[kernel] r4789 - patch-tracking
Dann Frazier
dannf at costa.debian.org
Sat Nov 12 00:35:02 UTC 2005
Author: dannf
Date: Sat Nov 12 00:35:01 2005
New Revision: 4789
Added:
patch-tracking/ipv6-skb-leak.dpatch
- copied, changed from r4788, patch-tracking/00boilerplate
patch-tracking/nptl-signal-delivery-deadlock-fix.dpatch
- copied unchanged from r4788, patch-tracking/nptl-signal-delivery-deadlock-fix
Removed:
patch-tracking/nptl-signal-delivery-deadlock-fix
Log:
updates
Copied: patch-tracking/ipv6-skb-leak.dpatch (from r4788, patch-tracking/00boilerplate)
==============================================================================
--- patch-tracking/00boilerplate (original)
+++ patch-tracking/ipv6-skb-leak.dpatch Sat Nov 12 00:35:01 2005
@@ -1,11 +1,18 @@
-Candidate:
+Candidate: ##NEEDED##
References:
+ CONFIRM:http://www.kernel.org/git/?p=linux/kernel/git/chrisw/linux-2.6.12.y.git;a=commit;h=f982542ed2f495cbe94e6d9001878f27ea738b36
+ MISC:http://lkml.org/lkml/2005/8/26/175
Description:
+ ip6_input_finish() contains a memory leak in Linux kernels prior to
+ 2.6.12.6 and 2.6.13. This could potentially be used to trigger a remote
+ denial of service (DoS) attack.
Notes:
+ dannf> Though the code in 2.4 is quite different, it looks to me like the
+ dannf> 2.4 code could be vulnerable.
Bugs:
-upstream:
-2.6.14:
-2.6.8-sarge-security:
+upstream: released (2.6.12.6, 2.6.13)
+2.6.14: N/A
+2.6.8-sarge-security: pending (2.6.8-16sarge2)
2.4.27-sarge-security:
2.6.8:
2.4.19-woody-security:
More information about the Kernel-svn-changes
mailing list