[kernel-sec-discuss] r2259 - active
Moritz Muehlenhoff
jmm at alioth.debian.org
Mon Apr 18 12:02:34 UTC 2011
Author: jmm
Date: 2011-04-18 12:02:09 +0000 (Mon, 18 Apr 2011)
New Revision: 2259
Added:
active/CVE-2011-1494
active/CVE-2011-1495
Log:
two new issues
Added: active/CVE-2011-1494
===================================================================
--- active/CVE-2011-1494 (rev 0)
+++ active/CVE-2011-1494 2011-04-18 12:02:09 UTC (rev 2259)
@@ -0,0 +1,14 @@
+Candidate: CVE-2011-1494
+Description: buffer overflow in mpt2ctl
+References:
+ jmm> http://marc.info/?l=linux-scsi&m=130202237006310&w=2
+ jmm> The /dev file is owned by root as standard, so shouldn't be an issue
+ jmm> for sane installations
+ jmm> no upstream fix as of 2011-04-18
+Notes:
+Bugs:
+upstream: needed
+2.6.32-upstream-stable: needed
+linux-2.6: needed
+2.6.26-lenny-security: needed
+2.6.32-squeeze-security: needed
Added: active/CVE-2011-1495
===================================================================
--- active/CVE-2011-1495 (rev 0)
+++ active/CVE-2011-1495 2011-04-18 12:02:09 UTC (rev 2259)
@@ -0,0 +1,14 @@
+Candidate: CVE-2011-1495
+Description: information disclosure in mpt2ctl
+References:
+ jmm> http://marc.info/?l=linux-scsi&m=130202237006310&w=2
+ jmm> The /dev file is owned by root as standard, so shouldn't be an issue
+ jmm> for sane installations
+ jmm> no upstream fix as of 2011-04-18
+Notes:
+Bugs:
+upstream: needed
+2.6.32-upstream-stable: needed
+linux-2.6: needed
+2.6.26-lenny-security: needed
+2.6.32-squeeze-security: needed
More information about the kernel-sec-discuss
mailing list