[kernel-sec-discuss] r2754 - active
Ben Hutchings
benh at alioth.debian.org
Fri Sep 21 14:46:35 UTC 2012
Author: benh
Date: 2012-09-21 14:46:13 +0000 (Fri, 21 Sep 2012)
New Revision: 2754
Modified:
active/CVE-2011-4915
active/CVE-2011-4917
Log:
Remove incorrectly identified fixes for CVE-2011-491[57]
The upstream changes allow restricting read-access to per-process
directories, not to /proc/interrupts and /proc/stat.
Modified: active/CVE-2011-4915
===================================================================
--- active/CVE-2011-4915 2012-09-21 10:31:03 UTC (rev 2753)
+++ active/CVE-2011-4915 2012-09-21 14:46:13 UTC (rev 2754)
@@ -4,7 +4,7 @@
Notes:
jmm> This is unlikely to be fixed upstream
Bugs:
-upstream: released (3.3) [0499680a42141d86417a8fbaa8c8db806bea1201, a2ef990ab5a6705a356d146dd773a3b359787497]
+upstream:
2.6.32-upstream-stable: ignored "Minor information leak, not worth a backport and would need additional userspace changes"
sid:
2.6.32-squeeze-security: ignored "Minor information leak, not worth a backport and would need additional userspace changes"
Modified: active/CVE-2011-4917
===================================================================
--- active/CVE-2011-4917 2012-09-21 10:31:03 UTC (rev 2753)
+++ active/CVE-2011-4917 2012-09-21 14:46:13 UTC (rev 2754)
@@ -3,7 +3,7 @@
https://lkml.org/lkml/2011/11/7/340
Notes:
Bugs:
-upstream: released (3.3) [0499680a42141d86417a8fbaa8c8db806bea1201, a2ef990ab5a6705a356d146dd773a3b359787497]
+upstream:
2.6.32-upstream-stable: ignored "Minor information leak, not worth a backport and would need additional userspace changes"
sid:
2.6.32-squeeze-security: ignored "Minor information leak, not worth a backport and would need additional userspace changes"
More information about the kernel-sec-discuss
mailing list