm> 56151e753468e34aeb322af4b0309ab727c97d2e
-Bugs:
-upstream: relased (2.6.34)
-2.6.32-upstream-stable: released (2.6.32.13)
-linux-2.6: released (2.6.32-12) [bugfix/powerpc/kgdb-dont-needlessly-skip-PAGE_USER-test-for-Fsl-booke.patch]
-2.6.26-lenny-security: released (2.6.26-22lenny1)
-2.6.32-squeeze-security: released (2.6.32-12) [bugfix/powerpc/kgdb-dont-needlessly-skip-PAGE_USER-test-for-Fsl-booke.patch]
Deleted: active/CVE-2010-1451
===================================================================
--- active/CVE-2010-1451 2010-05-25 09:29:10 UTC (rev 1835)
+++ active/CVE-2010-1451 2010-05-25 09:32:56 UTC (rev 1836)
@@ -1,14 +0,0 @@
-Candidate: CVE-2010-1451
-Description:
- jmm> sparc64: Fix sun4u execute bit check in TSB I-TLB load
-References:
- http://marc.info/?l=linux-sparc&m=126662196902830&w=2
- http://marc.info/?l=linux-sparc&m=126662159602378&w=2
-Notes:
- jmm> 1f474646fdc36b457606bbcd6a3592e6cbd31ac4
-Bugs:
-upstream: released (2.6.34)
-2.6.32-upstream-stable: released (2.6.32.10)
-linux-2.6: released (2.6.32-10) [bugfix/all/stable/2.6.32.10.patch]
-2.6.26-lenny-security: released (2.6.26-22lenny1) [bugfix/sparc/fix-sun4u-execute-bit-check-in-TSB-I-ITLB-load.patch]
-2.6.32-squeeze-security: released (2.6.32-10) [bugfix/all/stable/2.6.32.10.patch]
Copied: retired/CVE-2010-0727 (from rev 1835, active/CVE-2010-0727)
===================================================================
--- retired/CVE-2010-0727 (rev 0)
+++ retired/CVE-2010-0727 2010-05-25 09:32:56 UTC (rev 1836)
@@ -0,0 +1,14 @@
+Candidate: CVE-2010-0727
+Description:
+ gfs2_lock denial-of-service
+References:
+ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0727
+Notes:
+ jmm> 720e7749279bde0d08684b1bb4e7a2eedeec6394
+ jmm> Submitted for 2.6.32.x stable
+Bugs:
+upstream: released (2.6.34-rc2) [720e77492]
+2.6.32-upstream-stable: released (2.6.32.11) [788b99c4]
+linux-2.6: released (2.6.32-11) [bugfix/all/stable/2.6.32.11.patch]
+2.6.26-lenny-security: released (2.6.26-22lenny1) [bugfix/all/gfs2-skip-check-for-mandatory-locks-when-unlocking.patch]
+2.6.32-squeeze-security: released (2.6.32-11) [bugfix/all/stable/2.6.32.11.patch]
Property changes on: retired/CVE-2010-0727
___________________________________________________________________
Added: svn:mergeinfo
+
Copied: retired/CVE-2010-1083 (from rev 1835, active/CVE-2010-1083)
===================================================================
--- retired/CVE-2010-1083 (rev 0)
+++ retired/CVE-2010-1083 2010-05-25 09:32:56 UTC (rev 1836)
@@ -0,0 +1,11 @@
+Candidate: CVE-2010-1083
+Description: kernel information leak via userspace USB interface
+References:
+Notes:
+ jmm> d4a4683ca054ed9917dfc9e3ff0f7ecf74ad90d6
+Bugs:
+upstream: released (2.6.33)
+2.6.32-upstream-stable: released (2.6.32.9)
+linux-2.6: released (2.6.32-9)
+2.6.26-lenny-security: released (2.6.26-22lenny1) [bugfix/all/usbfs-only-copy-received-data.patch]
+2.6.32-squeeze-security: released (2.6.32-9)
Property changes on: retired/CVE-2010-1083
___________________________________________________________________
Added: svn:mergeinfo
+
Copied: retired/CVE-2010-1084 (from rev 1835, active/CVE-2010-1084)
===================================================================
--- retired/CVE-2010-1084 (rev 0)
+++ retired/CVE-2010-1084 2010-05-25 09:32:56 UTC (rev 1836)
@@ -0,0 +1,12 @@
+Candidate: CVE-2010-1084
+Description: bluetooth: potential bad memory access with sysfs files
+References:
+Notes:
+ jmm> 101545f6fef4a0a3ea8daf0b5b880df2c6a92a69
+ jmm> Submitted for stable at kernel.org
+Bugs:
+upstream: released (2.6.34-rc3) [101545f6]
+2.6.32-upstream-stable: released (2.6.32.11) [e1c20f72]
+linux-2.6: released (2.6.32-11) [bugfix/all/stable/2.6.32.11.patch]
+2.6.26-lenny-security: released (2.6.26-22lenny1) [bugfix/all/bluetooth-fix-potential-bad-memory-access-with-sysfs-files.patch]
+2.6.32-squeeze-security: released (2.6.32-11) [bugfix/all/stable/2.6.32.11.patch]
Property changes on: retired/CVE-2010-1084
___________________________________________________________________
Added: svn:mergeinfo
+
Copied: retired/CVE-2010-1086 (from rev 1835, active/CVE-2010-1086)
===================================================================
--- retired/CVE-2010-1086 (rev 0)
+++ retired/CVE-2010-1086 2010-05-25 09:32:56 UTC (rev 1836)
@@ -0,0 +1,11 @@
+Candidate: CVE-2010-1086
+Description: dvb-core: ULE decapsulation DoS
+References:
+Notes:
+ jmm> 29e1fa3565a7951cc415c634eb2b78dbdbee151d
+Bugs:
+upstream: released (2.6.32.10)
+2.6.32-upstream-stable: released (2.6.32.10)
+linux-2.6: released (2.6.32-10)
+2.6.26-lenny-security: released (2.6.26-22lenny1) [bugfix/all/dvb-core-fix-dos-in-ule-decapsulation.patch]
+2.6.32-squeeze-security: released (2.6.32-10)
Property changes on: retired/CVE-2010-1086
___________________________________________________________________
Added: svn:mergeinfo
+
Copied: retired/CVE-2010-1087 (from rev 1835, active/CVE-2010-1087)
===================================================================
--- retired/CVE-2010-1087 (rev 0)
+++ retired/CVE-2010-1087 2010-05-25 09:32:56 UTC (rev 1836)
@@ -0,0 +1,11 @@
+Candidate: CVE-2010-1087
+Description: NFS: Fix an Oops when truncating a file
+References:
+Notes:
+ jmm> 9f557cd8073104b39528794d44e129331ded649f
+Bugs:
+upstream: released (2.6.33)
+2.6.32-upstream-stable: released (2.6.32.9)
+linux-2.6: released (2.6.32-9)
+2.6.26-lenny-security: released (2.6.26-22lenny1) [bugfix/all/nfs-fix-an-oops-when-truncating-a-file.patch]
+2.6.32-squeeze-security: released (2.6.32-9)
Property changes on: retired/CVE-2010-1087
___________________________________________________________________
Added: svn:mergeinfo
+
Copied: retired/CVE-2010-1088 (from rev 1835, active/CVE-2010-1088)
===================================================================
--- retired/CVE-2010-1088 (rev 0)
+++ retired/CVE-2010-1088 2010-05-25 09:32:56 UTC (rev 1836)
@@ -0,0 +1,11 @@
+Candidate: CVE-2010-1088
+Description: kernel: NFS DoS related to "automount" symlinks
+References:
+Notes:
+ jmm> ac278a9c505092dd82077a2446af8f9fc0d9c095
+Bugs:
+upstream: released (2.6.32.10)
+2.6.32-upstream-stable: released (2.6.32.10)
+linux-2.6: released (2.6.32-10)
+2.6.26-lenny-security: released (2.6.26-22lenny1) [bugfix/all/fix-LOOKUP_FOLLOW-on-automount-symlinks.patch]
+2.6.32-squeeze-security: released (2.6.32-10)
Property changes on: retired/CVE-2010-1088
___________________________________________________________________
Added: svn:mergeinfo
+
Copied: retired/CVE-2010-1162 (from rev 1835, active/CVE-2010-1162)
===================================================================
--- retired/CVE-2010-1162 (rev 0)
+++ retired/CVE-2010-1162 2010-05-25 09:32:56 UTC (rev 1836)
@@ -0,0 +1,12 @@
+Candidate: CVE-2010-1162
+Description:
+ tty: release_one_tty() forgets to put pids
+References:
+ http://www.openwall.com/lists/oss-security/2010/04/14/1
+Notes:
+Bugs:
+upstream: released (2.6.34-rc4) [6da8d866]
+2.6.32-upstream-stable: released (2.6.32.12) [e2278e63]
+linux-2.6: released (2.6.32-12) [bugfix/all/stable/2.6.32.12.patch]
+2.6.26-lenny-security: released (2.6.26-22lenny1) [bugfix/all/tty-release_one_tty-forgets-to-put-pids.patch]
+2.6.32-squeeze-security: released (2.6.32-12) [bugfix/all/stable/2.6.32.12.patch]
Property changes on: retired/CVE-2010-1162
___________________________________________________________________
Added: svn:mergeinfo
+
Copied: retired/CVE-2010-1446 (from rev 1835, active/CVE-2010-1446)
===================================================================
--- retired/CVE-2010-1446 (rev 0)
+++ retired/CVE-2010-1446 2010-05-25 09:32:56 UTC (rev 1836)
@@ -0,0 +1,12 @@
+Candidate: CVE-2010-1446
+Description:
+References:
+ http://www.openwall.com/lists/oss-security/2010/04/29/3
+Notes:
+jmm> 56151e753468e34aeb322af4b0309ab727c97d2e
+Bugs:
+upstream: relased (2.6.34)
+2.6.32-upstream-stable: released (2.6.32.13)
+linux-2.6: released (2.6.32-12) [bugfix/powerpc/kgdb-dont-needlessly-skip-PAGE_USER-test-for-Fsl-booke.patch]
+2.6.26-lenny-security: released (2.6.26-22lenny1)
+2.6.32-squeeze-security: released (2.6.32-12) [bugfix/powerpc/kgdb-dont-needlessly-skip-PAGE_USER-test-for-Fsl-booke.patch]
Property changes on: retired/CVE-2010-1446
___________________________________________________________________
Added: svn:mergeinfo
+
Copied: retired/CVE-2010-1451 (from rev 1835, active/CVE-2010-1451)
===================================================================
--- retired/CVE-2010-1451 (rev 0)
+++ retired/CVE-2010-1451 2010-05-25 09:32:56 UTC (rev 1836)
@@ -0,0 +1,14 @@
+Candidate: CVE-2010-1451
+Description:
+ jmm> sparc64: Fix sun4u execute bit check in TSB I-TLB load
+References:
+ http://marc.info/?l=linux-sparc&m=126662196902830&w=2
+ http://marc.info/?l=linux-sparc&m=126662159602378&w=2
+Notes:
+ jmm> 1f474646fdc36b457606bbcd6a3592e6cbd31ac4
+Bugs:
+upstream: released (2.6.34)
+2.6.32-upstream-stable: released (2.6.32.10)
+linux-2.6: released (2.6.32-10) [bugfix/all/stable/2.6.32.10.patch]
+2.6.26-lenny-security: released (2.6.26-22lenny1) [bugfix/sparc/fix-sun4u-execute-bit-check-in-TSB-I-ITLB-load.patch]
+2.6.32-squeeze-security: released (2.6.32-10) [bugfix/all/stable/2.6.32.10.patch]
Property changes on: retired/CVE-2010-1451
___________________________________________________________________
Added: svn:mergeinfo
+
More information about the kernel-sec-discuss
mailing list