[kernel-sec-discuss] r2762 - active retired
Moritz Muehlenhoff
jmm at alioth.debian.org
Wed Oct 10 09:44:48 UTC 2012
Author: jmm
Date: 2012-10-10 09:44:27 +0000 (Wed, 10 Oct 2012)
New Revision: 2762
Added:
retired/CVE-2011-4077
retired/CVE-2011-4086
retired/CVE-2011-4347
retired/CVE-2011-4622
retired/CVE-2011-4914
retired/CVE-2012-0045
retired/CVE-2012-0879
retired/CVE-2012-1601
retired/CVE-2012-2123
retired/CVE-2012-2133
retired/CVE-2012-2136
retired/CVE-2012-2313
retired/CVE-2012-2319
retired/CVE-2012-2745
retired/CVE-2012-3400
Removed:
active/CVE-2011-4077
active/CVE-2011-4086
active/CVE-2011-4347
active/CVE-2011-4622
active/CVE-2011-4914
active/CVE-2012-0045
active/CVE-2012-0879
active/CVE-2012-1601
active/CVE-2012-2123
active/CVE-2012-2133
active/CVE-2012-2136
active/CVE-2012-2313
active/CVE-2012-2319
active/CVE-2012-2745
active/CVE-2012-3400
Log:
retire
Deleted: active/CVE-2011-4077
===================================================================
--- active/CVE-2011-4077 2012-10-10 09:42:53 UTC (rev 2761)
+++ active/CVE-2011-4077 2012-10-10 09:44:27 UTC (rev 2762)
@@ -1,14 +0,0 @@
-Description: xfs: potential buffer overflow in xfs_readlink()
-References:
- https://bugzilla.redhat.com/show_bug.cgi?id=749156
- http://oss.sgi.com/archives/xfs/2011-10/msg00345.html
-Notes:
- Proposed patch doesn't seem to fix the bug, due to possible integer
- overflow.
-Bugs:
-upstream: released (3.2-rc2) [b52a360b2aa1c59ba9970fb0f52bbb093fcc7a24]
-2.6.32-upstream-stable: released (2.6.32.60)
-sid: released (3.0.0-6) [bugfix/all/xfs-fix-memory-corruption-in-xfs_readlink.patch, bugfix/all/xfs-fix-memory-corruption-in-xfs_readlink-2.patch]
-2.6.26-lenny-security: released (2.6.26-28) [bugfix/all/xfs-fix-possible-memory-corruption-in-xfs_readlink.patch]
-2.6.32-squeeze-security: released (2.6.32-39squeeze1) [bugfix/all/xfs-fix-possible-memory-corruption-in-xfs_readlink.patch]
-3.2-upstream-stable: N/A
Deleted: active/CVE-2011-4086
===================================================================
--- active/CVE-2011-4086 2012-10-10 09:42:53 UTC (rev 2761)
+++ active/CVE-2011-4086 2012-10-10 09:44:27 UTC (rev 2762)
@@ -1,9 +0,0 @@
-Description:
-References:
-Notes:
-Bugs:
-upstream: released (3.2) [15291164b22a357cb211b618adfef4fa82fc0de3]
-2.6.32-upstream-stable: released (2.6.32.60)
-sid: released (3.2-1)
-2.6.32-squeeze-security: released (2.6.32-44) [bugfix/all/jbd2-clear-BH_Delay-BH_Unwritten-in-journal_unmap_buffer.patch]
-3.2-upstream-stable: N/A
Deleted: active/CVE-2011-4347
===================================================================
--- active/CVE-2011-4347 2012-10-10 09:42:53 UTC (rev 2761)
+++ active/CVE-2011-4347 2012-10-10 09:44:27 UTC (rev 2762)
@@ -1,16 +0,0 @@
-Description: kvm: device assignment DoS
-References:
- https://bugzilla.redhat.com/show_bug.cgi?id=756084
- http://thread.gmane.org/gmane.comp.emulators.kvm.devel/82043
-Notes:
- <dannf> was 3d27e23b17010c668db311140b17bbbb70c78fb9 meant do address
- CVE-2011-4347?
- <aw> yes. you can include the one before it too
- 423873736b78f549fbfa2f715f2e4de7e6c5e1e9
-Bugs:
-upstream: released (3.2) [423873736b78f549fbfa2f715f2e4de7e6c5e1e9, 3d27e23b17010c668db311140b17bbbb70c78fb9]
-2.6.32-upstream-stable: released (2.6.32.60)
-sid: released (3.2.1-1)
-2.6.26-lenny-security: N/A "code not present"
-2.6.32-squeeze-security: released (2.6.32-41squeeze1) [bugfix/all/KVM-Remove-ability-to-assign-a-device-without-iommu-support.patch, bugfix/all/KVM-Device-assignment-permission-checks.patch
-3.2-upstream-stable: N/A
Deleted: active/CVE-2011-4622
===================================================================
--- active/CVE-2011-4622 2012-10-10 09:42:53 UTC (rev 2761)
+++ active/CVE-2011-4622 2012-10-10 09:44:27 UTC (rev 2762)
@@ -1,11 +0,0 @@
-Description: kvm: pit timer with no irqchip crashes the system
-References:
- http://permalink.gmane.org/gmane.comp.emulators.kvm.devel/83564
-Notes:
-Bugs:
-upstream: released (3.2) [0924ab2cfa98b1ece26c033d696651fd62896c69]
-2.6.32-upstream-stable: released (2.6.32.60)
-sid: released (3.1.8-1)
-2.6.26-lenny-security: released (2.6.26-28) [bugfix/x86/kvm-prevent-starting-pit-timers-in-the-absence-of-irqchip-support.patch]
-2.6.32-squeeze-security: released (2.6.32-39squeeze1) [bugfix/x86/kvm-prevent-starting-pit-timers-in-the-absence-of-irqchip-support.patch]
-3.2-upstream-stable: N/A
Deleted: active/CVE-2011-4914
===================================================================
--- active/CVE-2011-4914 2012-10-10 09:42:53 UTC (rev 2761)
+++ active/CVE-2011-4914 2012-10-10 09:44:27 UTC (rev 2762)
@@ -1,13 +0,0 @@
-Candidate:
-Description: rose: Add length checks to CALL_REQUEST parsing
-References:
- http://marc.info/?l=linux-netdev&m=130063972406389&w=2
-Notes:
- dannf> mitre decided this should be separate than CVE-2010-1493
-Bugs:
-upstream: released (2.6.39-rc1) [e0bccd315db0c2f919e7fcf9cb60db21d9986f52]
-2.6.32-upstream-stable: released (2.6.32.60)
-sid: released (2.6.39-1)
-2.6.26-lenny-security: released (2.6.26-28) [bugfix/all/rose-add-length-checks-to-CALL_REQUEST-parsing.patch]
-2.6.32-squeeze-security: released (2.6.32-39squeeze1) [bugfix/all/rose-add-length-checks-to-CALL_REQUEST-parsing.patch]
-3.2-upstream-stable: N/A
Deleted: active/CVE-2012-0045
===================================================================
--- active/CVE-2012-0045 2012-10-10 09:42:53 UTC (rev 2761)
+++ active/CVE-2012-0045 2012-10-10 09:44:27 UTC (rev 2762)
@@ -1,13 +0,0 @@
-Description: kvm: syscall instruction induced guest panic
-References:
- https://bugzilla.redhat.com/show_bug.cgi?id=773370
- https://lkml.org/lkml/2011/12/28/170
- http://www.spinics.net/lists/kvm/msg66633.html
-Notes:
-Bugs:
-upstream: released (3.3) [bdb42f5afebe208eae90406959383856ae2caf2b, c2226fc9e87ba3da060e47333657cd6616652b84]
-2.6.32-upstream-stable: released (2.6.32.60)
-sid: released (3.2.2-1) [bugfix/x86/KVM-x86-extend-struct-x86_emulate_ops-with-get_cpuid.patch, bugfix/x86/KVM-x86-fix-missing-checks-in-syscall-emulation.patch]
-2.6.26-lenny-security: N/A "Introduced in 2.6.32"
-2.6.32-squeeze-security: released (2.6.32-41squeeze1) [bugfix/x86/KVM-extend-struct-x86_emulate_ops-with-get_cpuid.patch, bugfix/x86/KVM-fix-missing-checks-in-syscall-emulation.patch]
-3.2-upstream-stable: released (3.2.14) [90509a557798a023b3f5c46bebae62aa00e5da2a, c401f604a75970a1e5c2718232b3c4c2060a3ee8]
Deleted: active/CVE-2012-0879
===================================================================
--- active/CVE-2012-0879 2012-10-10 09:42:53 UTC (rev 2761)
+++ active/CVE-2012-0879 2012-10-10 09:44:27 UTC (rev 2762)
@@ -1,11 +0,0 @@
-Description: block: CLONE_IO io_context refcounting issues
-References:
- https://bugzilla.redhat.com/show_bug.cgi?id=796829
- http://comments.gmane.org/gmane.linux.kernel/922519
-Notes:
-Bugs:
-upstream: released (2.6.33) [61cc74fbb87af6aa551a06a370590c9bc07e29d9, b69f2292063d2caf37ca9aec7d63ded203701bf3]
-2.6.32-upstream-stable: released (2.6.32.60)
-sid: released (2.6.33-1)
-2.6.32-squeeze-security: released (2.6.32-44) [bugfix/all/block-Fix-io_context-leak-after-clone-with-CLONE_IO.patch, bugfix/all/block-Fix-io_context-leak-after-failure-of-clone-with-CLONE_IO.patch]
-3.2-upstream-stable: N/A
Deleted: active/CVE-2012-1601
===================================================================
--- active/CVE-2012-1601 2012-10-10 09:42:53 UTC (rev 2761)
+++ active/CVE-2012-1601 2012-10-10 09:44:27 UTC (rev 2762)
@@ -1,11 +0,0 @@
-Description: kvm: irqchip_in_kernel() and vcpu->arch.apic inconsistency
-References:
- http://comments.gmane.org/gmane.comp.emulators.kvm.devel/86217
- https://bugzilla.redhat.com/show_bug.cgi?id=808199
-Notes:
-Bugs:
-upstream: released (3.4-rc1) [3e515705a1f46beb1c942bb8043c16f8ac7b1e9e]
-2.6.32-upstream-stable: released (2.6.32.60)
-sid: released (3.2.17-1) [bugfix/all/kvm-ensure-all-vcpus-are-consistent-with-in-kernel-irqchip.patch]
-2.6.32-squeeze-security: released (2.6.32-44) [bugfix/x86/KVM-disallow-multiple-KVM_CREATE_IRQCHIP.patch, bugfix/x86/KVM-Ensure-all-vcpus-are-consistent-with-in-kernel-irqchip-settings.patch]
-3.2-upstream-stable: released (3.2.19) [645b177cbfce6b695bdbe0b4c131de584821840d]
Deleted: active/CVE-2012-2123
===================================================================
--- active/CVE-2012-2123 2012-10-10 09:42:53 UTC (rev 2761)
+++ active/CVE-2012-2123 2012-10-10 09:44:27 UTC (rev 2762)
@@ -1,9 +0,0 @@
-Description: fcaps: clear the same personality flags as suid when fcaps are used
-References:
-Notes:
-Bugs:
-upstream: released (3.4-rc4) [d52fc5dde171f030170a6cb78034d166b13c9445, 51b79bee627d526199b2f6a6bef8ee0c0739b6d1]
-2.6.32-upstream-stable: released (2.6.32.60)
-sid: released (3.2.16-1)
-2.6.32-squeeze-security: released (2.6.32-44) [bugfix/all/fcaps-clear-the-same-personality-flags-as-suid-when-fcaps-are-used.patch, bugfix/all/security-fix-compile-error-in-commoncap.c.patch]
-3.2-upstream-stable: released (3.2.16) [f2c309c36d0a433c88534082cb2c3a817d6bd409, fd18a0805b2b68228c0493337000f63c2573cc0c]
Deleted: active/CVE-2012-2133
===================================================================
--- active/CVE-2012-2133 2012-10-10 09:42:53 UTC (rev 2761)
+++ active/CVE-2012-2133 2012-10-10 09:44:27 UTC (rev 2762)
@@ -1,10 +0,0 @@
-Description: use after free bug in "quota" handling in hugetlb code
-References:
-Notes:
- jmm> Introduced in 2.6.24
-Bugs:
-upstream: released (3.4-rc1) [90481622d75715bfcb68501280a917dbfe516029]
-2.6.32-upstream-stable: released (2.6.32.60)
-sid: released (3.2.19-1) [bugfix/all/hugepages-fix-use-after-free-bug-in-quota-handling.patch]
-2.6.32-squeeze-security: released (2.6.32-44) [bugfix/all/hugepages-fix-use-after-free-bug-in-quota-handling.patch]
-3.2-upstream-stable: released (3.2.24)
Deleted: active/CVE-2012-2136
===================================================================
--- active/CVE-2012-2136 2012-10-10 09:42:53 UTC (rev 2761)
+++ active/CVE-2012-2136 2012-10-10 09:44:27 UTC (rev 2762)
@@ -1,11 +0,0 @@
-Description:
-References:
- https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-2136
- http://thread.gmane.org/gmane.linux.network/232111
-Notes:
-Bugs:
-upstream: released (v3.5-rc1) [cc9b17ad29ecaa20bfe426a8d4dbfb94b13ff1cc]
-2.6.32-upstream-stable: released (2.6.32.60)
-sid: released (3.2.20-1)
-2.6.32-squeeze-security: released (2.6.32-46) [bugfix/all/net-sock-validate-data_len-before-allocating-skb-in-sock_alloc_send_pskb.patch]
-3.2-upstream-stable: released (3.2.23)
Deleted: active/CVE-2012-2313
===================================================================
--- active/CVE-2012-2313 2012-10-10 09:42:53 UTC (rev 2761)
+++ active/CVE-2012-2313 2012-10-10 09:44:27 UTC (rev 2762)
@@ -1,13 +0,0 @@
-Description: more tight ioctl permissions in dl2k driver
-References:
- References: http://www.spinics.net/lists/netdev/msg196365.html
- http://www.spinics.net/lists/netdev/msg196381.html
- http://www.spinics.net/lists/netdev/msg196382.html
- https://bugzilla.novell.com/show_bug.cgi?id=758813
-Notes:
-Bugs:
-upstream: released (3.4-rc4) [1bb57e940e1958e40d51f2078f50c3a96a9b2d75]
-2.6.32-upstream-stable: released (2.6.32.60)
-sid: released (3.2.19-1)
-2.6.32-squeeze-security: released (2.6.32-46) [bugfix/all/dl2k-use-standard-defines-from-mii.h.patch, bugfix/all/dl2k-Clean-up-rio_ioctl.patch]
-3.2-upstream-stable: released (3.2.19) [bdd06be083b51fa7bdf04d8c8b699870f29bae69]
Deleted: active/CVE-2012-2319
===================================================================
--- active/CVE-2012-2319 2012-10-10 09:42:53 UTC (rev 2761)
+++ active/CVE-2012-2319 2012-10-10 09:44:27 UTC (rev 2762)
@@ -1,9 +0,0 @@
-Description: Buffer overflow in HFS
-Reference:s
-Notes:
-Bugs:
-upstream: released (3.4-rc6) [6f24f892871acc47b40dd594c63606a17c714f77]
-2.6.32-upstream-stable: released (2.6.32.60)
-sid: released (3.2.17-1)
-2.6.32-squeeze-security: released (2.6.32-46) [bugfix/all/hfsplus-Fix-potential-buffer-overflows.patch]
-3.2-upstream-stable: released (3.2.17) [d4af6eb924ce29b9e46037134ca69ce085b5c36c]
Deleted: active/CVE-2012-2745
===================================================================
--- active/CVE-2012-2745 2012-10-10 09:42:53 UTC (rev 2761)
+++ active/CVE-2012-2745 2012-10-10 09:44:27 UTC (rev 2762)
@@ -1,10 +0,0 @@
-Description: cred: copy_process() should clear child->replacement_session_keyring
-References:
- https://rhn.redhat.com/errata/RHSA-2012-1064.html
-Notes:
-Bugs:
-upstream: released (3.4) [79549c6dfda0603dba9a70a53467ce62d9335c33]
-2.6.32-upstream-stable: released (2.6.32.60)
-sid: released (3.2.15-1)
-2.6.32-squeeze-security: released (2.6.32-46) [bugfix/all/cred-copy_process-should-clear-child-replacement_session_keyring.patch]
-3.2-upstream-stable: released (3.2.15)
Deleted: active/CVE-2012-3400
===================================================================
--- active/CVE-2012-3400 2012-10-10 09:42:53 UTC (rev 2761)
+++ active/CVE-2012-3400 2012-10-10 09:44:27 UTC (rev 2762)
@@ -1,9 +0,0 @@
-Description:
-References:
-Notes:
-Bugs:
-upstream: released (3.5-rc5) [1df2ae31c724e57be9d7ac00d78db8a5dabdd050, adee11b2085bee90bd8f4f52123ffb07882d6256]
-2.6.32-upstream-stable: released (2.6.32.60)
-sid: released (3.2.23-1)
-2.6.32-squeeze-security: released (2.6.32-46) [bugfix/all/udf-Fortify-loading-of-sparing-table.patch, bugfix/all/udf-Avoid-run-away-loop-when-partition-table-length-is-corrupted.patch]
-3.2-upstream-stable: released (3.2.23)
Copied: retired/CVE-2011-4077 (from rev 2761, active/CVE-2011-4077)
===================================================================
--- retired/CVE-2011-4077 (rev 0)
+++ retired/CVE-2011-4077 2012-10-10 09:44:27 UTC (rev 2762)
@@ -0,0 +1,14 @@
+Description: xfs: potential buffer overflow in xfs_readlink()
+References:
+ https://bugzilla.redhat.com/show_bug.cgi?id=749156
+ http://oss.sgi.com/archives/xfs/2011-10/msg00345.html
+Notes:
+ Proposed patch doesn't seem to fix the bug, due to possible integer
+ overflow.
+Bugs:
+upstream: released (3.2-rc2) [b52a360b2aa1c59ba9970fb0f52bbb093fcc7a24]
+2.6.32-upstream-stable: released (2.6.32.60)
+sid: released (3.0.0-6) [bugfix/all/xfs-fix-memory-corruption-in-xfs_readlink.patch, bugfix/all/xfs-fix-memory-corruption-in-xfs_readlink-2.patch]
+2.6.26-lenny-security: released (2.6.26-28) [bugfix/all/xfs-fix-possible-memory-corruption-in-xfs_readlink.patch]
+2.6.32-squeeze-security: released (2.6.32-39squeeze1) [bugfix/all/xfs-fix-possible-memory-corruption-in-xfs_readlink.patch]
+3.2-upstream-stable: N/A
Property changes on: retired/CVE-2011-4077
___________________________________________________________________
Added: svn:mergeinfo
+
Copied: retired/CVE-2011-4086 (from rev 2761, active/CVE-2011-4086)
===================================================================
--- retired/CVE-2011-4086 (rev 0)
+++ retired/CVE-2011-4086 2012-10-10 09:44:27 UTC (rev 2762)
@@ -0,0 +1,9 @@
+Description:
+References:
+Notes:
+Bugs:
+upstream: released (3.2) [15291164b22a357cb211b618adfef4fa82fc0de3]
+2.6.32-upstream-stable: released (2.6.32.60)
+sid: released (3.2-1)
+2.6.32-squeeze-security: released (2.6.32-44) [bugfix/all/jbd2-clear-BH_Delay-BH_Unwritten-in-journal_unmap_buffer.patch]
+3.2-upstream-stable: N/A
Property changes on: retired/CVE-2011-4086
___________________________________________________________________
Added: svn:mergeinfo
+
Copied: retired/CVE-2011-4347 (from rev 2761, active/CVE-2011-4347)
===================================================================
--- retired/CVE-2011-4347 (rev 0)
+++ retired/CVE-2011-4347 2012-10-10 09:44:27 UTC (rev 2762)
@@ -0,0 +1,16 @@
+Description: kvm: device assignment DoS
+References:
+ https://bugzilla.redhat.com/show_bug.cgi?id=756084
+ http://thread.gmane.org/gmane.comp.emulators.kvm.devel/82043
+Notes:
+ <dannf> was 3d27e23b17010c668db311140b17bbbb70c78fb9 meant do address
+ CVE-2011-4347?
+ <aw> yes. you can include the one before it too
+ 423873736b78f549fbfa2f715f2e4de7e6c5e1e9
+Bugs:
+upstream: released (3.2) [423873736b78f549fbfa2f715f2e4de7e6c5e1e9, 3d27e23b17010c668db311140b17bbbb70c78fb9]
+2.6.32-upstream-stable: released (2.6.32.60)
+sid: released (3.2.1-1)
+2.6.26-lenny-security: N/A "code not present"
+2.6.32-squeeze-security: released (2.6.32-41squeeze1) [bugfix/all/KVM-Remove-ability-to-assign-a-device-without-iommu-support.patch, bugfix/all/KVM-Device-assignment-permission-checks.patch
+3.2-upstream-stable: N/A
Property changes on: retired/CVE-2011-4347
___________________________________________________________________
Added: svn:mergeinfo
+
Copied: retired/CVE-2011-4622 (from rev 2761, active/CVE-2011-4622)
===================================================================
--- retired/CVE-2011-4622 (rev 0)
+++ retired/CVE-2011-4622 2012-10-10 09:44:27 UTC (rev 2762)
@@ -0,0 +1,11 @@
+Description: kvm: pit timer with no irqchip crashes the system
+References:
+ http://permalink.gmane.org/gmane.comp.emulators.kvm.devel/83564
+Notes:
+Bugs:
+upstream: released (3.2) [0924ab2cfa98b1ece26c033d696651fd62896c69]
+2.6.32-upstream-stable: released (2.6.32.60)
+sid: released (3.1.8-1)
+2.6.26-lenny-security: released (2.6.26-28) [bugfix/x86/kvm-prevent-starting-pit-timers-in-the-absence-of-irqchip-support.patch]
+2.6.32-squeeze-security: released (2.6.32-39squeeze1) [bugfix/x86/kvm-prevent-starting-pit-timers-in-the-absence-of-irqchip-support.patch]
+3.2-upstream-stable: N/A
Property changes on: retired/CVE-2011-4622
___________________________________________________________________
Added: svn:mergeinfo
+
Copied: retired/CVE-2011-4914 (from rev 2761, active/CVE-2011-4914)
===================================================================
--- retired/CVE-2011-4914 (rev 0)
+++ retired/CVE-2011-4914 2012-10-10 09:44:27 UTC (rev 2762)
@@ -0,0 +1,13 @@
+Candidate:
+Description: rose: Add length checks to CALL_REQUEST parsing
+References:
+ http://marc.info/?l=linux-netdev&m=130063972406389&w=2
+Notes:
+ dannf> mitre decided this should be separate than CVE-2010-1493
+Bugs:
+upstream: released (2.6.39-rc1) [e0bccd315db0c2f919e7fcf9cb60db21d9986f52]
+2.6.32-upstream-stable: released (2.6.32.60)
+sid: released (2.6.39-1)
+2.6.26-lenny-security: released (2.6.26-28) [bugfix/all/rose-add-length-checks-to-CALL_REQUEST-parsing.patch]
+2.6.32-squeeze-security: released (2.6.32-39squeeze1) [bugfix/all/rose-add-length-checks-to-CALL_REQUEST-parsing.patch]
+3.2-upstream-stable: N/A
Copied: retired/CVE-2012-0045 (from rev 2761, active/CVE-2012-0045)
===================================================================
--- retired/CVE-2012-0045 (rev 0)
+++ retired/CVE-2012-0045 2012-10-10 09:44:27 UTC (rev 2762)
@@ -0,0 +1,13 @@
+Description: kvm: syscall instruction induced guest panic
+References:
+ https://bugzilla.redhat.com/show_bug.cgi?id=773370
+ https://lkml.org/lkml/2011/12/28/170
+ http://www.spinics.net/lists/kvm/msg66633.html
+Notes:
+Bugs:
+upstream: released (3.3) [bdb42f5afebe208eae90406959383856ae2caf2b, c2226fc9e87ba3da060e47333657cd6616652b84]
+2.6.32-upstream-stable: released (2.6.32.60)
+sid: released (3.2.2-1) [bugfix/x86/KVM-x86-extend-struct-x86_emulate_ops-with-get_cpuid.patch, bugfix/x86/KVM-x86-fix-missing-checks-in-syscall-emulation.patch]
+2.6.26-lenny-security: N/A "Introduced in 2.6.32"
+2.6.32-squeeze-security: released (2.6.32-41squeeze1) [bugfix/x86/KVM-extend-struct-x86_emulate_ops-with-get_cpuid.patch, bugfix/x86/KVM-fix-missing-checks-in-syscall-emulation.patch]
+3.2-upstream-stable: released (3.2.14) [90509a557798a023b3f5c46bebae62aa00e5da2a, c401f604a75970a1e5c2718232b3c4c2060a3ee8]
Property changes on: retired/CVE-2012-0045
___________________________________________________________________
Added: svn:mergeinfo
+
Copied: retired/CVE-2012-0879 (from rev 2761, active/CVE-2012-0879)
===================================================================
--- retired/CVE-2012-0879 (rev 0)
+++ retired/CVE-2012-0879 2012-10-10 09:44:27 UTC (rev 2762)
@@ -0,0 +1,11 @@
+Description: block: CLONE_IO io_context refcounting issues
+References:
+ https://bugzilla.redhat.com/show_bug.cgi?id=796829
+ http://comments.gmane.org/gmane.linux.kernel/922519
+Notes:
+Bugs:
+upstream: released (2.6.33) [61cc74fbb87af6aa551a06a370590c9bc07e29d9, b69f2292063d2caf37ca9aec7d63ded203701bf3]
+2.6.32-upstream-stable: released (2.6.32.60)
+sid: released (2.6.33-1)
+2.6.32-squeeze-security: released (2.6.32-44) [bugfix/all/block-Fix-io_context-leak-after-clone-with-CLONE_IO.patch, bugfix/all/block-Fix-io_context-leak-after-failure-of-clone-with-CLONE_IO.patch]
+3.2-upstream-stable: N/A
Property changes on: retired/CVE-2012-0879
___________________________________________________________________
Added: svn:mergeinfo
+
Copied: retired/CVE-2012-1601 (from rev 2761, active/CVE-2012-1601)
===================================================================
--- retired/CVE-2012-1601 (rev 0)
+++ retired/CVE-2012-1601 2012-10-10 09:44:27 UTC (rev 2762)
@@ -0,0 +1,11 @@
+Description: kvm: irqchip_in_kernel() and vcpu->arch.apic inconsistency
+References:
+ http://comments.gmane.org/gmane.comp.emulators.kvm.devel/86217
+ https://bugzilla.redhat.com/show_bug.cgi?id=808199
+Notes:
+Bugs:
+upstream: released (3.4-rc1) [3e515705a1f46beb1c942bb8043c16f8ac7b1e9e]
+2.6.32-upstream-stable: released (2.6.32.60)
+sid: released (3.2.17-1) [bugfix/all/kvm-ensure-all-vcpus-are-consistent-with-in-kernel-irqchip.patch]
+2.6.32-squeeze-security: released (2.6.32-44) [bugfix/x86/KVM-disallow-multiple-KVM_CREATE_IRQCHIP.patch, bugfix/x86/KVM-Ensure-all-vcpus-are-consistent-with-in-kernel-irqchip-settings.patch]
+3.2-upstream-stable: released (3.2.19) [645b177cbfce6b695bdbe0b4c131de584821840d]
Property changes on: retired/CVE-2012-1601
___________________________________________________________________
Added: svn:mergeinfo
+
Copied: retired/CVE-2012-2123 (from rev 2761, active/CVE-2012-2123)
===================================================================
--- retired/CVE-2012-2123 (rev 0)
+++ retired/CVE-2012-2123 2012-10-10 09:44:27 UTC (rev 2762)
@@ -0,0 +1,9 @@
+Description: fcaps: clear the same personality flags as suid when fcaps are used
+References:
+Notes:
+Bugs:
+upstream: released (3.4-rc4) [d52fc5dde171f030170a6cb78034d166b13c9445, 51b79bee627d526199b2f6a6bef8ee0c0739b6d1]
+2.6.32-upstream-stable: released (2.6.32.60)
+sid: released (3.2.16-1)
+2.6.32-squeeze-security: released (2.6.32-44) [bugfix/all/fcaps-clear-the-same-personality-flags-as-suid-when-fcaps-are-used.patch, bugfix/all/security-fix-compile-error-in-commoncap.c.patch]
+3.2-upstream-stable: released (3.2.16) [f2c309c36d0a433c88534082cb2c3a817d6bd409, fd18a0805b2b68228c0493337000f63c2573cc0c]
Property changes on: retired/CVE-2012-2123
___________________________________________________________________
Added: svn:mergeinfo
+
Copied: retired/CVE-2012-2133 (from rev 2761, active/CVE-2012-2133)
===================================================================
--- retired/CVE-2012-2133 (rev 0)
+++ retired/CVE-2012-2133 2012-10-10 09:44:27 UTC (rev 2762)
@@ -0,0 +1,10 @@
+Description: use after free bug in "quota" handling in hugetlb code
+References:
+Notes:
+ jmm> Introduced in 2.6.24
+Bugs:
+upstream: released (3.4-rc1) [90481622d75715bfcb68501280a917dbfe516029]
+2.6.32-upstream-stable: released (2.6.32.60)
+sid: released (3.2.19-1) [bugfix/all/hugepages-fix-use-after-free-bug-in-quota-handling.patch]
+2.6.32-squeeze-security: released (2.6.32-44) [bugfix/all/hugepages-fix-use-after-free-bug-in-quota-handling.patch]
+3.2-upstream-stable: released (3.2.24)
Property changes on: retired/CVE-2012-2133
___________________________________________________________________
Added: svn:mergeinfo
+
Copied: retired/CVE-2012-2136 (from rev 2761, active/CVE-2012-2136)
===================================================================
--- retired/CVE-2012-2136 (rev 0)
+++ retired/CVE-2012-2136 2012-10-10 09:44:27 UTC (rev 2762)
@@ -0,0 +1,11 @@
+Description:
+References:
+ https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-2136
+ http://thread.gmane.org/gmane.linux.network/232111
+Notes:
+Bugs:
+upstream: released (v3.5-rc1) [cc9b17ad29ecaa20bfe426a8d4dbfb94b13ff1cc]
+2.6.32-upstream-stable: released (2.6.32.60)
+sid: released (3.2.20-1)
+2.6.32-squeeze-security: released (2.6.32-46) [bugfix/all/net-sock-validate-data_len-before-allocating-skb-in-sock_alloc_send_pskb.patch]
+3.2-upstream-stable: released (3.2.23)
Property changes on: retired/CVE-2012-2136
___________________________________________________________________
Added: svn:mergeinfo
+
Copied: retired/CVE-2012-2313 (from rev 2761, active/CVE-2012-2313)
===================================================================
--- retired/CVE-2012-2313 (rev 0)
+++ retired/CVE-2012-2313 2012-10-10 09:44:27 UTC (rev 2762)
@@ -0,0 +1,13 @@
+Description: more tight ioctl permissions in dl2k driver
+References:
+ References: http://www.spinics.net/lists/netdev/msg196365.html
+ http://www.spinics.net/lists/netdev/msg196381.html
+ http://www.spinics.net/lists/netdev/msg196382.html
+ https://bugzilla.novell.com/show_bug.cgi?id=758813
+Notes:
+Bugs:
+upstream: released (3.4-rc4) [1bb57e940e1958e40d51f2078f50c3a96a9b2d75]
+2.6.32-upstream-stable: released (2.6.32.60)
+sid: released (3.2.19-1)
+2.6.32-squeeze-security: released (2.6.32-46) [bugfix/all/dl2k-use-standard-defines-from-mii.h.patch, bugfix/all/dl2k-Clean-up-rio_ioctl.patch]
+3.2-upstream-stable: released (3.2.19) [bdd06be083b51fa7bdf04d8c8b699870f29bae69]
Property changes on: retired/CVE-2012-2313
___________________________________________________________________
Added: svn:mergeinfo
+
Copied: retired/CVE-2012-2319 (from rev 2761, active/CVE-2012-2319)
===================================================================
--- retired/CVE-2012-2319 (rev 0)
+++ retired/CVE-2012-2319 2012-10-10 09:44:27 UTC (rev 2762)
@@ -0,0 +1,9 @@
+Description: Buffer overflow in HFS
+Reference:s
+Notes:
+Bugs:
+upstream: released (3.4-rc6) [6f24f892871acc47b40dd594c63606a17c714f77]
+2.6.32-upstream-stable: released (2.6.32.60)
+sid: released (3.2.17-1)
+2.6.32-squeeze-security: released (2.6.32-46) [bugfix/all/hfsplus-Fix-potential-buffer-overflows.patch]
+3.2-upstream-stable: released (3.2.17) [d4af6eb924ce29b9e46037134ca69ce085b5c36c]
Property changes on: retired/CVE-2012-2319
___________________________________________________________________
Added: svn:mergeinfo
+
Copied: retired/CVE-2012-2745 (from rev 2761, active/CVE-2012-2745)
===================================================================
--- retired/CVE-2012-2745 (rev 0)
+++ retired/CVE-2012-2745 2012-10-10 09:44:27 UTC (rev 2762)
@@ -0,0 +1,10 @@
+Description: cred: copy_process() should clear child->replacement_session_keyring
+References:
+ https://rhn.redhat.com/errata/RHSA-2012-1064.html
+Notes:
+Bugs:
+upstream: released (3.4) [79549c6dfda0603dba9a70a53467ce62d9335c33]
+2.6.32-upstream-stable: released (2.6.32.60)
+sid: released (3.2.15-1)
+2.6.32-squeeze-security: released (2.6.32-46) [bugfix/all/cred-copy_process-should-clear-child-replacement_session_keyring.patch]
+3.2-upstream-stable: released (3.2.15)
Property changes on: retired/CVE-2012-2745
___________________________________________________________________
Added: svn:mergeinfo
+
Copied: retired/CVE-2012-3400 (from rev 2761, active/CVE-2012-3400)
===================================================================
--- retired/CVE-2012-3400 (rev 0)
+++ retired/CVE-2012-3400 2012-10-10 09:44:27 UTC (rev 2762)
@@ -0,0 +1,9 @@
+Description:
+References:
+Notes:
+Bugs:
+upstream: released (3.5-rc5) [1df2ae31c724e57be9d7ac00d78db8a5dabdd050, adee11b2085bee90bd8f4f52123ffb07882d6256]
+2.6.32-upstream-stable: released (2.6.32.60)
+sid: released (3.2.23-1)
+2.6.32-squeeze-security: released (2.6.32-46) [bugfix/all/udf-Fortify-loading-of-sparing-table.patch, bugfix/all/udf-Avoid-run-away-loop-when-partition-table-length-is-corrupted.patch]
+3.2-upstream-stable: released (3.2.23)
Property changes on: retired/CVE-2012-3400
___________________________________________________________________
Added: svn:mergeinfo
+
More information about the kernel-sec-discuss
mailing list