[kernel-sec-discuss] r1995 - active

Dann Frazier dannf at alioth.debian.org
Thu Oct 14 07:05:41 UTC 2010 

Author: dannf
Date: 2010-10-14 07:05:35 +0000 (Thu, 14 Oct 2010)
New Revision: 1995

Modified:
   active/CVE-2010-1436
   active/CVE-2010-2653
   active/CVE-2010-2942
   active/CVE-2010-3084
   active/CVE-2010-3310
   active/CVE-2010-3437
   active/CVE-2010-3442
   active/CVE-2010-3477
   active/CVE-2010-3705
Log:
update status

Modified: active/CVE-2010-1436
===================================================================
--- active/CVE-2010-1436	2010-10-13 15:55:25 UTC (rev 1994)
+++ active/CVE-2010-1436	2010-10-14 07:05:35 UTC (rev 1995)
@@ -6,6 +6,6 @@
 Bugs:
 upstream: released (2.6.35-rc1) [7e619bc3e]
 2.6.32-upstream-stable: needed
-linux-2.6: needed
+linux-2.6: pending (2.6.32-25) [bugfix/all/gfs2-clean-up-gfs_adjust_quota-and_do_glock.patch, bugfix/all/gfs2-fix-writing-to-non-page-aligned-gfs2_quota-structures.patch]
 2.6.26-lenny-security: needed
-2.6.32-squeeze-security: needed
+2.6.32-squeeze-security: pending (2.6.32-25) [bugfix/all/gfs2-clean-up-gfs_adjust_quota-and_do_glock.patch, bugfix/all/gfs2-fix-writing-to-non-page-aligned-gfs2_quota-structures.patch]

Modified: active/CVE-2010-2653
===================================================================
--- active/CVE-2010-2653	2010-10-13 15:55:25 UTC (rev 1994)
+++ active/CVE-2010-2653	2010-10-14 07:05:35 UTC (rev 1995)
@@ -10,6 +10,6 @@
 Bugs:
 upstream: released (2.6.34-rc2) [e74d098c]
 2.6.32-upstream-stable: needed
-linux-2.6: needed
+linux-2.6: pending (2.6.32-25) [bugfix/all/hvc_console-fix-race-between-hvc_close-and-hvc_remove.patch, bugfix/all/hvc_console-fix-race-between-hvc_close-and-hvc_remove-2.patch]
 2.6.26-lenny-security: "needs port"
-2.6.32-squeeze-security: needed
+2.6.32-squeeze-security: pending (2.6.32-25) [bugfix/all/hvc_console-fix-race-between-hvc_close-and-hvc_remove.patch, bugfix/all/hvc_console-fix-race-between-hvc_close-and-hvc_remove-2.patch]

Modified: active/CVE-2010-2942
===================================================================
--- active/CVE-2010-2942	2010-10-13 15:55:25 UTC (rev 1994)
+++ active/CVE-2010-2942	2010-10-14 07:05:35 UTC (rev 1995)
@@ -8,7 +8,7 @@
 Notes:
 Bugs:
 upstream: released (2.6.36-rc3) [1c40be1]
-2.6.32-upstream-stable: needed
-linux-2.6: needed
+2.6.32-upstream-stable:
+linux-2.6: pending (2.6.32-25) [bugfix/all/act_nat-use-stack-variable.patch, bugfix/all/net-sched-fix-some-memory-leaks.patch]
 2.6.26-lenny-security: released (2.6.26-25) [bugfix/all/net-sched-fix-some-kernel-memory-leaks.patch]
-2.6.32-squeeze-security: needed
+2.6.32-squeeze-security: pending (2.6.32-25) [bugfix/all/act_nat-use-stack-variable.patch, bugfix/all/net-sched-fix-some-memory-leaks.patch]

Modified: active/CVE-2010-3084
===================================================================
--- active/CVE-2010-3084	2010-10-13 15:55:25 UTC (rev 1994)
+++ active/CVE-2010-3084	2010-10-14 07:05:35 UTC (rev 1995)
@@ -7,6 +7,6 @@
 Bugs:
 upstream: released (2.6.36-rc4) 
 2.6.32-upstream-stable:
-linux-2.6: 
+linux-2.6: pending (2.6.32-25) [bugfix/all/niu-fix-kernel-buffer-overflow-for-ETHTOOL_GRXCLSRLALL.patch]
 2.6.26-lenny-security:
-2.6.32-squeeze-security:
+2.6.32-squeeze-security: pending (2.6.32-25) [bugfix/all/niu-fix-kernel-buffer-overflow-for-ETHTOOL_GRXCLSRLALL.patch]

Modified: active/CVE-2010-3310
===================================================================
--- active/CVE-2010-3310	2010-10-13 15:55:25 UTC (rev 1994)
+++ active/CVE-2010-3310	2010-10-14 07:05:35 UTC (rev 1995)
@@ -9,6 +9,6 @@
 Bugs:
 upstream: released (2.6.36-rc6)
 2.6.32-upstream-stable: needed
-linux-2.6: needed
+linux-2.6: pending (2.6.32-25) [bugfix/all/rose-fix-signedness-issues-wrt-digi-count.patch]
 2.6.26-lenny-security: needed
-2.6.32-squeeze-security: needed
+2.6.32-squeeze-security: pending (2.6.32-25) [bugfix/all/rose-fix-signedness-issues-wrt-digi-count.patch]

Modified: active/CVE-2010-3437
===================================================================
--- active/CVE-2010-3437	2010-10-13 15:55:25 UTC (rev 1994)
+++ active/CVE-2010-3437	2010-10-14 07:05:35 UTC (rev 1995)
@@ -22,6 +22,6 @@
 Bugs:
 upstream: released (2.6.36-rc6)
 2.6.32-upstream-stable: needed
-linux-2.6: needed
+linux-2.6: pending (2.6.32-25) [bugfix/all/fix-pktcdvd-ioctl-dev_minor-range-check.patch]
 2.6.26-lenny-security: needed
-2.6.32-squeeze-security: needed
+2.6.32-squeeze-security: pending (2.6.32-25) [bugfix/all/fix-pktcdvd-ioctl-dev_minor-range-check.patch]

Modified: active/CVE-2010-3442
===================================================================
--- active/CVE-2010-3442	2010-10-13 15:55:25 UTC (rev 1994)
+++ active/CVE-2010-3442	2010-10-14 07:05:35 UTC (rev 1995)
@@ -18,6 +18,6 @@
 Bugs:
 upstream: needed
 2.6.32-upstream-stable: needed
-linux-2.6: needed
+linux-2.6: pending (2.6.32-25) [bugfix/all/alsa-prevent-heap-corruption-in-snd_ctl_new.patch]
 2.6.26-lenny-security:
-2.6.32-squeeze-security: needed
+2.6.32-squeeze-security: pending (2.6.32-25) [bugfix/all/alsa-prevent-heap-corruption-in-snd_ctl_new.patch]

Modified: active/CVE-2010-3477
===================================================================
--- active/CVE-2010-3477	2010-10-13 15:55:25 UTC (rev 1994)
+++ active/CVE-2010-3477	2010-10-14 07:05:35 UTC (rev 1995)
@@ -7,6 +7,6 @@
 Bugs:
 upstream: released (2.6.36-rc4) [0f04cfd0]
 2.6.32-upstream-stable: needed
-linux-2.6: needed
-2.6.26-lenny-security: needed
-2.6.32-squeeze-security: needed
+linux-2.6: pending (2.6.32-25) [bugfix/all/net-sched-fix-kernel-leak-in-act_police.patch]
+2.6.26-lenny-security: pending (2.6.26-25lenny2) [bugfix/all/net-sched-fix-kernel-leak-in-act_police.patch]
+2.6.32-squeeze-security: pending (2.6.32-25) [bugfix/all/net-sched-fix-kernel-leak-in-act_police.patch]

Modified: active/CVE-2010-3705
===================================================================
--- active/CVE-2010-3705	2010-10-13 15:55:25 UTC (rev 1994)
+++ active/CVE-2010-3705	2010-10-14 07:05:35 UTC (rev 1995)
@@ -8,6 +8,6 @@
 Bugs:
 upstream: needed
 2.6.32-upstream-stable: needed
-linux-2.6: needed
+linux-2.6: pending (2.6.32-25) [bugfix/all/sctp-fix-out-of-bounds-reading-in-sctp_assoc_get_hmac.patch]
 2.6.26-lenny-security: needed
-2.6.32-squeeze-security: needed
+2.6.32-squeeze-security: pending (2.6.32-25) [bugfix/all/sctp-fix-out-of-bounds-reading-in-sctp_assoc_get_hmac.patch]

More information about the kernel-sec-discuss mailing list