[kernel-sec-discuss] r2216 - retired
Moritz Muehlenhoff
jmm at alioth.debian.org
Mon Mar 7 11:19:35 UTC 2011
Author: jmm
Date: 2011-03-07 11:19:35 +0000 (Mon, 07 Mar 2011)
New Revision: 2216
Modified:
retired/CVE-2010-2492
retired/CVE-2010-2521
retired/CVE-2010-2525
retired/CVE-2010-2537
retired/CVE-2010-2798
retired/CVE-2010-2803
retired/CVE-2010-2946
retired/CVE-2010-2959
retired/CVE-2010-3067
Log:
streamline upstream commits
Modified: retired/CVE-2010-2492
===================================================================
--- retired/CVE-2010-2492 2011-03-07 11:19:20 UTC (rev 2215)
+++ retired/CVE-2010-2492 2011-03-07 11:19:35 UTC (rev 2216)
@@ -1,7 +1,6 @@
Candidate: CVE-2010-2492
Description: Buffer overflow in the ecryptfs_uid_hash macro
References:
- a6f80fb7b5986fda663d94079d3bba0937a6b6ff
Notes:
Bugs:
upstream: released (2.6.35) [a6f80fb]
Modified: retired/CVE-2010-2521
===================================================================
--- retired/CVE-2010-2521 2011-03-07 11:19:20 UTC (rev 2215)
+++ retired/CVE-2010-2521 2011-03-07 11:19:35 UTC (rev 2216)
@@ -2,9 +2,8 @@
Description:
References:
Notes:
- jmm> 2bc3c117
Bugs:
-upstream: released (2.6.34)
+upstream: released (2.6.34) [2bc3c117]
2.6.32-upstream-stable: released (2.6.32.13)
linux-2.6: released (2.6.32-13)
2.6.26-lenny-security: released (2.6.26-24lenny1) [bugfix/all/nfsd4-bug-in-read_buf.patch]
Modified: retired/CVE-2010-2525
===================================================================
--- retired/CVE-2010-2525 2011-03-07 11:19:20 UTC (rev 2215)
+++ retired/CVE-2010-2525 2011-03-07 11:19:35 UTC (rev 2216)
@@ -1,11 +1,9 @@
Candidate: CVE-2010-2525
Description:
References:
- jmm> 2646a1f61a3b5525914757f10fa12b5b94713648
Notes:
- jmm> Submitted to 2.6.32.x stable by Eugene Teo
Bugs:
-upstream: released (2.6.33)
+upstream: released (2.6.33) [2646a1f61a3b5525914757f10fa12b5b94713648]
2.6.32-upstream-stable: released (2.6.32.17)
linux-2.6: released (2.6.32-19)
2.6.26-lenny-security: N/A (Vulnerable code not present)
Modified: retired/CVE-2010-2537
===================================================================
--- retired/CVE-2010-2537 2011-03-07 11:19:20 UTC (rev 2215)
+++ retired/CVE-2010-2537 2011-03-07 11:19:35 UTC (rev 2216)
@@ -3,10 +3,9 @@
The BTRFS_IOC_CLONE and BTRFS_IOC_CLONE_RANGE ioctls allowed a
local user to overwrite append-only files.
References:
- http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=2ebc3464781ad24474abcbd2274e6254689853b5
Notes:
Bugs:
-upstream: released (2.6.35)
+upstream: released (2.6.35) [2ebc3464781ad24474abcbd2274e6254689853b5]
2.6.32-upstream-stable: released (2.6.32.17) [8875b99]
linux-2.6: released (2.6.32-19) [bugfix/all/stable/2.6.32.17.patch]
2.6.26-lenny-security: N/A "no btrfs"
Modified: retired/CVE-2010-2798
===================================================================
--- retired/CVE-2010-2798 2011-03-07 11:19:20 UTC (rev 2215)
+++ retired/CVE-2010-2798 2011-03-07 11:19:35 UTC (rev 2216)
@@ -6,10 +6,9 @@
dereference.
References:
https://bugzilla.redhat.com/show_bug.cgi?id=620300
- http://git.kernel.org/linus/728a756b8fcd22d80e2dbba8117a8a3aafd3f203
Notes:
Bugs:
-upstream: released (2.6.35)
+upstream: released (2.6.35) [728a756b8fcd22d80e2dbba8117a8a3aafd3f203]
2.6.32-upstream-stable: released (2.6.32.18)
linux-2.6: released (2.6.32-20)
2.6.26-lenny-security: released (2.6.26-24lenny1) [bugfix/all/gfs2-rename-causes-kernel-oops.patch]
Modified: retired/CVE-2010-2803
===================================================================
--- retired/CVE-2010-2803 2011-03-07 11:19:20 UTC (rev 2215)
+++ retired/CVE-2010-2803 2011-03-07 11:19:35 UTC (rev 2216)
@@ -1,11 +1,9 @@
Candidate: CVE-2010-2803
Description:
References:
- http://git.kernel.org/?p=linux/kernel/git/airlied/drm-2.6.git;a=commitdiff;h=b9f0aee83335db1f3915f4e42a5e21b351740afd
Notes:
- jmm> b9f0aee83335db1f3915f4e42a5e21b351740afd
Bugs:
-upstream: releaed (2.6.36-rc2)
+upstream: releaed (2.6.36-rc2) [b9f0aee83335db1f3915f4e42a5e21b351740afd]
2.6.32-upstream-stable: released (2.6.32.21)
linux-2.6: released (2.6.32-22)
2.6.26-lenny-security: released (2.6.26-24lenny1) [bugfix/all/drm-stop-information-leak-of-old-kernel-stack.patch]
Modified: retired/CVE-2010-2946
===================================================================
--- retired/CVE-2010-2946 2011-03-07 11:19:20 UTC (rev 2215)
+++ retired/CVE-2010-2946 2011-03-07 11:19:35 UTC (rev 2216)
@@ -2,9 +2,8 @@
Description: jfs: don't allow os2 xattr namespace overlap with others
References:
Notes:
- jmm> aca0fa34bdaba39bfddddba8ca70dba4782e8fe6
Bugs:
-upstream: released (2.6.36-rc1)
+upstream: released (2.6.36-rc1) [aca0fa34bdaba39bfddddba8ca70dba4782e8fe6]
2.6.32-upstream-stable: released (2.6.32.19)
linux-2.6: released (2.6.32-21)
2.6.26-lenny-security: released (2.6.26-25) [bugfix/all/jfs-dont-allow-os2-xattr-namespace-overlap-with-others.patch]
Modified: retired/CVE-2010-2959
===================================================================
--- retired/CVE-2010-2959 2011-03-07 11:19:20 UTC (rev 2215)
+++ retired/CVE-2010-2959 2011-03-07 11:19:35 UTC (rev 2216)
@@ -2,10 +2,9 @@
Description:
References:
http://www.spinics.net/lists/netdev/msg137652.html
- jmm> 5b75c4973ce779520b9d1e392483207d6f842cde
Notes:
Bugs:
-upstream: released (2.6.36-rc2)
+upstream: released (2.6.36-rc2) [5b75c4973ce779520b9d1e392483207d6f842cde]
2.6.32-upstream-stable: released (2.6.32.21)
linux-2.6: released (2.6.32-20) [bugfix/all/can-fix-raw_getname-leak.patch]
2.6.26-lenny-security: released (2.6.26-21lenny4) [bugfix/all/can-fix-raw_getname-leak.patch]
Modified: retired/CVE-2010-3067
===================================================================
--- retired/CVE-2010-3067 2011-03-07 11:19:20 UTC (rev 2215)
+++ retired/CVE-2010-3067 2011-03-07 11:19:35 UTC (rev 2216)
@@ -1,7 +1,6 @@
Candidate: CVE-2010-3067
Description: fs/aio.c integer overflow
References:
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3067
Notes:
Bugs:
upstream: released (2.6.36-rc5) [75e1c70f]
More information about the kernel-sec-discuss
mailing list