[kernel-sec-discuss] r2372 - active retired
Moritz Muehlenhoff
jmm at alioth.debian.org
Mon Jun 20 08:59:31 UTC 2011
Author: jmm
Date: 2011-06-20 08:59:30 +0000 (Mon, 20 Jun 2011)
New Revision: 2372
Added:
retired/CVE-2011-1477
retired/CVE-2011-1493
retired/CVE-2011-1593
Removed:
active/CVE-2011-1477
active/CVE-2011-1493
active/CVE-2011-1593
Log:
retire issues
Deleted: active/CVE-2011-1477
===================================================================
--- active/CVE-2011-1477 2011-06-20 08:59:14 UTC (rev 2371)
+++ active/CVE-2011-1477 2011-06-20 08:59:30 UTC (rev 2372)
@@ -1,12 +0,0 @@
-Candidate: CVE-2011-1477
-Description: buffer overflow in YM8312/OPL-3 chips
-References:
- http://marc.info/?l=linux-kernel&m=130089499728386&w=2
-Notes:
- jmm> OSS disabled since Squeeze
-Bugs:
-upstream: released (2.6.39-rc1) [b769f49463711205d57286e64cf535ed4daf59e9]
-2.6.32-upstream-stable: released (2.6.32.37) [ef79e147a62e11f6a657b076bc98192fba725645]
-sid: released (2.6.38-4) [bugfix/all/stable/2.6.38.3.patch]
-2.6.26-lenny-security: released (2.6.26-26lenny3) [bugfix/all/sound-oss-remove-offset-from-load_patch-callbacks.patch]
-2.6.32-squeeze-security: released (2.6.32-34) [bugfix/all/stable/2.6.32.37.patch]
Deleted: active/CVE-2011-1493
===================================================================
--- active/CVE-2011-1493 2011-06-20 08:59:14 UTC (rev 2371)
+++ active/CVE-2011-1493 2011-06-20 08:59:30 UTC (rev 2372)
@@ -1,10 +0,0 @@
-Candidate: CVE-2011-1493
-Description: multiple missing input validation in ROSE
-References:
-Notes:
-Bugs:
-upstream: released (2.6.39-rc1) [be20250c13f88375345ad99950190685eda51eb8]
-2.6.32-upstream-stable: released (2.6.32.37) [62fdb8668c631619251cff6d964556e0f67b8dcd]
-sid: released (2.6.38-4) [bugfix/all/stable/2.6.38.3.patch]
-2.6.26-lenny-security: released (2.6.26-26lenny3) [bugfix/all/rose-prevent-heap-corruption-with-bad-facilities.patch]
-2.6.32-squeeze-security: released (2.6.32-34) [bugfix/all/stable/2.6.32.37.patch]
Deleted: active/CVE-2011-1593
===================================================================
--- active/CVE-2011-1593 2011-06-20 08:59:14 UTC (rev 2371)
+++ active/CVE-2011-1593 2011-06-20 08:59:30 UTC (rev 2372)
@@ -1,12 +0,0 @@
-Candidate: CVE-2011-1593
-Description: proc: signedness issue in next_pidmap()
-References:
- https://bugzilla.redhat.com/show_bug.cgi?id=697822
- http://groups.google.com/group/fa.linux.kernel/browse_thread/thread/93c1088451fd3522/4a28ecb7f755a88d?#4a28ecb7f755a88d
-Notes:
-Bugs:
-upstream: released (2.6.39-rc4) [c78193e9, d8bdc59f]
-2.6.32-upstream-stable: released (2.6.32.39) [67e022f3add1879292986e779b2aaf6ecb93fa58]
-sid: released (2.6.38-4) [bugfix/all/stable/2.6.38.4.patch]
-2.6.26-lenny-security: released (2.6.26-26lenny3) [bugfix/all/next_pidmap-fix-overflow-condition.patch, bugfix/all/proc-do-proper-range-check-on-readdir-offset.patch]
-2.6.32-squeeze-security: released (2.6.32-34) [bugfix/all/stable/2.6.32.39.patch]
Copied: retired/CVE-2011-1477 (from rev 2371, active/CVE-2011-1477)
===================================================================
--- retired/CVE-2011-1477 (rev 0)
+++ retired/CVE-2011-1477 2011-06-20 08:59:30 UTC (rev 2372)
@@ -0,0 +1,12 @@
+Candidate: CVE-2011-1477
+Description: buffer overflow in YM8312/OPL-3 chips
+References:
+ http://marc.info/?l=linux-kernel&m=130089499728386&w=2
+Notes:
+ jmm> OSS disabled since Squeeze
+Bugs:
+upstream: released (2.6.39-rc1) [b769f49463711205d57286e64cf535ed4daf59e9]
+2.6.32-upstream-stable: released (2.6.32.37) [ef79e147a62e11f6a657b076bc98192fba725645]
+sid: released (2.6.38-4) [bugfix/all/stable/2.6.38.3.patch]
+2.6.26-lenny-security: released (2.6.26-26lenny3) [bugfix/all/sound-oss-remove-offset-from-load_patch-callbacks.patch]
+2.6.32-squeeze-security: released (2.6.32-34) [bugfix/all/stable/2.6.32.37.patch]
Property changes on: retired/CVE-2011-1477
___________________________________________________________________
Added: svn:mergeinfo
+
Copied: retired/CVE-2011-1493 (from rev 2371, active/CVE-2011-1493)
===================================================================
--- retired/CVE-2011-1493 (rev 0)
+++ retired/CVE-2011-1493 2011-06-20 08:59:30 UTC (rev 2372)
@@ -0,0 +1,10 @@
+Candidate: CVE-2011-1493
+Description: multiple missing input validation in ROSE
+References:
+Notes:
+Bugs:
+upstream: released (2.6.39-rc1) [be20250c13f88375345ad99950190685eda51eb8]
+2.6.32-upstream-stable: released (2.6.32.37) [62fdb8668c631619251cff6d964556e0f67b8dcd]
+sid: released (2.6.38-4) [bugfix/all/stable/2.6.38.3.patch]
+2.6.26-lenny-security: released (2.6.26-26lenny3) [bugfix/all/rose-prevent-heap-corruption-with-bad-facilities.patch]
+2.6.32-squeeze-security: released (2.6.32-34) [bugfix/all/stable/2.6.32.37.patch]
Property changes on: retired/CVE-2011-1493
___________________________________________________________________
Added: svn:mergeinfo
+
Copied: retired/CVE-2011-1593 (from rev 2371, active/CVE-2011-1593)
===================================================================
--- retired/CVE-2011-1593 (rev 0)
+++ retired/CVE-2011-1593 2011-06-20 08:59:30 UTC (rev 2372)
@@ -0,0 +1,12 @@
+Candidate: CVE-2011-1593
+Description: proc: signedness issue in next_pidmap()
+References:
+ https://bugzilla.redhat.com/show_bug.cgi?id=697822
+ http://groups.google.com/group/fa.linux.kernel/browse_thread/thread/93c1088451fd3522/4a28ecb7f755a88d?#4a28ecb7f755a88d
+Notes:
+Bugs:
+upstream: released (2.6.39-rc4) [c78193e9, d8bdc59f]
+2.6.32-upstream-stable: released (2.6.32.39) [67e022f3add1879292986e779b2aaf6ecb93fa58]
+sid: released (2.6.38-4) [bugfix/all/stable/2.6.38.4.patch]
+2.6.26-lenny-security: released (2.6.26-26lenny3) [bugfix/all/next_pidmap-fix-overflow-condition.patch, bugfix/all/proc-do-proper-range-check-on-readdir-offset.patch]
+2.6.32-squeeze-security: released (2.6.32-34) [bugfix/all/stable/2.6.32.39.patch]
Property changes on: retired/CVE-2011-1593
___________________________________________________________________
Added: svn:mergeinfo
+
More information about the kernel-sec-discuss
mailing list