[kernel-sec-discuss] r1982 - active

Moritz Muehlenhoff jmm at alioth.debian.org
Thu Sep 30 12:06:22 UTC 2010


Author: jmm
Date: 2010-09-30 12:06:12 +0000 (Thu, 30 Sep 2010)
New Revision: 1982

Modified:
   active/CVE-2010-2954
   active/CVE-2010-3295
   active/CVE-2010-3296
   active/CVE-2010-3297
   active/CVE-2010-3298
   active/CVE-2010-3301
   active/CVE-2010-3310
   active/CVE-2010-3432
Log:
updates


Modified: active/CVE-2010-2954
===================================================================
--- active/CVE-2010-2954	2010-09-30 09:03:57 UTC (rev 1981)
+++ active/CVE-2010-2954	2010-09-30 12:06:12 UTC (rev 1982)
@@ -5,7 +5,7 @@
  http://www.spinics.net/lists/netdev/msg139404.html
 Notes:
 Bugs:
-upstream: pending (2.6.36) [628e300]
+upstream: released (2.6.36-rc4) [628e300]
 2.6.32-upstream-stable: released (2.6.32.23)
 linux-2.6: released (2.6.32-22) [bugfix/all/irda-correctly-clean-up-self-ias_obj-on-irda_bind-failure.patch]
 2.6.26-lenny-security: released (2.6.26-25lenny1) [bugfix/all/irda-correctly-clean-up-self-ias_obj-on-irda_bind-failure.patch]

Modified: active/CVE-2010-3295
===================================================================
--- active/CVE-2010-3295	2010-09-30 09:03:57 UTC (rev 1981)
+++ active/CVE-2010-3295	2010-09-30 12:06:12 UTC (rev 1982)
@@ -5,8 +5,8 @@
 Notes:
  supposedly not an issue: http://www.openwall.com/lists/oss-security/2010/09/15/2
 Bugs:
-upstream:
-2.6.32-upstream-stable:
-linux-2.6:
-2.6.26-lenny-security:
-2.6.32-squeeze-security:
+upstream: N/A
+2.6.32-upstream-stable: N/A
+linux-2.6: N/A
+2.6.26-lenny-security: N/A
+2.6.32-squeeze-security: N/A

Modified: active/CVE-2010-3296
===================================================================
--- active/CVE-2010-3296	2010-09-30 09:03:57 UTC (rev 1981)
+++ active/CVE-2010-3296	2010-09-30 12:06:12 UTC (rev 1982)
@@ -3,9 +3,10 @@
 References:
  https://bugzilla.redhat.com/633149
 Notes:
+ jmm> 49c37c0334a9b85d30ab3d6b5d1acb05ef2ef6de
 Bugs:
-upstream:
+upstream: released (2.6.36-rc5)
 2.6.32-upstream-stable: released (2.6.32.23)
 linux-2.6: released (2.6.32-24)
-2.6.26-lenny-security:
+2.6.26-lenny-security: needed
 2.6.32-squeeze-security: released (2.6.32-24)

Modified: active/CVE-2010-3297
===================================================================
--- active/CVE-2010-3297	2010-09-30 09:03:57 UTC (rev 1981)
+++ active/CVE-2010-3297	2010-09-30 12:06:12 UTC (rev 1982)
@@ -3,9 +3,10 @@
 References:
  https://bugzilla.redhat.com/633145
 Notes:
+ jmm> 44467187dc22fdd33a1a06ea0ba86ce20be3fe3c
 Bugs:
-upstream:
+upstream: released (2.6.36-rc5)
 2.6.32-upstream-stable: released (2.6.32.23)
 linux-2.6: released (2.6.32-24)
-2.6.26-lenny-security:
+2.6.26-lenny-security: needed
 2.6.32-squeeze-security: released (2.6.32-24)

Modified: active/CVE-2010-3298
===================================================================
--- active/CVE-2010-3298	2010-09-30 09:03:57 UTC (rev 1981)
+++ active/CVE-2010-3298	2010-09-30 12:06:12 UTC (rev 1982)
@@ -3,9 +3,11 @@
 References:
  https://bugzilla.redhat.com/633140
 Notes:
+ jmm> 7011e660938fc44ed86319c18a5954e95a82ab3e
+ jmm> 
 Bugs:
-upstream:
+upstream: released (2.6.36-rc5)
 2.6.32-upstream-stable: released (2.6.32.23)
 linux-2.6: released (2.6.32-24)
-2.6.26-lenny-security:
+2.6.26-lenny-security: N/A (Driver introduced in 2.6.27)
 2.6.32-squeeze-security: released (2.6.32-24)

Modified: active/CVE-2010-3301
===================================================================
--- active/CVE-2010-3301	2010-09-30 09:03:57 UTC (rev 1981)
+++ active/CVE-2010-3301	2010-09-30 12:06:12 UTC (rev 1982)
@@ -5,8 +5,8 @@
 Notes:
  poc: http://sota.gen.nz/compat2/robert_you_suck.c
 Bugs:
-upstream: pending [36d001c, eefdca0]
-2.6.32-upstream-stable: pending (2.6.32.22) [x86-64-compat-test-rax-for-the-syscall-number-not-eax.patch, x86-64-compat-retruncate-rax-after-ia32-syscall-entry-tracing.patch]
+upstream: released (2.6.35-rc5) [36d001c, eefdca0]
+2.6.32-upstream-stable: released (2.6.32.22) [x86-64-compat-test-rax-for-the-syscall-number-not-eax.patch, x86-64-compat-retruncate-rax-after-ia32-syscall-entry-tracing.patch]
 linux-2.6: released (2.6.32-23) [bugfix/x86/compat-test-rax-for-the-syscall-number-not-eax.patch, bugfix/x86/compat-retruncate-rax-after-ia32-syscall-entry-tracing.patch]
 2.6.26-lenny-security: N/A "issue (re-)introduced in 2.6.27 by d4d6715"
 2.6.32-squeeze-security: released (2.6.32-23) [bugfix/x86/compat-test-rax-for-the-syscall-number-not-eax.patch, bugfix/x86/compat-retruncate-rax-after-ia32-syscall-entry-tracing.patch]

Modified: active/CVE-2010-3310
===================================================================
--- active/CVE-2010-3310	2010-09-30 09:03:57 UTC (rev 1981)
+++ active/CVE-2010-3310	2010-09-30 12:06:12 UTC (rev 1982)
@@ -4,8 +4,9 @@
  http://www.openwall.com/lists/oss-security/2010/09/21/1
  http://marc.info/?l=linux-netdev&m=128502238927086&w=2
 Notes:
+ jmm> 9828e6e6e3f19efcb476c567b9999891d051f52f
 Bugs:
-upstream: needed
+upstream: released (2.6.36-rc6)
 2.6.32-upstream-stable: needed
 linux-2.6: needed
 2.6.26-lenny-security: needed

Modified: active/CVE-2010-3432
===================================================================
--- active/CVE-2010-3432	2010-09-30 09:03:57 UTC (rev 1981)
+++ active/CVE-2010-3432	2010-09-30 12:06:12 UTC (rev 1982)
@@ -8,7 +8,7 @@
  4bdab43323b459900578b200a4b8cf9713ac8fab
 Notes:
 Bugs:
-upstream:
+upstream: released (2.6.36-rc5)
 2.6.32-upstream-stable: released (2.6.32.23)
 linux-2.6: released (2.6.32-24)
 2.6.26-lenny-security:




More information about the kernel-sec-discuss mailing list