[kernel-sec-discuss] r2198 - active
Moritz Muehlenhoff
jmm at alioth.debian.org
Mon Feb 28 17:04:26 UTC 2011
Author: jmm
Date: 2011-02-28 17:04:19 +0000 (Mon, 28 Feb 2011)
New Revision: 2198
Modified:
active/CVE-2010-2943
active/CVE-2010-3437
active/CVE-2010-3705
active/CVE-2010-4158
active/CVE-2010-4165
active/CVE-2010-4655
active/CVE-2011-0521
active/CVE-2011-0710
active/CVE-2011-0712
active/CVE-2011-1010
Log:
fixes pending for 2.6.32.30
Modified: active/CVE-2010-2943
===================================================================
--- active/CVE-2010-2943 2011-02-28 04:39:15 UTC (rev 2197)
+++ active/CVE-2010-2943 2011-02-28 17:04:19 UTC (rev 2198)
@@ -8,7 +8,7 @@
http://oss.sgi.com/archives/xfs/2010-08/msg00179.html
Bugs:
upstream: release (2.6.35) [7dce11db,7124fe0a,1920779e,7b6259e7]
-2.6.32-upstream-stable: needed "<dannf> submitted proposed backport on 2011.01.10. backport approved by xfs upstream on 2011.01.17"
+2.6.32-upstream-stable: pending (2.6.32.30)
linux-2.6: pending (2.6.32-31) [bugfix/all/xfs-always-use-iget-in-bulkstat.patch, bugfix/all/xfs-validate-untrusted-inode-numbers-during-lookup.patch, bugfix/all/xfs-rename-XFS_IGET_BULKSTAT-to-XFS_IGET_UNTRUSTED.patch, bugfix/all/xfs-remove-block-number-from-inode-lookup-code.patch, bugfix/all/xfs-fix-untrusted-inode-number-lookup.patch]
2.6.26-lenny-security: needed "test case fails on 2.6.26"
2.6.32-squeeze-security: pending (2.6.32-31) [bugfix/all/xfs-always-use-iget-in-bulkstat.patch, bugfix/all/xfs-validate-untrusted-inode-numbers-during-lookup.patch, bugfix/all/xfs-rename-XFS_IGET_BULKSTAT-to-XFS_IGET_UNTRUSTED.patch, bugfix/all/xfs-remove-block-number-from-inode-lookup-code.patch, bugfix/all/xfs-fix-untrusted-inode-number-lookup.patch]
Modified: active/CVE-2010-3437
===================================================================
--- active/CVE-2010-3437 2011-02-28 04:39:15 UTC (rev 2197)
+++ active/CVE-2010-3437 2011-02-28 17:04:19 UTC (rev 2198)
@@ -15,14 +15,13 @@
> readable by group "cdrom").
References:
https://bugzilla.redhat.com/show_bug.cgi?id=638085
- http://git.kernel.org/linus/252a52aa4fa22a668f019e55b3aac3ff71ec1c29
Notes:
exploit: http://jon.oberheide.org/files/cve-2010-3437.c
only an info disclosure, but seems to be able to dump any/all kernel memory
jmm> Submitted for 2.6.32.x on 2010-01-10.
Bugs:
-upstream: released (2.6.36-rc6)
-2.6.32-upstream-stable: needed
+upstream: released (2.6.36-rc6) [252a52aa4fa22a668f019e55b3aac3ff71ec1c29]
+2.6.32-upstream-stable: pending (2.6.32.30)
linux-2.6: released (2.6.32-25) [bugfix/all/fix-pktcdvd-ioctl-dev_minor-range-check.patch]
2.6.26-lenny-security: released (2.6.26-26lenny1) [bugfix/all/fix-pktcdvd-ioctl-dev_minor-range-check.patch]
2.6.32-squeeze-security: released (2.6.32-25) [bugfix/all/fix-pktcdvd-ioctl-dev_minor-range-check.patch]
Modified: active/CVE-2010-3705
===================================================================
--- active/CVE-2010-3705 2011-02-28 04:39:15 UTC (rev 2197)
+++ active/CVE-2010-3705 2011-02-28 17:04:19 UTC (rev 2198)
@@ -8,7 +8,7 @@
jmm> Submitted for stable 2011-01-06
Bugs:
upstream: released (2.6.36) [51e97a12bef19b7e43199fc153cf9bd5f2140362]
-2.6.32-upstream-stable: needed
+2.6.32-upstream-stable: pending (2.6.32.30)
linux-2.6: released (2.6.32-25) [bugfix/all/sctp-fix-out-of-bounds-reading-in-sctp_assoc_get_hmac.patch]
2.6.26-lenny-security: released (2.6.26-26lenny1) [bugfix/all/sctp-fix-out-of-bounds-reading-in-sctp_asoc_get_hmac.patch]
2.6.32-squeeze-security: released (2.6.32-25) [bugfix/all/sctp-fix-out-of-bounds-reading-in-sctp_assoc_get_hmac.patch]
Modified: active/CVE-2010-4158
===================================================================
--- active/CVE-2010-4158 2011-02-28 04:39:15 UTC (rev 2197)
+++ active/CVE-2010-4158 2011-02-28 17:04:19 UTC (rev 2198)
@@ -8,7 +8,7 @@
jmm> pushed to 2.6.32 stable on 2011-01-11
Bugs:
upstream: released (2.6.37-rc2) [57fe93b374a6b8711995c2d466c502af9f3a08bb]
-2.6.32-upstream-stable: needed
+2.6.32-upstream-stable: pending (2.6.32.30)
linux-2.6: released (2.6.32-29) [bugfix/all/filter-make-sure-filters-dont-read-uninitialized-memory.patch]
2.6.26-lenny-security: released (2.6.26-26lenny2) [bugfix/all/filter-make-sure-filters-dont-read-uninitialized-memory.patch]
2.6.32-squeeze-security: released (2.6.32-29) [bugfix/all/filter-make-sure-filters-dont-read-uninitialized-memory.patch]
Modified: active/CVE-2010-4165
===================================================================
--- active/CVE-2010-4165 2011-02-28 04:39:15 UTC (rev 2197)
+++ active/CVE-2010-4165 2011-02-28 17:04:19 UTC (rev 2198)
@@ -7,7 +7,7 @@
jmm> we also need c39508d6f118308355468314ff414644115a07f3 for linux-2.6
Bugs:
upstream: released (2.6.37-rc2) [7a1abd08d52fdeddb3e9a5a33f2f15cc6a5674d2]
-2.6.32-upstream-stable: needed
+2.6.32-upstream-stable: pending (2.6.32.30)
linux-2.6: needed (2.6.32-28) [debian/patches/bugfix/all/tcp-Increase-TCP_MAXSEG-socket-option-minimum.patch]
2.6.26-lenny-security: N/A
2.6.32-squeeze-security: needed (2.6.32-28) [bugfix/all/tcp-Increase-TCP_MAXSEG-socket-option-minimum.patch]
Modified: active/CVE-2010-4655
===================================================================
--- active/CVE-2010-4655 2011-02-28 04:39:15 UTC (rev 2197)
+++ active/CVE-2010-4655 2011-02-28 17:04:19 UTC (rev 2198)
@@ -3,7 +3,7 @@
References:
http://www.openwall.com/lists/oss-security/2011/01/25/4
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commitdiff;h=b00916b189d13a615ff05c9242201135992fcda3
- http://marc.info/?l=linux-kernel&m=129593098003553&w=2
+ http://marc.info/?l=linux-kernel&m=129593098003553&w=2 -> b7c7d01aaed1f71d9afe815a569f0a81465a1744
Notes:
Bugs:
upstream: released (2.6.37) [b00916b189d13a615ff05c9242201135992fcda3]
Modified: active/CVE-2011-0521
===================================================================
--- active/CVE-2011-0521 2011-02-28 04:39:15 UTC (rev 2197)
+++ active/CVE-2011-0521 2011-02-28 17:04:19 UTC (rev 2198)
@@ -6,7 +6,7 @@
Notes:
Bugs:
upstream: released (2.6.38-rc2) [cb26a24ee9706473f31d34cc259f4dcf45cd0644]
-2.6.32-upstream-stable: needed "submitted for 2.6.32.x on 2011-01-28"
+2.6.32-upstream-stable: pending (2.6.32.30)
linux-2.6: pending (2.6.32-31) [bugfix/all/av7110-check-for-negative-array-offset.patch]
2.6.26-lenny-security: released (2.6.26-26lenny2) [bugfix/all/av7110-check-for-negative-array-offset.patch]
2.6.32-squeeze-security: pending (2.6.32-31) [bugfix/all/av7110-check-for-negative-array-offset.patch]
Modified: active/CVE-2011-0710
===================================================================
--- active/CVE-2011-0710 2011-02-28 04:39:15 UTC (rev 2197)
+++ active/CVE-2011-0710 2011-02-28 17:04:19 UTC (rev 2198)
@@ -4,7 +4,7 @@
Notes:
Bugs:
upstream: released (2.6.38-rc5) [261cd298a8c363d7985e3482946edb4bfedacf98]
-2.6.32-upstream-stable: needed
+2.6.32-upstream-stable: pending (2.6.32.30)
linux-2.6: needed
2.6.26-lenny-security: needed
2.6.32-squeeze-security: pending (2.6.32-31) [bugfix/s390/remove-task_show_regs.patch]
Modified: active/CVE-2011-0712
===================================================================
--- active/CVE-2011-0712 2011-02-28 04:39:15 UTC (rev 2197)
+++ active/CVE-2011-0712 2011-02-28 17:04:19 UTC (rev 2198)
@@ -4,7 +4,7 @@
Notes:
Bugs:
upstream: released (2.6.38-rc6) [eaae55dac6b64c0616046436b294e69fc5311581]
-2.6.32-upstream-stable: needed "stable@ was cc'd"
+2.6.32-upstream-stable: pending (2.6.32.30)
linux-2.6: released (2.6.37-2) [bugfix/all/stable/2.6.37.2.patch]
2.6.26-lenny-security: needed
2.6.32-squeeze-security: pending (2.6.32-31) [bugfix/all/ALSA-caiaq-Fix-possible-string-buffer-overflow.patch]
Modified: active/CVE-2011-1010
===================================================================
--- active/CVE-2011-1010 2011-02-28 04:39:15 UTC (rev 2197)
+++ active/CVE-2011-1010 2011-02-28 17:04:19 UTC (rev 2198)
@@ -4,7 +4,7 @@
Notes:
Bugs:
upstream: released (2.6.38-rc6) [fa7ea87a057958a8b7926c1a60a3ca6d696328ed]
-2.6.32-upstream-stable:
+2.6.32-upstream-stable: pending (2.6.32.30)
linux-2.6:
2.6.26-lenny-security:
2.6.32-squeeze-security: pending (2.6.32-31) [bugfix/all/fs-partitions-Validate-map_count-in-Mac-partition-ta.patch]
More information about the kernel-sec-discuss
mailing list