[kernel-sec-discuss] r2269 - active retired

Mon Apr 18 13:38:07 UTC 2011

Author: jmm
Date: 2011-04-18 13:38:06 +0000 (Mon, 18 Apr 2011)
New Revision: 2269

Added:
   retired/CVE-2010-4263
   retired/CVE-2010-4342
   retired/CVE-2011-0716
   retired/CVE-2011-1023
Removed:
   active/CVE-2010-4263
   active/CVE-2010-4342
   active/CVE-2011-0716
   active/CVE-2011-1023
Log:
retire four issues


Deleted: active/CVE-2010-4263
===================================================================

--- active/CVE-2010-4263	2011-04-18 13:37:46 UTC (rev 2268)
+++ active/CVE-2010-4263	2011-04-18 13:38:06 UTC (rev 2269)
@@ -1,11 +0,0 @@
-Candidate: CVE-2010-4263
-Description: igb panic w/ vlan packets
-References:
-Notes:
-Bugs:
-upstream: released (2.6.34) [31b24b955c3ebbb6f3008a6374e61cf7c05a193c]
-2.6.32-upstream-stable: released (2.6.32.28)
-linux-2.6: released (2.6.32-30)
-2.6.26-lenny-security: N/A "Vulnerable code not present"
-2.6.32-squeeze-security: released (2.6.32-30)
-

Deleted: active/CVE-2010-4342
===================================================================
--- active/CVE-2010-4342	2011-04-18 13:37:46 UTC (rev 2268)
+++ active/CVE-2010-4342	2011-04-18 13:38:06 UTC (rev 2269)
@@ -1,12 +0,0 @@
-Candidate: CVE-2010-4342
-Description: NULL deref in econet
-References:
- http://marc.info/?l=linux-netdev&m=129185496013580&w=2
- http://marc.info/?l=linux-netdev&m=129186011218615&w=2
-Notes:
-Bugs:
-upstream: released (2.6.37) [4e085e76cbe558b79b54cbab772f61185879bc64]
-2.6.32-upstream-stable: released (2.6.32.37)
-linux-2.6: released (2.6.32-30) [bugfix/all/CVE-2010-4342.patch]
-2.6.26-lenny-security: released (2.6.26-26lenny2) [bugfix/all/econet-fix-crash-in-aun_incoming.patch]
-2.6.32-squeeze-security: released (2.6.32-30) [bugfix/all/CVE-2010-4342.patch]

Deleted: active/CVE-2011-0716
===================================================================
--- active/CVE-2011-0716	2011-04-18 13:37:46 UTC (rev 2268)
+++ active/CVE-2011-0716	2011-04-18 13:38:06 UTC (rev 2269)
@@ -1,12 +0,0 @@
-Candidate: CVE-2011-0716
-Description: deficiency in processing igmp host membership reports in br_multicast
-References:
- http://git.kernel.org/?p=linux/kernel/git/davem/net-2.6.git;a=commitdiff;h=6b0d6a9b4296fa16a28d10d416db7a770fc03287
-Notes:
- jmm> Introduced in 2.6.34
-Bugs:
-upstream: released (2.6.38) [6b0d6a9b4]
-2.6.32-upstream-stable: N/A "code not present"
-linux-2.6: released (2.6.38-1)
-2.6.26-lenny-security: N/A "code not present"
-2.6.32-squeeze-security: N/A "code not present"

Deleted: active/CVE-2011-1023
===================================================================
--- active/CVE-2011-1023	2011-04-18 13:37:46 UTC (rev 2268)
+++ active/CVE-2011-1023	2011-04-18 13:38:06 UTC (rev 2269)
@@ -1,11 +0,0 @@
-Candidate: CVE-2011-1023
-Description: rds: prevent BUG_ON triggering on congestion map updates
-References:
- http://git.kernel.org/?p=linux/kernel/git/davem/net-2.6.git;a=commitdiff;h=6094628bfd94323fc1cea05ec2c6affd98c18f7f
-Notes:
-Bugs:
-upstream: released (2.6.38)
-2.6.32-upstream-stable: N/A "Introduced in 2.6.35 with commit 2e7b3b99"
-linux-2.6: released (2.6.38-1)
-2.6.26-lenny-security: N/A "Introduced in 2.6.35 with commit 2e7b3b99"
-2.6.32-squeeze-security: N/A "Introduced in 2.6.35 with commit 2e7b3b99"

Copied: retired/CVE-2010-4263 (from rev 2255, active/CVE-2010-4263)
===================================================================
--- retired/CVE-2010-4263	                        (rev 0)
+++ retired/CVE-2010-4263	2011-04-18 13:38:06 UTC (rev 2269)
@@ -0,0 +1,11 @@
+Candidate: CVE-2010-4263
+Description: igb panic w/ vlan packets
+References:
+Notes:
+Bugs:
+upstream: released (2.6.34) [31b24b955c3ebbb6f3008a6374e61cf7c05a193c]
+2.6.32-upstream-stable: released (2.6.32.28)
+linux-2.6: released (2.6.32-30)
+2.6.26-lenny-security: N/A "Vulnerable code not present"
+2.6.32-squeeze-security: released (2.6.32-30)
+


Property changes on: retired/CVE-2010-4263
___________________________________________________________________
Added: svn:mergeinfo
   + 

Copied: retired/CVE-2010-4342 (from rev 2256, active/CVE-2010-4342)
===================================================================
--- retired/CVE-2010-4342	                        (rev 0)
+++ retired/CVE-2010-4342	2011-04-18 13:38:06 UTC (rev 2269)
@@ -0,0 +1,12 @@
+Candidate: CVE-2010-4342
+Description: NULL deref in econet
+References:
+ http://marc.info/?l=linux-netdev&m=129185496013580&w=2
+ http://marc.info/?l=linux-netdev&m=129186011218615&w=2
+Notes:
+Bugs:
+upstream: released (2.6.37) [4e085e76cbe558b79b54cbab772f61185879bc64]
+2.6.32-upstream-stable: released (2.6.32.37)
+linux-2.6: released (2.6.32-30) [bugfix/all/CVE-2010-4342.patch]
+2.6.26-lenny-security: released (2.6.26-26lenny2) [bugfix/all/econet-fix-crash-in-aun_incoming.patch]
+2.6.32-squeeze-security: released (2.6.32-30) [bugfix/all/CVE-2010-4342.patch]


Property changes on: retired/CVE-2010-4342
___________________________________________________________________
Added: svn:mergeinfo
   + 

Copied: retired/CVE-2011-0716 (from rev 2255, active/CVE-2011-0716)
===================================================================
--- retired/CVE-2011-0716	                        (rev 0)
+++ retired/CVE-2011-0716	2011-04-18 13:38:06 UTC (rev 2269)
@@ -0,0 +1,12 @@
+Candidate: CVE-2011-0716
+Description: deficiency in processing igmp host membership reports in br_multicast
+References:
+ http://git.kernel.org/?p=linux/kernel/git/davem/net-2.6.git;a=commitdiff;h=6b0d6a9b4296fa16a28d10d416db7a770fc03287
+Notes:
+ jmm> Introduced in 2.6.34
+Bugs:
+upstream: released (2.6.38) [6b0d6a9b4]
+2.6.32-upstream-stable: N/A "code not present"
+linux-2.6: released (2.6.38-1)
+2.6.26-lenny-security: N/A "code not present"
+2.6.32-squeeze-security: N/A "code not present"


Property changes on: retired/CVE-2011-0716
___________________________________________________________________
Added: svn:mergeinfo
   + 

Copied: retired/CVE-2011-1023 (from rev 2266, active/CVE-2011-1023)
===================================================================
--- retired/CVE-2011-1023	                        (rev 0)
+++ retired/CVE-2011-1023	2011-04-18 13:38:06 UTC (rev 2269)
@@ -0,0 +1,11 @@
+Candidate: CVE-2011-1023
+Description: rds: prevent BUG_ON triggering on congestion map updates
+References:
+ http://git.kernel.org/?p=linux/kernel/git/davem/net-2.6.git;a=commitdiff;h=6094628bfd94323fc1cea05ec2c6affd98c18f7f
+Notes:
+Bugs:
+upstream: released (2.6.38)
+2.6.32-upstream-stable: N/A "Introduced in 2.6.35 with commit 2e7b3b99"
+linux-2.6: released (2.6.38-1)
+2.6.26-lenny-security: N/A "Introduced in 2.6.35 with commit 2e7b3b99"
+2.6.32-squeeze-security: N/A "Introduced in 2.6.35 with commit 2e7b3b99"


Property changes on: retired/CVE-2011-1023
___________________________________________________________________
Added: svn:mergeinfo
   + 


