[kernel-sec-discuss] r2280 - active retired

Moritz Muehlenhoff jmm at alioth.debian.org
Wed Apr 27 06:23:03 UTC 2011 

Author: jmm
Date: 2011-04-27 06:22:46 +0000 (Wed, 27 Apr 2011)
New Revision: 2280

Added:
   retired/CVE-2010-3865
Removed:
   active/CVE-2010-3865
Log:
retire issue


Deleted: active/CVE-2010-3865
===================================================================
--- active/CVE-2010-3865	2011-04-27 06:20:08 UTC (rev 2279)
+++ active/CVE-2010-3865	2011-04-27 06:22:46 UTC (rev 2280)
@@ -1,17 +0,0 @@
-Candidate: CVE-2010-3865
-Description: iovec overflow in rds_rdma_pages()
-References:
- http://www.spinics.net/lists/netdev/msg145359.html
- https://bugzilla.redhat.com/show_bug.cgi?id=647461
-Notes:
- jmm> Introduced in 2.6.30
- jmm> Given Linus's comment we should disable CONFIG_RDS for
- jmm> Squeeze
- bwh> This is probably fixed by the general fixes for CVE-2010-3859.
- bwh> Auto-loading will be disabled in 2.6.32-28.
-Bugs:
-upstream: released (2.6.37-rc1) [1b1f693d7ad6d193862dcb1118540a030c5e761f]
-2.6.32-upstream-stable: released (2.6.32.39) [dcef84f1]
-linux-2.6: released (2.6.37-1)
-2.6.26-lenny-security: N/A (Vulnerable code not present)
-2.6.32-squeeze-security: released (2.6.32-31)

Copied: retired/CVE-2010-3865 (from rev 2278, active/CVE-2010-3865)
===================================================================
--- retired/CVE-2010-3865	                        (rev 0)
+++ retired/CVE-2010-3865	2011-04-27 06:22:46 UTC (rev 2280)
@@ -0,0 +1,17 @@
+Candidate: CVE-2010-3865
+Description: iovec overflow in rds_rdma_pages()
+References:
+ http://www.spinics.net/lists/netdev/msg145359.html
+ https://bugzilla.redhat.com/show_bug.cgi?id=647461
+Notes:
+ jmm> Introduced in 2.6.30
+ jmm> Given Linus's comment we should disable CONFIG_RDS for
+ jmm> Squeeze
+ bwh> This is probably fixed by the general fixes for CVE-2010-3859.
+ bwh> Auto-loading will be disabled in 2.6.32-28.
+Bugs:
+upstream: released (2.6.37-rc1) [1b1f693d7ad6d193862dcb1118540a030c5e761f]
+2.6.32-upstream-stable: released (2.6.32.39) [dcef84f1]
+linux-2.6: released (2.6.37-1)
+2.6.26-lenny-security: N/A (Vulnerable code not present)
+2.6.32-squeeze-security: released (2.6.32-31)


Property changes on: retired/CVE-2010-3865
___________________________________________________________________
Added: svn:mergeinfo
   +

More information about the kernel-sec-discuss mailing list