[kernel-sec-discuss] r2217 - active

Moritz Muehlenhoff jmm at alioth.debian.org
Mon Mar 7 12:47:16 UTC 2011 

Author: jmm
Date: 2011-03-07 12:47:15 +0000 (Mon, 07 Mar 2011)
New Revision: 2217

Modified:
   active/CVE-2010-2524
   active/CVE-2010-2653
   active/CVE-2010-4656
   active/CVE-2011-1013
Log:
updates pending for 2.6.32.32


Modified: active/CVE-2010-2524
===================================================================
--- active/CVE-2010-2524	2011-03-07 11:19:35 UTC (rev 2216)
+++ active/CVE-2010-2524	2011-03-07 12:47:15 UTC (rev 2217)
@@ -3,10 +3,9 @@
  MS-DFS referrals
 References:
  https://bugzilla.redhat.com/CVE-2010-2524
- http://git.kernel.org/linus/4c0c03ca54f72fdd5912516ad0a23ec5cf01bda7
 Notes:
 Bugs:
-upstream: released (2.6.35)
+upstream: released (2.6.35) [4c0c03ca54f72fdd5912516ad0a23ec5cf01bda7]
 2.6.32-upstream-stable: released (2.6.32.17) [4ff7ffd]
 linux-2.6: released (2.6.32-19) [bugfix/all/stable/2.6.32.17.patch]
 2.6.26-lenny-security: needed "needs port - upstream patch depends on newer key api"

Modified: active/CVE-2010-2653
===================================================================
--- active/CVE-2010-2653	2011-03-07 11:19:35 UTC (rev 2216)
+++ active/CVE-2010-2653	2011-03-07 12:47:15 UTC (rev 2217)
@@ -6,7 +6,6 @@
 Notes:
  dannf> upstream fix uses tty kref counting infrastructure, which didn't
  dannf> get added until 2.6.28
- jmm> Submitted for 2.6.32.x stable, repinged 2010-12-12.
 Bugs:
 upstream: released (2.6.34-rc2) [e74d098c]
 2.6.32-upstream-stable: released (2.6.32.28)

Modified: active/CVE-2010-4656
===================================================================
--- active/CVE-2010-4656	2011-03-07 11:19:35 UTC (rev 2216)
+++ active/CVE-2010-4656	2011-03-07 12:47:15 UTC (rev 2217)
@@ -2,11 +2,10 @@
 Description:
 References:
  http://www.openwall.com/lists/oss-security/2011/01/25/4
- http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commitdiff;h=3ed780117dbe5acb64280d218f0347f238dafed0
 Notes:
 Bugs:
-upstream:
-2.6.32-upstream-stable:
-linux-2.6:
+upstream: released (2.6.37) [3ed780117dbe5acb64280d218f0347f238dafed0]
+2.6.32-upstream-stable: pending (2.6.32.32)
+linux-2.6: released (2.6.37-1)
 2.6.26-lenny-security: released (2.6.26-26lenny2) [bugfix/all/usb-iowarrior-dont-trust-report_size-for-buffer-size.patch]
 2.6.32-squeeze-security: pending (2.6.32-31) [bugfix/all/usb-iowarrior-dont-trust-report_size-for-buffer-size.patch]

Modified: active/CVE-2011-1013
===================================================================
--- active/CVE-2011-1013	2011-03-07 11:19:35 UTC (rev 2216)
+++ active/CVE-2011-1013	2011-03-07 12:47:15 UTC (rev 2217)
@@ -4,7 +4,7 @@
 Notes:
 Bugs:
 upstream: released (2.6.38-rc7) [1922756124ddd53846877416d92ba4a802bc658f]
-2.6.32-upstream-stable:
-linux-2.6: N/A "Vulnerable code not present"
-2.6.26-lenny-security:
+2.6.32-upstream-stable: pending (2.6.32.32)
+linux-2.6: 
+2.6.26-lenny-security: N/A "Vulnerable code not present"
 2.6.32-squeeze-security:

More information about the kernel-sec-discuss mailing list