[kernel-sec-discuss] r2217 - active
Moritz Muehlenhoff
jmm at alioth.debian.org
Mon Mar 7 12:47:16 UTC 2011
Author: jmm
Date: 2011-03-07 12:47:15 +0000 (Mon, 07 Mar 2011)
New Revision: 2217
Modified:
active/CVE-2010-2524
active/CVE-2010-2653
active/CVE-2010-4656
active/CVE-2011-1013
Log:
updates pending for 2.6.32.32
Modified: active/CVE-2010-2524
===================================================================
--- active/CVE-2010-2524 2011-03-07 11:19:35 UTC (rev 2216)
+++ active/CVE-2010-2524 2011-03-07 12:47:15 UTC (rev 2217)
@@ -3,10 +3,9 @@
MS-DFS referrals
References:
https://bugzilla.redhat.com/CVE-2010-2524
- http://git.kernel.org/linus/4c0c03ca54f72fdd5912516ad0a23ec5cf01bda7
Notes:
Bugs:
-upstream: released (2.6.35)
+upstream: released (2.6.35) [4c0c03ca54f72fdd5912516ad0a23ec5cf01bda7]
2.6.32-upstream-stable: released (2.6.32.17) [4ff7ffd]
linux-2.6: released (2.6.32-19) [bugfix/all/stable/2.6.32.17.patch]
2.6.26-lenny-security: needed "needs port - upstream patch depends on newer key api"
Modified: active/CVE-2010-2653
===================================================================
--- active/CVE-2010-2653 2011-03-07 11:19:35 UTC (rev 2216)
+++ active/CVE-2010-2653 2011-03-07 12:47:15 UTC (rev 2217)
@@ -6,7 +6,6 @@
Notes:
dannf> upstream fix uses tty kref counting infrastructure, which didn't
dannf> get added until 2.6.28
- jmm> Submitted for 2.6.32.x stable, repinged 2010-12-12.
Bugs:
upstream: released (2.6.34-rc2) [e74d098c]
2.6.32-upstream-stable: released (2.6.32.28)
Modified: active/CVE-2010-4656
===================================================================
--- active/CVE-2010-4656 2011-03-07 11:19:35 UTC (rev 2216)
+++ active/CVE-2010-4656 2011-03-07 12:47:15 UTC (rev 2217)
@@ -2,11 +2,10 @@
Description:
References:
http://www.openwall.com/lists/oss-security/2011/01/25/4
- http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commitdiff;h=3ed780117dbe5acb64280d218f0347f238dafed0
Notes:
Bugs:
-upstream:
-2.6.32-upstream-stable:
-linux-2.6:
+upstream: released (2.6.37) [3ed780117dbe5acb64280d218f0347f238dafed0]
+2.6.32-upstream-stable: pending (2.6.32.32)
+linux-2.6: released (2.6.37-1)
2.6.26-lenny-security: released (2.6.26-26lenny2) [bugfix/all/usb-iowarrior-dont-trust-report_size-for-buffer-size.patch]
2.6.32-squeeze-security: pending (2.6.32-31) [bugfix/all/usb-iowarrior-dont-trust-report_size-for-buffer-size.patch]
Modified: active/CVE-2011-1013
===================================================================
--- active/CVE-2011-1013 2011-03-07 11:19:35 UTC (rev 2216)
+++ active/CVE-2011-1013 2011-03-07 12:47:15 UTC (rev 2217)
@@ -4,7 +4,7 @@
Notes:
Bugs:
upstream: released (2.6.38-rc7) [1922756124ddd53846877416d92ba4a802bc658f]
-2.6.32-upstream-stable:
-linux-2.6: N/A "Vulnerable code not present"
-2.6.26-lenny-security:
+2.6.32-upstream-stable: pending (2.6.32.32)
+linux-2.6:
+2.6.26-lenny-security: N/A "Vulnerable code not present"
2.6.32-squeeze-security:
More information about the kernel-sec-discuss
mailing list