[kernel-sec-discuss] r1978 - active

Moritz Muehlenhoff jmm at alioth.debian.org
Thu Sep 30 07:15:48 UTC 2010


Author: jmm
Date: 2010-09-30 07:15:42 +0000 (Thu, 30 Sep 2010)
New Revision: 1978

Modified:
   active/CVE-2010-2954
   active/CVE-2010-2960
   active/CVE-2010-3080
   active/CVE-2010-3081
   active/CVE-2010-3084
Log:
updates


Modified: active/CVE-2010-2954
===================================================================
--- active/CVE-2010-2954	2010-09-30 07:04:38 UTC (rev 1977)
+++ active/CVE-2010-2954	2010-09-30 07:15:42 UTC (rev 1978)
@@ -6,7 +6,7 @@
 Notes:
 Bugs:
 upstream: pending (2.6.36) [628e300]
-2.6.32-upstream-stable: needed "davem says it is queued for stable, though not yet in the stable-queue..."
+2.6.32-upstream-stable: released (2.6.32.23)
 linux-2.6: released (2.6.32-22) [bugfix/all/irda-correctly-clean-up-self-ias_obj-on-irda_bind-failure.patch]
 2.6.26-lenny-security: released (2.6.26-25lenny1) [bugfix/all/irda-correctly-clean-up-self-ias_obj-on-irda_bind-failure.patch]
 2.6.32-squeeze-security: released (2.6.32-22) [bugfix/all/irda-correctly-clean-up-self-ias_obj-on-irda_bind-failure.patch]

Modified: active/CVE-2010-2960
===================================================================
--- active/CVE-2010-2960	2010-09-30 07:04:38 UTC (rev 1977)
+++ active/CVE-2010-2960	2010-09-30 07:15:42 UTC (rev 1978)
@@ -10,7 +10,7 @@
  https://bugzilla.redhat.com/show_bug.cgi?id=627440#c3
 Bugs:
 upstream: released (2.6.36-rc4) [9d1ac65, 3d96406]
-2.6.32-upstream-stable: needed "forwarded to stable@ by dannf"
+2.6.32-upstream-stable: released (2.6.32.23)
 linux-2.6: released (2.6.32-23) [bugfix/all/keys-fix-RCU-no-lock-warning-in-keyctl_session_to_parent.patch, bugfix/all/keys-fix-bug-in-keyctl_session_to_parent-if-parent-has-no-session-keyring.patch]
 2.6.26-lenny-security: N/A
 2.6.32-squeeze-security: released (2.6.32-23) [bugfix/all/keys-fix-RCU-no-lock-warning-in-keyctl_session_to_parent.patch, bugfix/all/keys-fix-bug-in-keyctl_session_to_parent-if-parent-has-no-session-keyring.patch]

Modified: active/CVE-2010-3080
===================================================================
--- active/CVE-2010-3080	2010-09-30 07:04:38 UTC (rev 1977)
+++ active/CVE-2010-3080	2010-09-30 07:15:42 UTC (rev 1978)
@@ -4,9 +4,11 @@
  https://bugzilla.redhat.com/CVE-2010-3080
  http://git.kernel.org/?p=linux/kernel/git/tiwai/sound-2.6.git;a=commitdiff;h=c598337660c21c0afaa9df5a65bb4a7a0cf15be8
 Notes:
+ CONFIG_SND_SEQUENCER_OSS is not set though, so not an issue for prebuilt kernels"
 Bugs:
 upstream: released (2.6.32-rc4) [27f7ad5]
-2.6.32-upstream-stable: pending (2.6.32.22) [alsa-seq-oss-fix-double-free-at-error-path-of-snd_seq_oss_open.patch]
-linux-2.6: needed
+2.6.32-upstream-stable: released (2.6.32.22) [alsa-seq-oss-fix-double-free-at-error-path-of-snd_seq_oss_open.patch]
+linux-2.6: released (2.6.32-24)
 2.6.26-lenny-security: released (2.6.26-25lenny1) [alsa-seq-oss-fix-double-free-at-error-path-of-snd_seq_oss_open.patch]
-2.6.32-squeeze-security: needed "CONFIG_SND_SEQUENCER_OSS is not set though, so not an issue for prebuilt kernels"
+2.6.32-squeeze-security: released (2.6.32-24)
+

Modified: active/CVE-2010-3081
===================================================================
--- active/CVE-2010-3081	2010-09-30 07:04:38 UTC (rev 1977)
+++ active/CVE-2010-3081	2010-09-30 07:15:42 UTC (rev 1978)
@@ -3,9 +3,10 @@
 References:
  http://sota.gen.nz/compat1/
 Notes:
+ commit c41d68a
 Bugs:
-upstream: pending [c41d68a]
-2.6.32-upstream-stable: pending (2.6.32.22) [compat-make-compat_alloc_user_space-incorporate-the-access_ok.patch]
+upstream: released (2.6.36-rc5) 
+2.6.32-upstream-stable: released (2.6.32.22) [compat-make-compat_alloc_user_space-incorporate-the-access_ok.patch]
 linux-2.6: released (2.6.32-23) [bugfix/all/compat-make-compat_alloc_user_space-incorporate-the-access_ok.patch]
 2.6.26-lenny-security: released (2.6.26-25lenny1) [bugfix/all/compat-make-compat_alloc_user_space-incorporate-the_access_ok.patch]
 2.6.32-squeeze-security: released (2.6.32-23) [bugfix/all/compat-make-compat_alloc_user_space-incorporate-the-access_ok.patch]

Modified: active/CVE-2010-3084
===================================================================
--- active/CVE-2010-3084	2010-09-30 07:04:38 UTC (rev 1977)
+++ active/CVE-2010-3084	2010-09-30 07:15:42 UTC (rev 1978)
@@ -3,9 +3,10 @@
 References:
  https://bugzilla.redhat.com/show_bug.cgi?id=632069
 Notes:
+ commit ee9c5cfa
 Bugs:
-upstream: pending [ee9c5cfa]
+upstream: released (2.6.36-rc4) 
 2.6.32-upstream-stable:
-linux-2.6:
+linux-2.6: 
 2.6.26-lenny-security:
 2.6.32-squeeze-security:




More information about the kernel-sec-discuss mailing list