[kernel-sec-discuss] r1975 - active retired

Moritz Muehlenhoff jmm at alioth.debian.org
Thu Sep 30 06:57:57 UTC 2010


Author: jmm
Date: 2010-09-30 06:57:55 +0000 (Thu, 30 Sep 2010)
New Revision: 1975

Added:
   retired/CVE-2010-2946
   retired/CVE-2010-3015
   retired/CVE-2010-3067
   retired/CVE-2010-3078
Removed:
   active/CVE-2010-2946
   active/CVE-2010-3015
   active/CVE-2010-3067
   active/CVE-2010-3078
Log:
retire issues


Deleted: active/CVE-2010-2946
===================================================================
--- active/CVE-2010-2946	2010-09-30 06:48:14 UTC (rev 1974)
+++ active/CVE-2010-2946	2010-09-30 06:57:55 UTC (rev 1975)
@@ -1,11 +0,0 @@
-Candidate: CVE-2010-2946
-Description: jfs: don't allow os2 xattr namespace overlap with others
-References:
-Notes:
- jmm> aca0fa34bdaba39bfddddba8ca70dba4782e8fe6
-Bugs:
-upstream: released (2.6.36-rc1)
-2.6.32-upstream-stable: released (2.6.32.19)
-linux-2.6: released (2.6.32-21)
-2.6.26-lenny-security: released (2.6.26-25) [bugfix/all/jfs-dont-allow-os2-xattr-namespace-overlap-with-others.patch]
-2.6.32-squeeze-security: released (2.6.32-21)

Deleted: active/CVE-2010-3015
===================================================================
--- active/CVE-2010-3015	2010-09-30 06:48:14 UTC (rev 1974)
+++ active/CVE-2010-3015	2010-09-30 06:57:55 UTC (rev 1975)
@@ -1,12 +0,0 @@
-Candidate: CVE-2010-3015
-Description: ext4 integer overflow
-References:
- http://www.openwall.com/lists/oss-security/2010/08/16/1
- http://www.openwall.com/lists/oss-security/2010/08/16/3
-Notes:
-Bugs:
-upstream: released (2.6.34) [731eb1a0]
-2.6.32-upstream-stable: released (2.6.32.21)
-linux-2.6: released (2.6.32-22)
-2.6.26-lenny-security: released (2.6.26-24lenny1) [bugfix/all/ext4-consolidate-in_range-definitions.patch]
-2.6.32-squeeze-security: released (2.6.32-22)

Deleted: active/CVE-2010-3067
===================================================================
--- active/CVE-2010-3067	2010-09-30 06:48:14 UTC (rev 1974)
+++ active/CVE-2010-3067	2010-09-30 06:57:55 UTC (rev 1975)
@@ -1,11 +0,0 @@
-Candidate: cve-2010-3067
-Description: fs/aio.c integer overflow
-References:
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3067
-Notes:
-Bugs:
-upstream: released (2.6.36-rc5) [75e1c70f]
-2.6.32-upstream-stable: released (2.6.32.23)
-linux-2.6: released (2.6.32-24)
-2.6.26-lenny-security: needed
-2.6.32-squeeze-security: released (2.6.32-24)

Deleted: active/CVE-2010-3078
===================================================================
--- active/CVE-2010-3078	2010-09-30 06:48:14 UTC (rev 1974)
+++ active/CVE-2010-3078	2010-09-30 06:57:55 UTC (rev 1975)
@@ -1,12 +0,0 @@
-Candidate: CVE-2010-3078
-Description: XFS_IOC_FSGETXATTR ioctl memory leak
-References:
- http://www.linux.sgi.com/archives/xfs-masters/2010-09/msg00002.html
- https://bugzilla.redhat.com/show_bug.cgi?id=630804
-Notes:
-Bugs:
-upstream: released (2.6.36-rc4) [a122eb2]
-2.6.32-upstream-stable: released (2.6.32.23)
-linux-2.6:  released (2.6.32-24)
-2.6.26-lenny-security: released (2.6.26-25lenny1) [bugfix/all/xfs-prevent-reading-uninitialized-stack-memory.patch]
-2.6.32-squeeze-security: released (2.6.32-24)

Copied: retired/CVE-2010-2946 (from rev 1973, active/CVE-2010-2946)
===================================================================
--- retired/CVE-2010-2946	                        (rev 0)
+++ retired/CVE-2010-2946	2010-09-30 06:57:55 UTC (rev 1975)
@@ -0,0 +1,11 @@
+Candidate: CVE-2010-2946
+Description: jfs: don't allow os2 xattr namespace overlap with others
+References:
+Notes:
+ jmm> aca0fa34bdaba39bfddddba8ca70dba4782e8fe6
+Bugs:
+upstream: released (2.6.36-rc1)
+2.6.32-upstream-stable: released (2.6.32.19)
+linux-2.6: released (2.6.32-21)
+2.6.26-lenny-security: released (2.6.26-25) [bugfix/all/jfs-dont-allow-os2-xattr-namespace-overlap-with-others.patch]
+2.6.32-squeeze-security: released (2.6.32-21)


Property changes on: retired/CVE-2010-2946
___________________________________________________________________
Added: svn:mergeinfo
   + 

Copied: retired/CVE-2010-3015 (from rev 1973, active/CVE-2010-3015)
===================================================================
--- retired/CVE-2010-3015	                        (rev 0)
+++ retired/CVE-2010-3015	2010-09-30 06:57:55 UTC (rev 1975)
@@ -0,0 +1,12 @@
+Candidate: CVE-2010-3015
+Description: ext4 integer overflow
+References:
+ http://www.openwall.com/lists/oss-security/2010/08/16/1
+ http://www.openwall.com/lists/oss-security/2010/08/16/3
+Notes:
+Bugs:
+upstream: released (2.6.34) [731eb1a0]
+2.6.32-upstream-stable: released (2.6.32.21)
+linux-2.6: released (2.6.32-22)
+2.6.26-lenny-security: released (2.6.26-24lenny1) [bugfix/all/ext4-consolidate-in_range-definitions.patch]
+2.6.32-squeeze-security: released (2.6.32-22)


Property changes on: retired/CVE-2010-3015
___________________________________________________________________
Added: svn:mergeinfo
   + 

Copied: retired/CVE-2010-3067 (from rev 1974, active/CVE-2010-3067)
===================================================================
--- retired/CVE-2010-3067	                        (rev 0)
+++ retired/CVE-2010-3067	2010-09-30 06:57:55 UTC (rev 1975)
@@ -0,0 +1,11 @@
+Candidate: cve-2010-3067
+Description: fs/aio.c integer overflow
+References:
+ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3067
+Notes:
+Bugs:
+upstream: released (2.6.36-rc5) [75e1c70f]
+2.6.32-upstream-stable: released (2.6.32.23)
+linux-2.6: released (2.6.32-24)
+2.6.26-lenny-security: needed
+2.6.32-squeeze-security: released (2.6.32-24)


Property changes on: retired/CVE-2010-3067
___________________________________________________________________
Added: svn:mergeinfo
   + 

Copied: retired/CVE-2010-3078 (from rev 1974, active/CVE-2010-3078)
===================================================================
--- retired/CVE-2010-3078	                        (rev 0)
+++ retired/CVE-2010-3078	2010-09-30 06:57:55 UTC (rev 1975)
@@ -0,0 +1,12 @@
+Candidate: CVE-2010-3078
+Description: XFS_IOC_FSGETXATTR ioctl memory leak
+References:
+ http://www.linux.sgi.com/archives/xfs-masters/2010-09/msg00002.html
+ https://bugzilla.redhat.com/show_bug.cgi?id=630804
+Notes:
+Bugs:
+upstream: released (2.6.36-rc4) [a122eb2]
+2.6.32-upstream-stable: released (2.6.32.23)
+linux-2.6:  released (2.6.32-24)
+2.6.26-lenny-security: released (2.6.26-25lenny1) [bugfix/all/xfs-prevent-reading-uninitialized-stack-memory.patch]
+2.6.32-squeeze-security: released (2.6.32-24)


Property changes on: retired/CVE-2010-3078
___________________________________________________________________
Added: svn:mergeinfo
   + 




More information about the kernel-sec-discuss mailing list