[kernel] r4973 - patch-tracking

Dann Frazier dannf at costa.debian.org
Mon Dec 5 07:10:53 UTC 2005 

Author: dannf
Date: Mon Dec  5 07:10:49 2005
New Revision: 4973

Modified:
   patch-tracking/CVE-2003-0246
   patch-tracking/CVE-2003-0247
   patch-tracking/CVE-2003-0248
   patch-tracking/CVE-2003-0364
Log:
update some more old issues

Modified: patch-tracking/CVE-2003-0246
==============================================================================
--- patch-tracking/CVE-2003-0246	(original)
+++ patch-tracking/CVE-2003-0246	Mon Dec  5 07:10:49 2005
@@ -31,15 +31,18 @@
  restrict privileges, which allows local users to gain read or write access to
  certain I/O ports.
 Notes: 
+ It looks like the patch originally included in woody was just a one line
+ change; whereas there were two larger patches that went upstream.  I'm
+ moving our trees forward to the upstream one.
 Bugs: 
-upstream: 
-2.6.14: 
-2.6.8-sarge-security: 
-2.4.27-sarge-security: 
-2.6.8: 
-2.4.19-woody-security: 
-2.4.18-woody-security: 
-2.4.17-woody-security: released (2.4.17-1woody1)
-2.4.16-woody-security: 
-2.4.17-woody-security-hppa: 
-2.4.17-woody-security-ia64: 
+upstream: released (2.4.21-rc4)
+2.6.14: N/A
+2.6.8-sarge-security: N/A
+2.4.27-sarge-security: N/A
+2.6.8: N/A
+2.4.19-woody-security: pending (2.4.19-4.woody3)
+2.4.18-woody-security: pending (2.4.18-14.4)
+2.4.17-woody-security: pending (2.4.17-1woody4)
+2.4.16-woody-security: pending (2.4.16-1woody3)
+2.4.17-woody-security-hppa: N/A
+2.4.17-woody-security-ia64: released (011226.14.1)

Modified: patch-tracking/CVE-2003-0247
==============================================================================
--- patch-tracking/CVE-2003-0247	(original)
+++ patch-tracking/CVE-2003-0247	Mon Dec  5 07:10:49 2005
@@ -28,17 +28,15 @@
  Unknown vulnerability in the TTY layer of the Linux kernel 2.4 allows
  attackers to cause a denial of service ("kernel oops").
 Notes: 
- dannf> I think this is the patch:
- http://linux.bkbits.net:8080/linux-2.4/cset@3ecd327dnjRvCM-0cRqFEi1GxPdnTg?nav=index.html|src/|src/drivers|src/drivers/char|related/drivers/char/tty_io.c
 Bugs: 
-upstream: 
-2.6.14: 
-2.6.8-sarge-security: 
-2.4.27-sarge-security: 
-2.6.8: 
-2.4.19-woody-security: 
-2.4.18-woody-security: 
+upstream: released (2.4.21-rc3)
+2.6.14: N/A
+2.6.8-sarge-security: N/A
+2.4.27-sarge-security: N/A
+2.6.8: N/A
+2.4.19-woody-security: pending (2.4.19-4.woody3)
+2.4.18-woody-security: released (2.4.18-9)
 2.4.17-woody-security: released (2.4.17-1woody1)
-2.4.16-woody-security: 
-2.4.17-woody-security-hppa: 
-2.4.17-woody-security-ia64: 
+2.4.16-woody-security: pending (2.4.16-1woody3)
+2.4.17-woody-security-hppa: pending (32.5)
+2.4.17-woody-security-ia64: released (011226.14.1)

Modified: patch-tracking/CVE-2003-0248
==============================================================================
--- patch-tracking/CVE-2003-0248	(original)
+++ patch-tracking/CVE-2003-0248	Mon Dec  5 07:10:49 2005
@@ -29,14 +29,14 @@
  dannf> I think this is the patch:
  dannf> http://linux.bkbits.net:8080/linux-2.4/cset@3f293760h0HL1XxaPHNYxPXmpO1k8g?nav=index.html|src/|src/arch|src/arch/i386|src/arch/i386/kernel|related/arch/i386/kernel/i387.c
 Bugs: 
-upstream: 
-2.6.14: 
-2.6.8-sarge-security: 
-2.4.27-sarge-security: 
-2.6.8: 
-2.4.19-woody-security: 
-2.4.18-woody-security: 
+upstream: released (2.4.22-pre10)
+2.6.14: N/A
+2.6.8-sarge-security: N/A
+2.4.27-sarge-security: N/A
+2.6.8: N/A
+2.4.19-woody-security: pending (2.4.19-4.woody3)
+2.4.18-woody-security: released (2.4.18-9)
 2.4.17-woody-security: released (2.4.17-1woody1)
-2.4.16-woody-security: 
-2.4.17-woody-security-hppa: 
-2.4.17-woody-security-ia64: 
+2.4.16-woody-security: pending (2.4.16-1woody3)
+2.4.17-woody-security-hppa: N/A
+2.4.17-woody-security-ia64: released (011226.14.1)

Modified: patch-tracking/CVE-2003-0364
==============================================================================
--- patch-tracking/CVE-2003-0364	(original)
+++ patch-tracking/CVE-2003-0364	Mon Dec  5 07:10:49 2005
@@ -24,23 +24,17 @@
  The TCP/IP fragment reassembly handling in the Linux kernel 2.4 allows remote
  attackers to cause a denial of service (CPU consumption) via certain packets that
  cause a large number of hash table collisions.
- .
- dannf> Looked at backporting to 2.4.19.  Needs:
- dannf> http://linux.bkbits.net:8080/linux-2.4/cset@3eb386b2dS-8SRa2JJ56ZkSILlS36w?nav=index.html|src/|src/include|src/include/linux|related/include/linux/jhash.h
- dannf>  and
- dannf> http://linux.bkbits.net:8080/linux-2.4/cset@3ed4493chErJDQEJzZiV8csaf1XppA?nav=index.html|src/|src/net|src/net/ipv4|related/net/ipv4/ip_fragment.c
- dannf> and probably something in between
 Notes: 
 Bugs: 
-upstream: 
-2.6.14: 
-2.6.8-sarge-security: 
-2.4.27-sarge-security: 
-2.6.8: 
+upstream: released (2.4.21-rc7)
+2.6.14: N/A
+2.6.8-sarge-security: N/A
+2.4.27-sarge-security: N/A
+2.6.8: N/A
 2.2.20-woody-security: released (2.2.20-5woody2)
-2.4.19-woody-security: 
+2.4.19-woody-security: pending (2.4.19-4.woody3)
 2.4.18-woody-security: released (2.4.18-9)
 2.4.17-woody-security: released (2.4.17-1woody1)
-2.4.16-woody-security: 
-2.4.17-woody-security-hppa: 
-2.4.17-woody-security-ia64: 
+2.4.16-woody-security: pending (2.4.16-1woody3)
+2.4.17-woody-security-hppa: pending (32.5)
+2.4.17-woody-security-ia64: released (011226.14.1)

More information about the Kernel-svn-changes mailing list