[kernel-sec-discuss] r2210 - active
Moritz Muehlenhoff
jmm at alioth.debian.org
Thu Mar 3 07:18:10 UTC 2011
Author: jmm
Date: 2011-03-03 07:17:56 +0000 (Thu, 03 Mar 2011)
New Revision: 2210
Added:
active/CVE-2011-1082
active/CVE-2011-1083
Modified:
active/CVE-2010-2943
active/CVE-2010-3437
active/CVE-2010-3705
active/CVE-2010-4158
active/CVE-2010-4165
active/CVE-2011-0521
active/CVE-2011-0710
active/CVE-2011-0712
active/CVE-2011-1010
Log:
2.6.32.30 released
new kernel issues
Modified: active/CVE-2010-2943
===================================================================
--- active/CVE-2010-2943 2011-03-02 08:17:35 UTC (rev 2209)
+++ active/CVE-2010-2943 2011-03-03 07:17:56 UTC (rev 2210)
@@ -8,7 +8,7 @@
http://oss.sgi.com/archives/xfs/2010-08/msg00179.html
Bugs:
upstream: release (2.6.35) [7dce11db,7124fe0a,1920779e,7b6259e7]
-2.6.32-upstream-stable: pending (2.6.32.30)
+2.6.32-upstream-stable: released (2.6.32.30)
linux-2.6: pending (2.6.32-31) [bugfix/all/xfs-always-use-iget-in-bulkstat.patch, bugfix/all/xfs-validate-untrusted-inode-numbers-during-lookup.patch, bugfix/all/xfs-rename-XFS_IGET_BULKSTAT-to-XFS_IGET_UNTRUSTED.patch, bugfix/all/xfs-remove-block-number-from-inode-lookup-code.patch, bugfix/all/xfs-fix-untrusted-inode-number-lookup.patch]
2.6.26-lenny-security: needed "test case fails on 2.6.26"
2.6.32-squeeze-security: pending (2.6.32-31) [bugfix/all/xfs-always-use-iget-in-bulkstat.patch, bugfix/all/xfs-validate-untrusted-inode-numbers-during-lookup.patch, bugfix/all/xfs-rename-XFS_IGET_BULKSTAT-to-XFS_IGET_UNTRUSTED.patch, bugfix/all/xfs-remove-block-number-from-inode-lookup-code.patch, bugfix/all/xfs-fix-untrusted-inode-number-lookup.patch]
Modified: active/CVE-2010-3437
===================================================================
--- active/CVE-2010-3437 2011-03-02 08:17:35 UTC (rev 2209)
+++ active/CVE-2010-3437 2011-03-03 07:17:56 UTC (rev 2210)
@@ -21,7 +21,7 @@
jmm> Submitted for 2.6.32.x on 2010-01-10.
Bugs:
upstream: released (2.6.36-rc6) [252a52aa4fa22a668f019e55b3aac3ff71ec1c29]
-2.6.32-upstream-stable: pending (2.6.32.30)
+2.6.32-upstream-stable: released (2.6.32.30)
linux-2.6: released (2.6.32-25) [bugfix/all/fix-pktcdvd-ioctl-dev_minor-range-check.patch]
2.6.26-lenny-security: released (2.6.26-26lenny1) [bugfix/all/fix-pktcdvd-ioctl-dev_minor-range-check.patch]
2.6.32-squeeze-security: released (2.6.32-25) [bugfix/all/fix-pktcdvd-ioctl-dev_minor-range-check.patch]
Modified: active/CVE-2010-3705
===================================================================
--- active/CVE-2010-3705 2011-03-02 08:17:35 UTC (rev 2209)
+++ active/CVE-2010-3705 2011-03-03 07:17:56 UTC (rev 2210)
@@ -8,7 +8,7 @@
jmm> Submitted for stable 2011-01-06
Bugs:
upstream: released (2.6.36) [51e97a12bef19b7e43199fc153cf9bd5f2140362]
-2.6.32-upstream-stable: pending (2.6.32.30)
+2.6.32-upstream-stable: released (2.6.32.30)
linux-2.6: released (2.6.32-25) [bugfix/all/sctp-fix-out-of-bounds-reading-in-sctp_assoc_get_hmac.patch]
2.6.26-lenny-security: released (2.6.26-26lenny1) [bugfix/all/sctp-fix-out-of-bounds-reading-in-sctp_asoc_get_hmac.patch]
2.6.32-squeeze-security: released (2.6.32-25) [bugfix/all/sctp-fix-out-of-bounds-reading-in-sctp_assoc_get_hmac.patch]
Modified: active/CVE-2010-4158
===================================================================
--- active/CVE-2010-4158 2011-03-02 08:17:35 UTC (rev 2209)
+++ active/CVE-2010-4158 2011-03-03 07:17:56 UTC (rev 2210)
@@ -8,7 +8,7 @@
jmm> pushed to 2.6.32 stable on 2011-01-11
Bugs:
upstream: released (2.6.37-rc2) [57fe93b374a6b8711995c2d466c502af9f3a08bb]
-2.6.32-upstream-stable: pending (2.6.32.30)
+2.6.32-upstream-stable: released (2.6.32.30)
linux-2.6: released (2.6.32-29) [bugfix/all/filter-make-sure-filters-dont-read-uninitialized-memory.patch]
2.6.26-lenny-security: released (2.6.26-26lenny2) [bugfix/all/filter-make-sure-filters-dont-read-uninitialized-memory.patch]
2.6.32-squeeze-security: released (2.6.32-29) [bugfix/all/filter-make-sure-filters-dont-read-uninitialized-memory.patch]
Modified: active/CVE-2010-4165
===================================================================
--- active/CVE-2010-4165 2011-03-02 08:17:35 UTC (rev 2209)
+++ active/CVE-2010-4165 2011-03-03 07:17:56 UTC (rev 2210)
@@ -7,7 +7,7 @@
jmm> we also need c39508d6f118308355468314ff414644115a07f3 for linux-2.6
Bugs:
upstream: released (2.6.37-rc2) [7a1abd08d52fdeddb3e9a5a33f2f15cc6a5674d2]
-2.6.32-upstream-stable: pending (2.6.32.30)
+2.6.32-upstream-stable: released (2.6.32.30)
linux-2.6: needed (2.6.32-28) [debian/patches/bugfix/all/tcp-Increase-TCP_MAXSEG-socket-option-minimum.patch]
2.6.26-lenny-security: N/A
2.6.32-squeeze-security: needed (2.6.32-28) [bugfix/all/tcp-Increase-TCP_MAXSEG-socket-option-minimum.patch]
Modified: active/CVE-2011-0521
===================================================================
--- active/CVE-2011-0521 2011-03-02 08:17:35 UTC (rev 2209)
+++ active/CVE-2011-0521 2011-03-03 07:17:56 UTC (rev 2210)
@@ -6,7 +6,7 @@
Notes:
Bugs:
upstream: released (2.6.38-rc2) [cb26a24ee9706473f31d34cc259f4dcf45cd0644]
-2.6.32-upstream-stable: pending (2.6.32.30)
+2.6.32-upstream-stable: released (2.6.32.30)
linux-2.6: released (2.6.37-2)
2.6.26-lenny-security: released (2.6.26-26lenny2) [bugfix/all/av7110-check-for-negative-array-offset.patch]
2.6.32-squeeze-security: pending (2.6.32-31) [bugfix/all/av7110-check-for-negative-array-offset.patch]
Modified: active/CVE-2011-0710
===================================================================
--- active/CVE-2011-0710 2011-03-02 08:17:35 UTC (rev 2209)
+++ active/CVE-2011-0710 2011-03-03 07:17:56 UTC (rev 2210)
@@ -4,7 +4,7 @@
Notes:
Bugs:
upstream: released (2.6.38-rc5) [261cd298a8c363d7985e3482946edb4bfedacf98]
-2.6.32-upstream-stable: pending (2.6.32.30)
+2.6.32-upstream-stable: released (2.6.32.30)
linux-2.6: released (2.6.37-2)
2.6.26-lenny-security: needed
2.6.32-squeeze-security: pending (2.6.32-31) [bugfix/s390/remove-task_show_regs.patch]
Modified: active/CVE-2011-0712
===================================================================
--- active/CVE-2011-0712 2011-03-02 08:17:35 UTC (rev 2209)
+++ active/CVE-2011-0712 2011-03-03 07:17:56 UTC (rev 2210)
@@ -4,7 +4,7 @@
Notes:
Bugs:
upstream: released (2.6.38-rc6) [eaae55dac6b64c0616046436b294e69fc5311581]
-2.6.32-upstream-stable: pending (2.6.32.30)
+2.6.32-upstream-stable: released (2.6.32.30)
linux-2.6: released (2.6.37-2) [bugfix/all/stable/2.6.37.2.patch]
2.6.26-lenny-security: needed
2.6.32-squeeze-security: pending (2.6.32-31) [bugfix/all/ALSA-caiaq-Fix-possible-string-buffer-overflow.patch]
Modified: active/CVE-2011-1010
===================================================================
--- active/CVE-2011-1010 2011-03-02 08:17:35 UTC (rev 2209)
+++ active/CVE-2011-1010 2011-03-03 07:17:56 UTC (rev 2210)
@@ -4,7 +4,7 @@
Notes:
Bugs:
upstream: released (2.6.38-rc6) [fa7ea87a057958a8b7926c1a60a3ca6d696328ed]
-2.6.32-upstream-stable: pending (2.6.32.30)
+2.6.32-upstream-stable: released (2.6.32.30)
linux-2.6: released (2.6.37-2)
2.6.26-lenny-security:
2.6.32-squeeze-security: pending (2.6.32-31) [bugfix/all/fs-partitions-Validate-map_count-in-Mac-partition-ta.patch]
Added: active/CVE-2011-1082
===================================================================
--- active/CVE-2011-1082 (rev 0)
+++ active/CVE-2011-1082 2011-03-03 07:17:56 UTC (rev 2210)
@@ -0,0 +1,10 @@
+Candidate: CVE-2011-1082
+Description: circular epoll structures
+References:
+Notes:
+Bugs:
+upstream: released (2.6.38-rc7)
+2.6.32-upstream-stable: needed
+linux-2.6: needed
+2.6.26-lenny-security:
+2.6.32-squeeze-security: needed
Added: active/CVE-2011-1083
===================================================================
--- active/CVE-2011-1083 (rev 0)
+++ active/CVE-2011-1083 2011-03-03 07:17:56 UTC (rev 2210)
@@ -0,0 +1,12 @@
+Candidate: CVE-2011-1083
+Description:
+References:
+ http://thread.gmane.org/gmane.linux.kernel/1105744
+ http://thread.gmane.org/gmane.linux.kernel/1105744/focus=1105888
+Notes:
+Bugs:
+upstream:
+2.6.32-upstream-stable:
+linux-2.6:
+2.6.26-lenny-security:
+2.6.32-squeeze-security:
More information about the kernel-sec-discuss
mailing list