[kernel-sec-discuss] r2617 - active retired

Fri Feb 10 15:22:36 UTC 2012

Author: jmm
Date: 2012-02-10 15:22:34 +0000 (Fri, 10 Feb 2012)
New Revision: 2617

Added:
   retired/CVE-2010-2653
   retired/CVE-2010-2955
   retired/CVE-2011-1016
   retired/CVE-2011-1082
   retired/CVE-2011-1161
   retired/CVE-2011-1162
Removed:
   active/CVE-2010-2653
   active/CVE-2010-2955
   active/CVE-2011-1016
   active/CVE-2011-1082
   active/CVE-2011-1161
   active/CVE-2011-1162
Modified:
   active/CVE-2010-4805
   active/CVE-2011-2699
   active/CVE-2011-3638
   active/CVE-2011-4127
   active/CVE-2011-4131
Log:
retire issues with were only open in lenny, update lenny status


Deleted: active/CVE-2010-2653
===================================================================

--- active/CVE-2010-2653	2012-02-06 11:19:07 UTC (rev 2616)
+++ active/CVE-2010-2653	2012-02-10 15:22:34 UTC (rev 2617)
@@ -1,14 +0,0 @@
-Candidate: CVE-2010-2653
-Description:
- hvc race
-References:
- http://www.openwall.com/lists/oss-security/2010/03/04/3
-Notes:
- dannf> upstream fix uses tty kref counting infrastructure, which didn't
- dannf> get added until 2.6.28
-Bugs:
-upstream: released (2.6.34-rc2) [e74d098c]
-2.6.32-upstream-stable: released (2.6.32.28)
-sid: released (2.6.32-25) [bugfix/all/hvc_console-fix-race-between-hvc_close-and-hvc_remove.patch, bugfix/all/hvc_console-fix-race-between-hvc_close-and-hvc_remove-2.patch]
-2.6.26-lenny-security: "needs port"
-2.6.32-squeeze-security: released (2.6.32-25) [bugfix/all/hvc_console-fix-race-between-hvc_close-and-hvc_remove.patch, bugfix/all/hvc_console-fix-race-between-hvc_close-and-hvc_remove-2.patch]

Deleted: active/CVE-2010-2955
===================================================================
--- active/CVE-2010-2955	2012-02-06 11:19:07 UTC (rev 2616)
+++ active/CVE-2010-2955	2012-02-10 15:22:34 UTC (rev 2617)
@@ -1,12 +0,0 @@
-Candidate: CVE-2010-2955
-Description:
- infoleak in wireless extensions
-References:
- http://lkml.org/lkml/2010/8/30/146
-Notes:
-Bugs:
-upstream: released (2.6.36-rc4) [42da2f9]
-2.6.32-upstream-stable: released (2.6.32.22) [wireless-extensions-fix-kernel-heap-content-leak.patch]
-sid: released (2.6.32-23) [bugfix/all/wireless-extensions-fix-kernel-heap-content-leak.patch]
-2.6.26-lenny-security: needed "needs port"
-2.6.32-squeeze-security: released (2.6.32-23) [bugfix/all/wireless-extensions-fix-kernel-heap-content-leak.patch]

Modified: active/CVE-2010-4805
===================================================================
--- active/CVE-2010-4805	2012-02-06 11:19:07 UTC (rev 2616)
+++ active/CVE-2010-4805	2012-02-10 15:22:34 UTC (rev 2617)
@@ -8,5 +8,5 @@
 upstream: released (2.6.35)
 2.6.32-upstream-stable: needed
 sid: released (2.6.35-1)
-2.6.26-lenny-security: needed
+2.6.26-lenny-security: ignored "end of life"
 2.6.32-squeeze-security: needed "<dannf> We appear to already have all but the last since 2.6.32-22; I've a tentative backport for the last one"

Deleted: active/CVE-2011-1016
===================================================================
--- active/CVE-2011-1016	2012-02-06 11:19:07 UTC (rev 2616)
+++ active/CVE-2011-1016	2012-02-10 15:22:34 UTC (rev 2617)
@@ -1,10 +0,0 @@
-Candidate: CVE-2011-1016
-Description: check AA resolve registers on r300
-References: 
-Notes:
-Bugs:
-upstream: released (2.6.38-rc5) [45e4039c3aea597ede44a264cea322908cdedfe9, fff1ce4dc6113b6fdc4e3a815ca5fd229408f8ef]
-2.6.32-upstream-stable: ignored "we're using 2.6.33 for DRM"
-sid: released (2.6.38-1)
-2.6.26-lenny-security: "needs port"
-2.6.32-squeeze-security: released (2.6.32-32) [bugfix/all/drm-radeon-kms-check-aa-resolve-registers-on-r300.patch, bugfix/all/drm-radeon-fix-regression-with-aa-resolve-checking.patch]

Deleted: active/CVE-2011-1082
===================================================================
--- active/CVE-2011-1082	2012-02-06 11:19:07 UTC (rev 2616)
+++ active/CVE-2011-1082	2012-02-10 15:22:34 UTC (rev 2617)
@@ -1,10 +0,0 @@
-Candidate: CVE-2011-1082
-Description: circular epoll structures
-References:
-Notes:
-Bugs:
-upstream: released (2.6.38-rc7) [22bacca48a1755f79b7e0f192ddb9fbb7fc6e64e]
-2.6.32-upstream-stable: released (2.6.32.30)
-sid: released (2.6.38-1)
-2.6.26-lenny-security: "needs port"
-2.6.32-squeeze-security: released (2.6.32-31)

Deleted: active/CVE-2011-1161
===================================================================
--- active/CVE-2011-1161	2012-02-06 11:19:07 UTC (rev 2616)
+++ active/CVE-2011-1161	2012-02-10 15:22:34 UTC (rev 2617)
@@ -1,11 +0,0 @@
-Candidate: CVE-2011-1161
-Description: char/tpm: Call tpm_transmit with correct size
-References:
- http://tpmdd.git.sourceforge.net/git/gitweb.cgi?p=tpmdd/tpmdd;a=commitdiff;h=f0bbed1ee49a4779dfb32159fea669ced8789336
-Notes:
-Bugs:
-upstream: released (3.1-rc8) [6b07d30aca7e52f2881b8c8c20c8a2cd28e8b3d3]
-2.6.32-upstream-stable: released (2.6.32.47)
-sid: released (3.0.0-5) [bugfix/all/stable/3.0.5.patch]
-2.6.26-lenny-security: needed
-2.6.32-squeeze-security: released (2.6.32-40) [bugfix/all/stable/2.6.32.47.patch]

Deleted: active/CVE-2011-1162
===================================================================
--- active/CVE-2011-1162	2012-02-06 11:19:07 UTC (rev 2616)
+++ active/CVE-2011-1162	2012-02-10 15:22:34 UTC (rev 2617)
@@ -1,11 +0,0 @@
-Candidate: CVE-2011-1162
-Description: char/tpm: zero buffer after copying to userspace
-References:
- http://tpmdd.git.sourceforge.net/git/gitweb.cgi?p=tpmdd/tpmdd;a=commitdiff;h=44480e4077cd782aa8f54eb472b292547f030520
-Notes:
-Bugs:
-upstream: released (3.1-rc8) [3321c07ae5068568cd61ac9f4ba749006a7185c9]
-2.6.32-upstream-stable: released (2.6.32.47)
-sid: released (3.0.0-5) [bugfix/all/stable/3.0.5.patch]
-2.6.26-lenny-security: needed 
-2.6.32-squeeze-security: released (2.6.32-40) [bugfix/all/stable/2.6.32.47.patch]

Modified: active/CVE-2011-2699
===================================================================
--- active/CVE-2011-2699	2012-02-06 11:19:07 UTC (rev 2616)
+++ active/CVE-2011-2699	2012-02-10 15:22:34 UTC (rev 2617)
@@ -10,5 +10,5 @@
 upstream: released (3.1-rc1) [87c48fa3b4630905f98268dde838ee43626a060c]
 2.6.32-upstream-stable: needed
 sid: released (3.0.0-2) [bugfix/all/stable/3.0.2.patch]
-2.6.26-lenny-security: ignored "too intrusive for an oldstable backport"
+2.6.26-lenny-security: ignored "end of life"
 2.6.32-squeeze-security: released (2.6.32-41)

Modified: active/CVE-2011-3638
===================================================================
--- active/CVE-2011-3638	2012-02-06 11:19:07 UTC (rev 2616)
+++ active/CVE-2011-3638	2012-02-10 15:22:34 UTC (rev 2617)
@@ -6,5 +6,5 @@
 upstream: released (3.0) [667eff35a1f56fa74ce98a0c7c29a40adc1ba4e3]
 2.6.32-upstream-stable: needed
 sid: released (3.0-1)
-2.6.26-lenny-security: needed
+2.6.26-lenny-security: ignored "end of life"
 2.6.32-squeeze-security: needed

Modified: active/CVE-2011-4127
===================================================================
--- active/CVE-2011-4127	2012-02-06 11:19:07 UTC (rev 2616)
+++ active/CVE-2011-4127	2012-02-10 15:22:34 UTC (rev 2617)
@@ -7,6 +7,6 @@
 upstream: needed 
 2.6.32-upstream-stable: needed
 sid: released (3.1.8-1)
-2.6.26-lenny-security: needed
+2.6.26-lenny-security: ignored "end of life"
 2.6.32-squeeze-security: released (2.6.32-39squeeze1) [bugfix/all/add-scsi_cmd_blk_ioctl-wrapper.patch, bugfix/all/limit-ioctls-forwarded-to-non-scsi-devices.patch, bugfix/all/treat-lvs-on-one-pv-like-a-partition.patch]
 

Modified: active/CVE-2011-4131
===================================================================
--- active/CVE-2011-4131	2012-02-06 11:19:07 UTC (rev 2616)
+++ active/CVE-2011-4131	2012-02-10 15:22:34 UTC (rev 2617)
@@ -6,5 +6,4 @@
 upstream: needed "no upstream fix as of 2011.11.17"
 2.6.32-upstream-stable: needed
 sid: needed
-2.6.26-lenny-security: needed
 2.6.32-squeeze-security: needed

Copied: retired/CVE-2010-2653 (from rev 2616, active/CVE-2010-2653)
===================================================================
--- retired/CVE-2010-2653	                        (rev 0)
+++ retired/CVE-2010-2653	2012-02-10 15:22:34 UTC (rev 2617)
@@ -0,0 +1,14 @@
+Candidate: CVE-2010-2653
+Description:
+ hvc race
+References:
+ http://www.openwall.com/lists/oss-security/2010/03/04/3
+Notes:
+ dannf> upstream fix uses tty kref counting infrastructure, which didn't
+ dannf> get added until 2.6.28
+Bugs:
+upstream: released (2.6.34-rc2) [e74d098c]
+2.6.32-upstream-stable: released (2.6.32.28)
+sid: released (2.6.32-25) [bugfix/all/hvc_console-fix-race-between-hvc_close-and-hvc_remove.patch, bugfix/all/hvc_console-fix-race-between-hvc_close-and-hvc_remove-2.patch]
+2.6.26-lenny-security: "needs port"
+2.6.32-squeeze-security: released (2.6.32-25) [bugfix/all/hvc_console-fix-race-between-hvc_close-and-hvc_remove.patch, bugfix/all/hvc_console-fix-race-between-hvc_close-and-hvc_remove-2.patch]


Property changes on: retired/CVE-2010-2653
___________________________________________________________________
Added: svn:mergeinfo
   + 

Copied: retired/CVE-2010-2955 (from rev 2616, active/CVE-2010-2955)
===================================================================
--- retired/CVE-2010-2955	                        (rev 0)
+++ retired/CVE-2010-2955	2012-02-10 15:22:34 UTC (rev 2617)
@@ -0,0 +1,12 @@
+Candidate: CVE-2010-2955
+Description:
+ infoleak in wireless extensions
+References:
+ http://lkml.org/lkml/2010/8/30/146
+Notes:
+Bugs:
+upstream: released (2.6.36-rc4) [42da2f9]
+2.6.32-upstream-stable: released (2.6.32.22) [wireless-extensions-fix-kernel-heap-content-leak.patch]
+sid: released (2.6.32-23) [bugfix/all/wireless-extensions-fix-kernel-heap-content-leak.patch]
+2.6.26-lenny-security: needed "needs port"
+2.6.32-squeeze-security: released (2.6.32-23) [bugfix/all/wireless-extensions-fix-kernel-heap-content-leak.patch]


Property changes on: retired/CVE-2010-2955
___________________________________________________________________
Added: svn:mergeinfo
   + 

Copied: retired/CVE-2011-1016 (from rev 2616, active/CVE-2011-1016)
===================================================================
--- retired/CVE-2011-1016	                        (rev 0)
+++ retired/CVE-2011-1016	2012-02-10 15:22:34 UTC (rev 2617)
@@ -0,0 +1,10 @@
+Candidate: CVE-2011-1016
+Description: check AA resolve registers on r300
+References: 
+Notes:
+Bugs:
+upstream: released (2.6.38-rc5) [45e4039c3aea597ede44a264cea322908cdedfe9, fff1ce4dc6113b6fdc4e3a815ca5fd229408f8ef]
+2.6.32-upstream-stable: ignored "we're using 2.6.33 for DRM"
+sid: released (2.6.38-1)
+2.6.26-lenny-security: "needs port"
+2.6.32-squeeze-security: released (2.6.32-32) [bugfix/all/drm-radeon-kms-check-aa-resolve-registers-on-r300.patch, bugfix/all/drm-radeon-fix-regression-with-aa-resolve-checking.patch]


Property changes on: retired/CVE-2011-1016
___________________________________________________________________
Added: svn:mergeinfo
   + 

Copied: retired/CVE-2011-1082 (from rev 2616, active/CVE-2011-1082)
===================================================================
--- retired/CVE-2011-1082	                        (rev 0)
+++ retired/CVE-2011-1082	2012-02-10 15:22:34 UTC (rev 2617)
@@ -0,0 +1,10 @@
+Candidate: CVE-2011-1082
+Description: circular epoll structures
+References:
+Notes:
+Bugs:
+upstream: released (2.6.38-rc7) [22bacca48a1755f79b7e0f192ddb9fbb7fc6e64e]
+2.6.32-upstream-stable: released (2.6.32.30)
+sid: released (2.6.38-1)
+2.6.26-lenny-security: "needs port"
+2.6.32-squeeze-security: released (2.6.32-31)


Property changes on: retired/CVE-2011-1082
___________________________________________________________________
Added: svn:mergeinfo
   + 

Copied: retired/CVE-2011-1161 (from rev 2616, active/CVE-2011-1161)
===================================================================
--- retired/CVE-2011-1161	                        (rev 0)
+++ retired/CVE-2011-1161	2012-02-10 15:22:34 UTC (rev 2617)
@@ -0,0 +1,11 @@
+Candidate: CVE-2011-1161
+Description: char/tpm: Call tpm_transmit with correct size
+References:
+ http://tpmdd.git.sourceforge.net/git/gitweb.cgi?p=tpmdd/tpmdd;a=commitdiff;h=f0bbed1ee49a4779dfb32159fea669ced8789336
+Notes:
+Bugs:
+upstream: released (3.1-rc8) [6b07d30aca7e52f2881b8c8c20c8a2cd28e8b3d3]
+2.6.32-upstream-stable: released (2.6.32.47)
+sid: released (3.0.0-5) [bugfix/all/stable/3.0.5.patch]
+2.6.26-lenny-security: needed
+2.6.32-squeeze-security: released (2.6.32-40) [bugfix/all/stable/2.6.32.47.patch]


Property changes on: retired/CVE-2011-1161
___________________________________________________________________
Added: svn:mergeinfo
   + 

Copied: retired/CVE-2011-1162 (from rev 2616, active/CVE-2011-1162)
===================================================================
--- retired/CVE-2011-1162	                        (rev 0)
+++ retired/CVE-2011-1162	2012-02-10 15:22:34 UTC (rev 2617)
@@ -0,0 +1,11 @@
+Candidate: CVE-2011-1162
+Description: char/tpm: zero buffer after copying to userspace
+References:
+ http://tpmdd.git.sourceforge.net/git/gitweb.cgi?p=tpmdd/tpmdd;a=commitdiff;h=44480e4077cd782aa8f54eb472b292547f030520
+Notes:
+Bugs:
+upstream: released (3.1-rc8) [3321c07ae5068568cd61ac9f4ba749006a7185c9]
+2.6.32-upstream-stable: released (2.6.32.47)
+sid: released (3.0.0-5) [bugfix/all/stable/3.0.5.patch]
+2.6.26-lenny-security: needed 
+2.6.32-squeeze-security: released (2.6.32-40) [bugfix/all/stable/2.6.32.47.patch]


Property changes on: retired/CVE-2011-1162
___________________________________________________________________
Added: svn:mergeinfo
   + 


