[kernel-sec-discuss] r2175 - active
Moritz Muehlenhoff
jmm at alioth.debian.org
Fri Jan 28 14:48:48 UTC 2011
Author: jmm
Date: 2011-01-28 14:48:48 +0000 (Fri, 28 Jan 2011)
New Revision: 2175
Modified:
active/CVE-2010-3865
active/CVE-2010-4075
active/CVE-2010-4076
active/CVE-2010-4077
active/CVE-2011-0521
Log:
updates
Modified: active/CVE-2010-3865
===================================================================
--- active/CVE-2010-3865 2011-01-26 17:07:53 UTC (rev 2174)
+++ active/CVE-2010-3865 2011-01-28 14:48:48 UTC (rev 2175)
@@ -11,7 +11,7 @@
bwh> Auto-loading will be disabled in 2.6.32-28.
Bugs:
upstream: released (2.6.37-rc1) [1b1f693d7ad6d193862dcb1118540a030c5e761f]
-2.6.32-upstream-stable: pending (2.6.32-31)
-linux-2.6:
+2.6.32-upstream-stable:
+linux-2.6: pending (2.6.32-31)
2.6.26-lenny-security: N/A (Vulnerable code not present)
2.6.32-squeeze-security: pending (2.6.32-31)
Modified: active/CVE-2010-4075
===================================================================
--- active/CVE-2010-4075 2011-01-26 17:07:53 UTC (rev 2174)
+++ active/CVE-2010-4075 2011-01-28 14:48:48 UTC (rev 2175)
@@ -2,10 +2,10 @@
Description: stack leak in drivers/serial/serial_core.c
References:
Notes:
- jmm> d281da7ff6f70efca0553c288bb883e8605b3862
Bugs:
-upstream: needed
+upstream: released (2.6.37) [d281da7ff6f70efca0553c288bb883e8605b3862]
2.6.32-upstream-stable: needed
-linux-2.6: needed
+linux-2.6: pending (2.6.32-31)
2.6.26-lenny-security: needed "ABI breaker"
-2.6.32-squeeze-security: needed
+2.6.32-squeeze-security: pending (2.6.32-31)
+
Modified: active/CVE-2010-4076
===================================================================
--- active/CVE-2010-4076 2011-01-26 17:07:53 UTC (rev 2174)
+++ active/CVE-2010-4076 2011-01-28 14:48:48 UTC (rev 2175)
@@ -2,10 +2,9 @@
Description: stack leak in drivers/char/amiserial.c
References:
Notes:
- jmm> 0587102cf9f427c185bfdeb2cef41e13ee0264b1 (along with d281da7ff6f70efca0553c288bb883e8605b3862)
Bugs:
-upstream: needed
+upstream: released (2.6.37) [0587102cf9f427c185bfdeb2cef41e13ee0264b1 ,d281da7ff6f70efca0553c288bb883e8605b3862]
2.6.32-upstream-stable: needed
-linux-2.6: needed
-2.6.26-lenny-security: needed "no upstream fix as of 2010.11.10"
-2.6.32-squeeze-security: needed
+linux-2.6: pending (2.6.32-31)
+2.6.26-lenny-security: needed "ABI breaker"
+2.6.32-squeeze-security: pending (2.6.32-31)
Modified: active/CVE-2010-4077
===================================================================
--- active/CVE-2010-4077 2011-01-26 17:07:53 UTC (rev 2174)
+++ active/CVE-2010-4077 2011-01-28 14:48:48 UTC (rev 2175)
@@ -2,10 +2,10 @@
Description: stack leak in drivers/char/nozomi.c
References:
Notes:
- jmm> 0587102cf9f427c185bfdeb2cef41e13ee0264b1 (along with d281da7ff6f70efca0553c288bb883e8605b3862)
+ jmm>
Bugs:
-upstream: needed
+upstream: released (2.6.37) [0587102cf9f427c185bfdeb2cef41e13ee0264b1 , d281da7ff6f70efca0553c288bb883e8605b3862]
2.6.32-upstream-stable: needed
-linux-2.6: needed
-2.6.26-lenny-security: needed "no upstream fix as of 2010.11.10"
-2.6.32-squeeze-security: needed
+linux-2.6: pending (2.6.32-31)
+2.6.26-lenny-security: needed "ABI breaker"
+2.6.32-squeeze-security: pending (2.6.32-31)
Modified: active/CVE-2011-0521
===================================================================
--- active/CVE-2011-0521 2011-01-26 17:07:53 UTC (rev 2174)
+++ active/CVE-2011-0521 2011-01-28 14:48:48 UTC (rev 2175)
@@ -3,11 +3,10 @@
av7110 negative array offset
References:
http://www.openwall.com/lists/oss-security/2011/01/24/2
- http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commitdiff;h=cb26a24ee9706473f31d34cc259f4dcf45cd0644
Notes:
Bugs:
-upstream:
-2.6.32-upstream-stable:
+upstream: released (2.6.38-rc2) [cb26a24ee9706473f31d34cc259f4dcf45cd0644]
+2.6.32-upstream-stable: needed "submitted for 2.6.32.x on 2011-01-28"
linux-2.6: pending (2.6.32-31) [bugfix/all/av7110-check-for-negative-array-offset.patch]
2.6.26-lenny-security: pending (2.6.26-26lenny2) [bugfix/all/av7110-check-for-negative-array-offset.patch]
2.6.32-squeeze-security: pending (2.6.32-31) [bugfix/all/av7110-check-for-negative-array-offset.patch]
More information about the kernel-sec-discuss
mailing list