[kernel-sec-discuss] r2759 - active

Moritz Muehlenhoff jmm at alioth.debian.org
Wed Oct 10 09:13:44 UTC 2012 

Author: jmm
Date: 2012-10-10 09:13:20 +0000 (Wed, 10 Oct 2012)
New Revision: 2759

Added:
   active/CVE-2012-0957
Modified:
   active/CVE-2011-4915
   active/CVE-2011-4917
Log:
new issue


Modified: active/CVE-2011-4915
===================================================================
--- active/CVE-2011-4915	2012-10-04 06:32:49 UTC (rev 2758)
+++ active/CVE-2011-4915	2012-10-10 09:13:20 UTC (rev 2759)
@@ -4,8 +4,8 @@
 Notes:
  jmm> This is unlikely to be fixed upstream
 Bugs:
-upstream:
-2.6.32-upstream-stable: ignored "Minor information leak, not worth a backport and would need additional userspace changes"
-sid:
-2.6.32-squeeze-security: ignored "Minor information leak, not worth a backport and would need additional userspace changes"
-3.2-upstream-stable:
+upstream: ignored "Minor information leak, won't be fixed upstream"
+2.6.32-upstream-stable: ignored "Minor information leak, won't be fixed upstream"
+sid: ignored "Minor information leak, won't be fixed upstream"
+2.6.32-squeeze-security: ignored "Minor information leak, won't be fixed upstream"
+3.2-upstream-stable: ignored "Minor information leak, won't be fixed upstream"

Modified: active/CVE-2011-4917
===================================================================
--- active/CVE-2011-4917	2012-10-04 06:32:49 UTC (rev 2758)
+++ active/CVE-2011-4917	2012-10-10 09:13:20 UTC (rev 2759)
@@ -3,8 +3,8 @@
  https://lkml.org/lkml/2011/11/7/340
 Notes:
 Bugs:
-upstream:
-2.6.32-upstream-stable: ignored "Minor information leak, not worth a backport and would need additional userspace changes"
-sid:
-2.6.32-squeeze-security: ignored "Minor information leak, not worth a backport and would need additional userspace changes"
-3.2-upstream-stable:
+upstream: ignored "Minor information leak, won't be fixed upstream"
+2.6.32-upstream-stable: ignored "Minor information leak, won't be fixed upstream"
+sid: ignored "Minor information leak, won't be fixed upstream"
+2.6.32-squeeze-security: ignored "Minor information leak, won't be fixed upstream"
+3.2-upstream-stable: ignored "Minor information leak, won't be fixed upstream"

Added: active/CVE-2012-0957
===================================================================
--- active/CVE-2012-0957	                        (rev 0)
+++ active/CVE-2012-0957	2012-10-10 09:13:20 UTC (rev 2759)
@@ -0,0 +1,10 @@
+Description: fix stack memory content leak via UNAME26
+References:
+ Proposed patch: https://lkml.org/lkml/2012/10/9/550
+Notes:
+Bugs:
+upstream: needed
+2.6.32-upstream-stable: N/A "Introduced in 3.0"
+sid: needed
+2.6.32-squeeze-security: N/A "Introduced in 3.0"
+3.2-upstream-stable: needed

More information about the kernel-sec-discuss mailing list