[kernel] r5026 - patch-tracking
Moritz Muehlenhoff
jmm-guest at costa.debian.org
Sun Dec 18 20:15:26 UTC 2005
Author: jmm-guest
Date: Sun Dec 18 20:15:25 2005
New Revision: 5026
Modified:
patch-tracking/CVE-2004-0177
patch-tracking/CVE-2004-0178
patch-tracking/CVE-2004-0415
patch-tracking/CVE-2004-0495
patch-tracking/CVE-2004-0497
patch-tracking/CVE-2004-0554
patch-tracking/CVE-2004-0790
Log:
more annotations for security issues
Modified: patch-tracking/CVE-2004-0177
==============================================================================
--- patch-tracking/CVE-2004-0177 (original)
+++ patch-tracking/CVE-2004-0177 Sun Dec 18 20:15:25 2005
@@ -3,11 +3,10 @@
Description:
Notes:
Bugs:
-upstream:
+upstream: released (2.4.26-pre4)
2.6.14:
2.6.8-sarge-security:
-2.4.27-sarge-security:
-2.6.8:
+2.4.27-sarge-security: N/A
2.4.19-woody-security: released (2.4.19-4.woody2)
2.4.18-woody-security: released (2.4.18-14.3)
2.4.17-woody-security: released (2.4.17-1woody3)
Modified: patch-tracking/CVE-2004-0178
==============================================================================
--- patch-tracking/CVE-2004-0178 (original)
+++ patch-tracking/CVE-2004-0178 Sun Dec 18 20:15:25 2005
@@ -1,13 +1,35 @@
Candidate: CVE-2004-0178
References:
+ http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000846
+ http://www.debian.org/security/2004/dsa-479
+ http://www.debian.org/security/2004/dsa-480
+ http://www.debian.org/security/2004/dsa-481
+ http://www.debian.org/security/2004/dsa-482
+ http://www.debian.org/security/2004/dsa-489
+ http://www.debian.org/security/2004/dsa-491
+ http://www.debian.org/security/2004/dsa-495
+ http://security.gentoo.org/glsa/glsa-200407-02.xml
+ http://www.mandrakesoft.com/security/advisories?name=MDKSA-2004:029
+ http://www.redhat.com/support/errata/RHSA-2004-413.html
+ http://www.redhat.com/support/errata/RHSA-2004-437.html
+ ftp://patches.sgi.com/support/free/security/advisories/20040804-01-U.asc
+ http://linux.bkbits.net:8080/linux-2.4/cset@404ce5967rY2Ryu6Z_uNbYh643wuFA
+ http://www.ciac.org/ciac/bulletins/o-121.shtml
+ http://www.ciac.org/ciac/bulletins/o-127.shtml
+ http://www.ciac.org/ciac/bulletins/o-193.shtml
+ http://www.securityfocus.com/bid/9985
+ http://xforce.iss.net/xforce/xfdb/15868
Description:
+ The OSS code for the Sound Blaster (sb16) driver in Linux 2.4.x
+ before 2.4.26, when operating in 16 bit mode, does not properly
+ handle certain sample sizes, which allows local users to cause a
+ denial of service (crash) via a sample with an odd number of bytes.
Notes:
Bugs:
-upstream:
+upstream: released (2.4.26-pre3)
2.6.14:
2.6.8-sarge-security:
-2.4.27-sarge-security:
-2.6.8:
+2.4.27-sarge-security: N/A
2.4.19-woody-security: released (2.4.19-4.woody2)
2.4.18-woody-security: released (2.4.18-14.3)
2.4.17-woody-security: released (2.4.17-1woody3)
Modified: patch-tracking/CVE-2004-0415
==============================================================================
--- patch-tracking/CVE-2004-0415 (original)
+++ patch-tracking/CVE-2004-0415 Sun Dec 18 20:15:25 2005
@@ -19,7 +19,7 @@
which allows local users to access portions of kernel memory.
Notes:
Bugs:
-upstream: released (2.4.27)
+upstream: released (2.4.27-rc6)
2.6.14:
2.6.8-sarge-security:
2.4.27-sarge-security: N/A
Modified: patch-tracking/CVE-2004-0495
==============================================================================
--- patch-tracking/CVE-2004-0495 (original)
+++ patch-tracking/CVE-2004-0495 Sun Dec 18 20:15:25 2005
@@ -28,10 +28,10 @@
checking tool.
Notes:
Bugs:
-upstream:
+upstream: released (2.4.27-rc1)
2.6.14:
2.6.8-sarge-security:
-2.4.27-sarge-security:
+2.4.27-sarge-security: N/A
2.6.8:
2.4.19-woody-security:
2.4.18-woody-security:
Modified: patch-tracking/CVE-2004-0497
==============================================================================
--- patch-tracking/CVE-2004-0497 (original)
+++ patch-tracking/CVE-2004-0497 Sun Dec 18 20:15:25 2005
@@ -18,11 +18,10 @@
Notes:
Changelog shows fixed in 2.4.26-3
Bugs:
-upstream:
+upstream: released (2.4.27)
2.6.14:
2.6.8-sarge-security:
-2.4.27-sarge-security:
-2.6.8:
+2.4.27-sarge-security: released (2.4.27-1)
2.4.19-woody-security:
2.4.18-woody-security:
2.4.17-woody-security:
Modified: patch-tracking/CVE-2004-0554
==============================================================================
--- patch-tracking/CVE-2004-0554 (original)
+++ patch-tracking/CVE-2004-0554 Sun Dec 18 20:15:25 2005
@@ -38,7 +38,7 @@
handler with a certain sequence of fsave and frstor instructions, as
originally demonstrated using a "crash.c" program.
Notes:
-Bugs:
+Bugs: 261521
upstream:
2.6.14:
2.6.8-sarge-security:
Modified: patch-tracking/CVE-2004-0790
==============================================================================
--- patch-tracking/CVE-2004-0790 (original)
+++ patch-tracking/CVE-2004-0790 Sun Dec 18 20:15:25 2005
@@ -30,7 +30,7 @@
and number of affected implementations and solutions that address the attacks
instead of the underlying vulnerabilities.
Notes:
-Bugs: 305655
+Bugs: 305655 305664
upstream:
2.6.14:
2.6.8-sarge-security: released (2.6.8-16) [net-ipv4-icmp-quench.dpatch]
More information about the Kernel-svn-changes
mailing list