[kernel] r4861 - patch-tracking
Dann Frazier
dannf at costa.debian.org
Mon Nov 21 23:45:48 UTC 2005
Author: dannf
Date: Mon Nov 21 23:45:46 2005
New Revision: 4861
Added:
patch-tracking/CVE-2003-0465
- copied, changed from r4860, patch-tracking/CAN-2003-0465
patch-tracking/CVE-2004-0136
- copied unchanged from r4860, patch-tracking/CAN-2004-0136
patch-tracking/CVE-2004-0415
- copied unchanged from r4860, patch-tracking/CAN-2004-0415
patch-tracking/CVE-2004-0427
- copied unchanged from r4860, patch-tracking/CAN-2004-0427
patch-tracking/CVE-2004-0447
- copied unchanged from r4860, patch-tracking/CAN-2004-0447
patch-tracking/CVE-2004-0491
- copied unchanged from r4860, patch-tracking/CAN-2004-0491
patch-tracking/CVE-2004-0495
- copied unchanged from r4860, patch-tracking/CAN-2004-0495
patch-tracking/CVE-2004-0497
- copied unchanged from r4860, patch-tracking/CAN-2004-0497
patch-tracking/CVE-2004-0535
- copied unchanged from r4860, patch-tracking/CAN-2004-0535
patch-tracking/CVE-2004-0554
- copied unchanged from r4860, patch-tracking/CAN-2004-0554
patch-tracking/CVE-2004-0565
- copied unchanged from r4860, patch-tracking/CAN-2004-0565
patch-tracking/CVE-2004-0587
- copied, changed from r4860, patch-tracking/CAN-2004-0587
patch-tracking/CVE-2004-0596
- copied unchanged from r4860, patch-tracking/CAN-2004-0596
patch-tracking/CVE-2004-0685
- copied unchanged from r4860, patch-tracking/CAN-2004-0685
patch-tracking/CVE-2004-0790
- copied unchanged from r4860, patch-tracking/CAN-2004-0790
patch-tracking/CVE-2004-0812
- copied unchanged from r4860, patch-tracking/CAN-2004-0812
patch-tracking/CVE-2004-0813
- copied unchanged from r4860, patch-tracking/CAN-2004-0813
patch-tracking/CVE-2004-0814
- copied, changed from r4860, patch-tracking/CAN-2004-0814
patch-tracking/CVE-2004-0816
- copied unchanged from r4860, patch-tracking/CAN-2004-0816
patch-tracking/CVE-2004-0883
- copied unchanged from r4860, patch-tracking/CAN-2004-0883
patch-tracking/CVE-2004-0949
- copied unchanged from r4860, patch-tracking/CAN-2004-0949
patch-tracking/CVE-2004-1016
- copied, changed from r4860, patch-tracking/CAN-2004-1016
patch-tracking/CVE-2004-1017
- copied unchanged from r4860, patch-tracking/CAN-2004-1017
patch-tracking/CVE-2004-1056
- copied unchanged from r4860, patch-tracking/CAN-2004-1056
patch-tracking/CVE-2004-1057
- copied unchanged from r4860, patch-tracking/CAN-2004-1057
patch-tracking/CVE-2004-1058
- copied unchanged from r4860, patch-tracking/CAN-2004-1058
patch-tracking/CVE-2004-1068
- copied, changed from r4859, patch-tracking/CAN-2004-1068
patch-tracking/CVE-2004-1070
- copied unchanged from r4860, patch-tracking/CAN-2004-1070
patch-tracking/CVE-2004-1071
- copied unchanged from r4860, patch-tracking/CAN-2004-1071
patch-tracking/CVE-2004-1072
- copied unchanged from r4860, patch-tracking/CAN-2004-1072
patch-tracking/CVE-2004-1073
- copied unchanged from r4860, patch-tracking/CAN-2004-1073
patch-tracking/CVE-2004-1074
- copied, changed from r4860, patch-tracking/CAN-2004-1074
patch-tracking/CVE-2004-1137
- copied unchanged from r4860, patch-tracking/CAN-2004-1137
patch-tracking/CVE-2004-1144
- copied unchanged from r4860, patch-tracking/CAN-2004-1144
patch-tracking/CVE-2004-1151
- copied unchanged from r4860, patch-tracking/CAN-2004-1151
patch-tracking/CVE-2004-1234
- copied unchanged from r4860, patch-tracking/CAN-2004-1234
patch-tracking/CVE-2004-1235
- copied unchanged from r4860, patch-tracking/CAN-2004-1235
patch-tracking/CVE-2004-1333
- copied unchanged from r4860, patch-tracking/CAN-2004-1333
patch-tracking/CVE-2004-1335
- copied unchanged from r4860, patch-tracking/CAN-2004-1335
patch-tracking/CVE-2004-1337
- copied unchanged from r4860, patch-tracking/CAN-2004-1337
patch-tracking/CVE-2005-0001
- copied unchanged from r4860, patch-tracking/CAN-2005-0001
patch-tracking/CVE-2005-0003
- copied unchanged from r4860, patch-tracking/CAN-2005-0003
patch-tracking/CVE-2005-0135
- copied unchanged from r4860, patch-tracking/CAN-2005-0135
patch-tracking/CVE-2005-0136
- copied unchanged from r4860, patch-tracking/CAN-2005-0136
patch-tracking/CVE-2005-0137
- copied unchanged from r4860, patch-tracking/CAN-2005-0137
patch-tracking/CVE-2005-0177
- copied unchanged from r4860, patch-tracking/CAN-2005-0177
patch-tracking/CVE-2005-0178
- copied unchanged from r4860, patch-tracking/CAN-2005-0178
patch-tracking/CVE-2005-0204
- copied unchanged from r4860, patch-tracking/CAN-2005-0204
patch-tracking/CVE-2005-0207
- copied unchanged from r4860, patch-tracking/CAN-2005-0207
patch-tracking/CVE-2005-0209
- copied unchanged from r4860, patch-tracking/CAN-2005-0209
patch-tracking/CVE-2005-0210
- copied unchanged from r4860, patch-tracking/CAN-2005-0210
patch-tracking/CVE-2005-0384
- copied unchanged from r4860, patch-tracking/CAN-2005-0384
patch-tracking/CVE-2005-0400
- copied unchanged from r4860, patch-tracking/CAN-2005-0400
patch-tracking/CVE-2005-0449
- copied, changed from r4853, patch-tracking/CAN-2005-0449
patch-tracking/CVE-2005-0529
- copied unchanged from r4860, patch-tracking/CAN-2005-0529
patch-tracking/CVE-2005-0530
- copied unchanged from r4860, patch-tracking/CAN-2005-0530
patch-tracking/CVE-2005-0531
- copied unchanged from r4860, patch-tracking/CAN-2005-0531
patch-tracking/CVE-2005-0532
- copied unchanged from r4860, patch-tracking/CAN-2005-0532
patch-tracking/CVE-2005-0749
- copied unchanged from r4860, patch-tracking/CAN-2005-0749
patch-tracking/CVE-2005-0750
- copied unchanged from r4860, patch-tracking/CAN-2005-0750
patch-tracking/CVE-2005-0815
- copied unchanged from r4860, patch-tracking/CAN-2005-0815
patch-tracking/CVE-2005-0839
- copied unchanged from r4860, patch-tracking/CAN-2005-0839
patch-tracking/CVE-2005-1263
- copied unchanged from r4860, patch-tracking/CAN-2005-1263
patch-tracking/CVE-2005-1264
- copied unchanged from r4860, patch-tracking/CAN-2005-1264
patch-tracking/CVE-2005-1764
- copied, changed from r4853, patch-tracking/CAN-2005-1764
patch-tracking/CVE-2005-1768
- copied, changed from r4853, patch-tracking/CAN-2005-1768
patch-tracking/CVE-2005-1913
- copied, changed from r4853, patch-tracking/CAN-2005-1913
patch-tracking/CVE-2005-2098
- copied, changed from r4853, patch-tracking/CAN-2005-2098
patch-tracking/CVE-2005-2099
- copied, changed from r4853, patch-tracking/CAN-2005-2099
patch-tracking/CVE-2005-2457
- copied, changed from r4853, patch-tracking/CAN-2005-2457
patch-tracking/CVE-2005-2458
- copied, changed from r4853, patch-tracking/CAN-2005-2458
patch-tracking/CVE-2005-2459
- copied, changed from r4853, patch-tracking/CAN-2005-2459
patch-tracking/CVE-2005-2490
- copied, changed from r4853, patch-tracking/CAN-2005-2490
patch-tracking/CVE-2005-2492
- copied, changed from r4853, patch-tracking/CAN-2005-2492
patch-tracking/CVE-2005-2548
- copied, changed from r4853, patch-tracking/CAN-2005-2548
patch-tracking/CVE-2005-2553
- copied, changed from r4853, patch-tracking/CAN-2005-2553
patch-tracking/CVE-2005-2555
- copied, changed from r4853, patch-tracking/CAN-2005-2555
patch-tracking/CVE-2005-2800
- copied, changed from r4853, patch-tracking/CAN-2005-2800
patch-tracking/CVE-2005-2872
- copied, changed from r4853, patch-tracking/CAN-2005-2872
patch-tracking/CVE-2005-2873
- copied, changed from r4853, patch-tracking/CAN-2005-2873
patch-tracking/CVE-2005-3044
- copied, changed from r4853, patch-tracking/CAN-2005-3044
patch-tracking/CVE-2005-3053
- copied, changed from r4853, patch-tracking/CAN-2005-3053
patch-tracking/CVE-2005-3055
- copied, changed from r4853, patch-tracking/CAN-2005-3055
patch-tracking/CVE-2005-3055.patch
- copied, changed from r4853, patch-tracking/CAN-2005-3055.patch
patch-tracking/CVE-2005-3105
- copied, changed from r4853, patch-tracking/CAN-2005-3105
patch-tracking/CVE-2005-3106
- copied, changed from r4853, patch-tracking/CAN-2005-3106
patch-tracking/CVE-2005-3107
- copied, changed from r4853, patch-tracking/CAN-2005-3107
patch-tracking/CVE-2005-3108
- copied, changed from r4853, patch-tracking/CAN-2005-3108
patch-tracking/CVE-2005-3109
- copied, changed from r4853, patch-tracking/CAN-2005-3109
patch-tracking/CVE-2005-3110
- copied, changed from r4853, patch-tracking/CAN-2005-3110
patch-tracking/CVE-2005-3119
- copied, changed from r4853, patch-tracking/CAN-2005-3119
patch-tracking/CVE-2005-3179
- copied, changed from r4853, patch-tracking/CAN-2005-3179
patch-tracking/CVE-2005-3180
- copied, changed from r4853, patch-tracking/CAN-2005-3180
Removed:
patch-tracking/CAN-2003-0465
patch-tracking/CAN-2004-0136
patch-tracking/CAN-2004-0415
patch-tracking/CAN-2004-0427
patch-tracking/CAN-2004-0447
patch-tracking/CAN-2004-0491
patch-tracking/CAN-2004-0495
patch-tracking/CAN-2004-0497
patch-tracking/CAN-2004-0535
patch-tracking/CAN-2004-0554
patch-tracking/CAN-2004-0565
patch-tracking/CAN-2004-0587
patch-tracking/CAN-2004-0596
patch-tracking/CAN-2004-0685
patch-tracking/CAN-2004-0790
patch-tracking/CAN-2004-0812
patch-tracking/CAN-2004-0813
patch-tracking/CAN-2004-0814
patch-tracking/CAN-2004-0816
patch-tracking/CAN-2004-0883
patch-tracking/CAN-2004-0949
patch-tracking/CAN-2004-1016
patch-tracking/CAN-2004-1017
patch-tracking/CAN-2004-1056
patch-tracking/CAN-2004-1057
patch-tracking/CAN-2004-1058
patch-tracking/CAN-2004-1068
patch-tracking/CAN-2004-1070
patch-tracking/CAN-2004-1071
patch-tracking/CAN-2004-1072
patch-tracking/CAN-2004-1073
patch-tracking/CAN-2004-1074
patch-tracking/CAN-2004-1137
patch-tracking/CAN-2004-1144
patch-tracking/CAN-2004-1151
patch-tracking/CAN-2004-1234
patch-tracking/CAN-2004-1235
patch-tracking/CAN-2004-1333
patch-tracking/CAN-2004-1335
patch-tracking/CAN-2004-1337
patch-tracking/CAN-2005-0001
patch-tracking/CAN-2005-0003
patch-tracking/CAN-2005-0135
patch-tracking/CAN-2005-0136
patch-tracking/CAN-2005-0137
patch-tracking/CAN-2005-0177
patch-tracking/CAN-2005-0178
patch-tracking/CAN-2005-0204
patch-tracking/CAN-2005-0207
patch-tracking/CAN-2005-0209
patch-tracking/CAN-2005-0210
patch-tracking/CAN-2005-0384
patch-tracking/CAN-2005-0400
patch-tracking/CAN-2005-0449
patch-tracking/CAN-2005-0529
patch-tracking/CAN-2005-0530
patch-tracking/CAN-2005-0531
patch-tracking/CAN-2005-0532
patch-tracking/CAN-2005-0749
patch-tracking/CAN-2005-0750
patch-tracking/CAN-2005-0815
patch-tracking/CAN-2005-0839
patch-tracking/CAN-2005-1263
patch-tracking/CAN-2005-1264
patch-tracking/CAN-2005-1764
patch-tracking/CAN-2005-1768
patch-tracking/CAN-2005-1913
patch-tracking/CAN-2005-2098
patch-tracking/CAN-2005-2099
patch-tracking/CAN-2005-2457
patch-tracking/CAN-2005-2458
patch-tracking/CAN-2005-2459
patch-tracking/CAN-2005-2490
patch-tracking/CAN-2005-2492
patch-tracking/CAN-2005-2548
patch-tracking/CAN-2005-2553
patch-tracking/CAN-2005-2555
patch-tracking/CAN-2005-2800
patch-tracking/CAN-2005-2872
patch-tracking/CAN-2005-2873
patch-tracking/CAN-2005-3044
patch-tracking/CAN-2005-3053
patch-tracking/CAN-2005-3055
patch-tracking/CAN-2005-3055.patch
patch-tracking/CAN-2005-3105
patch-tracking/CAN-2005-3106
patch-tracking/CAN-2005-3107
patch-tracking/CAN-2005-3108
patch-tracking/CAN-2005-3109
patch-tracking/CAN-2005-3110
patch-tracking/CAN-2005-3119
patch-tracking/CAN-2005-3179
patch-tracking/CAN-2005-3180
Modified:
patch-tracking/CVE-2005-3181
patch-tracking/lost-sockfd_put-in-32bit-compat-routing_ioctl
Log:
mitre is retroactively using CVE-XXXX-XXX instead of CAN-XXXX-XXXX, let's do
the same
Copied: patch-tracking/CVE-2003-0465 (from r4860, patch-tracking/CAN-2003-0465)
==============================================================================
--- patch-tracking/CAN-2003-0465 (original)
+++ patch-tracking/CVE-2003-0465 Mon Nov 21 23:45:46 2005
@@ -1,4 +1,4 @@
-Candidate: CAN-2003-0465
+Candidate: CVE-2003-0465
References:
CONFIRM:http://marc.theaimsgroup.com/?l=linux-kernel&m=105796021120436&w=2
CONFIRM:http://marc.theaimsgroup.com/?l=linux-kernel&m=105796415223490&w=2
Copied: patch-tracking/CVE-2004-0587 (from r4860, patch-tracking/CAN-2004-0587)
==============================================================================
--- patch-tracking/CAN-2004-0587 (original)
+++ patch-tracking/CVE-2004-0587 Mon Nov 21 23:45:46 2005
@@ -23,7 +23,7 @@
allows local users to cause a denial of service.
Notes:
2.4.26-3 has the note:
- CAN-2004-0587 code is not present, not vulnerable
+ CVE-2004-0587 code is not present, not vulnerable
So the question is, did the code get added when we moved to 2.4.27, and
was it still vulnerable?
Bugs:
Copied: patch-tracking/CVE-2004-0814 (from r4860, patch-tracking/CAN-2004-0814)
==============================================================================
--- patch-tracking/CAN-2004-0814 (original)
+++ patch-tracking/CVE-2004-0814 Mon Nov 21 23:45:46 2005
@@ -1,6 +1,6 @@
Candidate: CVE-2004-0814
References:
- BUGTRAQ:20041020 CAN-2004-0814: Linux terminal layer races
+ BUGTRAQ:20041020 CVE-2004-0814: Linux terminal layer races
URL:http://www.securityfocus.com/archive/1/379005
CONFIRM:http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=131672
CONFIRM:http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=133110
Copied: patch-tracking/CVE-2004-1016 (from r4860, patch-tracking/CAN-2004-1016)
==============================================================================
--- patch-tracking/CAN-2004-1016 (original)
+++ patch-tracking/CVE-2004-1016 Mon Nov 21 23:45:46 2005
@@ -18,7 +18,7 @@
hang) via crafted auxiliary messages that are passed to the sendmsg function,
which causes a deadlock condition.
Notes:
- dannf> 2.4.27 has a reference to CAN-2004-1016 in the changelog, but it looks
+ dannf> 2.4.27 has a reference to CVE-2004-1016 in the changelog, but it looks
like it referred to the wrong issue - our 2.4.27 may still be
vulnerable.
Bugs:
Copied: patch-tracking/CVE-2004-1068 (from r4859, patch-tracking/CAN-2004-1068)
==============================================================================
--- patch-tracking/CAN-2004-1068 (original)
+++ patch-tracking/CVE-2004-1068 Mon Nov 21 23:45:46 2005
@@ -1,4 +1,4 @@
-Candidate: CAN-2004-1068
+Candidate: CVE-2004-1068
References:
BUGTRAQ:20041119 Addendum, recent Linux <= 2.4.27 vulnerabilities
URL:http://www.securityfocus.com/archive/1/381689
Copied: patch-tracking/CVE-2004-1074 (from r4860, patch-tracking/CAN-2004-1074)
==============================================================================
--- patch-tracking/CAN-2004-1074 (original)
+++ patch-tracking/CVE-2004-1074 Mon Nov 21 23:45:46 2005
@@ -23,7 +23,7 @@
upstream:
2.6.14:
2.6.8-sarge-security: released (2.6.8-11) [binfmt-huge-vma-dos.dpatch, binfmt-huge-vma-dos2.dpatch]
-2.4.27-sarge-security: released (2.4.27-7) [114-binfmt_aout-CAN-2004-1074.diff]
+2.4.27-sarge-security: released (2.4.27-7) [114-binfmt_aout-CVE-2004-1074.diff]
2.6.8: released (2.6.8-11) [binfmt-huge-vma-dos.dpatch, binfmt-huge-vma-dos2.dpatch]
2.4.19-woody-security:
2.4.18-woody-security:
Copied: patch-tracking/CVE-2005-0449 (from r4853, patch-tracking/CAN-2005-0449)
==============================================================================
--- patch-tracking/CAN-2005-0449 (original)
+++ patch-tracking/CVE-2005-0449 Mon Nov 21 23:45:46 2005
@@ -1,4 +1,4 @@
-Candidate: CAN-2005-0449
+Candidate: CVE-2005-0449
References:
URL:http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-0449
Description:
Copied: patch-tracking/CVE-2005-1764 (from r4853, patch-tracking/CAN-2005-1764)
==============================================================================
--- patch-tracking/CAN-2005-1764 (original)
+++ patch-tracking/CVE-2005-1764 Mon Nov 21 23:45:46 2005
@@ -1,6 +1,6 @@
-Candidate: CAN-2005-1764
+Candidate: CVE-2005-1764
References:
- URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1764
+ URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-1764
Final-Decision:
Interim-Decision:
Modified:
Copied: patch-tracking/CVE-2005-1768 (from r4853, patch-tracking/CAN-2005-1768)
==============================================================================
--- patch-tracking/CAN-2005-1768 (original)
+++ patch-tracking/CVE-2005-1768 Mon Nov 21 23:45:46 2005
@@ -1,6 +1,6 @@
-Candidate: CAN-2005-1768
+Candidate: CVE-2005-1768
References:
- URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1768
+ URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-1768
Final-Decision:
Interim-Decision:
Modified:
Copied: patch-tracking/CVE-2005-1913 (from r4853, patch-tracking/CAN-2005-1913)
==============================================================================
--- patch-tracking/CAN-2005-1913 (original)
+++ patch-tracking/CVE-2005-1913 Mon Nov 21 23:45:46 2005
@@ -1,6 +1,6 @@
-Candidate: CAN-2005-1913
+Candidate: CVE-2005-1913
References:
- URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1913
+ URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-1913
Final-Decision:
Interim-Decision:
Modified:
Copied: patch-tracking/CVE-2005-2098 (from r4853, patch-tracking/CAN-2005-2098)
==============================================================================
--- patch-tracking/CAN-2005-2098 (original)
+++ patch-tracking/CVE-2005-2098 Mon Nov 21 23:45:46 2005
@@ -1,6 +1,6 @@
-Candidate: CAN-2005-2098
+Candidate: CVE-2005-2098
References:
- URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2098
+ URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2098
Final-Decision:
Interim-Decision:
Modified:
Copied: patch-tracking/CVE-2005-2099 (from r4853, patch-tracking/CAN-2005-2099)
==============================================================================
--- patch-tracking/CAN-2005-2099 (original)
+++ patch-tracking/CVE-2005-2099 Mon Nov 21 23:45:46 2005
@@ -1,6 +1,6 @@
-Candidate: CAN-2005-2099
+Candidate: CVE-2005-2099
References:
- URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2099
+ URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2099
Final-Decision:
Interim-Decision:
Modified:
Copied: patch-tracking/CVE-2005-2457 (from r4853, patch-tracking/CAN-2005-2457)
==============================================================================
--- patch-tracking/CAN-2005-2457 (original)
+++ patch-tracking/CVE-2005-2457 Mon Nov 21 23:45:46 2005
@@ -1,6 +1,6 @@
-Candidate: CAN-2005-2457
+Candidate: CVE-2005-2457
References:
- URL:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2457
+ URL:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2457
CONFIRM:http://kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.12.5
UBUNTU:USN-169-1
URL:http://www.ubuntulinux.org/support/documentation/usn/usn-169-1
Copied: patch-tracking/CVE-2005-2458 (from r4853, patch-tracking/CAN-2005-2458)
==============================================================================
--- patch-tracking/CAN-2005-2458 (original)
+++ patch-tracking/CVE-2005-2458 Mon Nov 21 23:45:46 2005
@@ -1,6 +1,6 @@
-Candidate: CAN-2005-2458
+Candidate: CVE-2005-2458
References:
- URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2458
+ URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2458
Final-Decision:
Interim-Decision:
Modified:
Copied: patch-tracking/CVE-2005-2459 (from r4853, patch-tracking/CAN-2005-2459)
==============================================================================
--- patch-tracking/CAN-2005-2459 (original)
+++ patch-tracking/CVE-2005-2459 Mon Nov 21 23:45:46 2005
@@ -1,6 +1,6 @@
-Candidate: CAN-2005-2459
+Candidate: CVE-2005-2459
References:
- URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2459
+ URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2459
MISC:http://bugs.gentoo.org/show_bug.cgi?id=94584
CONFIRM:http://kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.12.5
UBUNTU:USN-169-1
@@ -12,7 +12,7 @@
kernel before 2.6.12.5 returns the wrong value, which allows remote
attackers to cause a denial of service (kernel crash) via a certain
compressed file that leads to a null pointer dereference, a different
- vulnerability than CAN-2005-2458.
+ vulnerability than CVE-2005-2458.
Notes:
This is a bogus fix that was applied in 2.6.12.5 and reverted in 2.6.12.6
http://kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.12.6
Copied: patch-tracking/CVE-2005-2490 (from r4853, patch-tracking/CAN-2005-2490)
==============================================================================
--- patch-tracking/CAN-2005-2490 (original)
+++ patch-tracking/CVE-2005-2490 Mon Nov 21 23:45:46 2005
@@ -1,6 +1,6 @@
-Candidate: CAN-2005-2490
+Candidate: CVE-2005-2490
References:
- URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2490
+ URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2490
Final-Decision:
Interim-Decision:
Modified:
Copied: patch-tracking/CVE-2005-2492 (from r4853, patch-tracking/CAN-2005-2492)
==============================================================================
--- patch-tracking/CAN-2005-2492 (original)
+++ patch-tracking/CVE-2005-2492 Mon Nov 21 23:45:46 2005
@@ -1,6 +1,6 @@
-Candidate: CAN-2005-2492
+Candidate: CVE-2005-2492
References:
- URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2492
+ URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2492
Final-Decision:
Interim-Decision:
Modified:
Copied: patch-tracking/CVE-2005-2548 (from r4853, patch-tracking/CAN-2005-2548)
==============================================================================
--- patch-tracking/CAN-2005-2548 (original)
+++ patch-tracking/CVE-2005-2548 Mon Nov 21 23:45:46 2005
@@ -1,6 +1,6 @@
-Candidate: CAN-2005-2548
+Candidate: CVE-2005-2548
References:
- URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2548
+ URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2548
Final-Decision:
Interim-Decision:
Modified:
Copied: patch-tracking/CVE-2005-2553 (from r4853, patch-tracking/CAN-2005-2553)
==============================================================================
--- patch-tracking/CAN-2005-2553 (original)
+++ patch-tracking/CVE-2005-2553 Mon Nov 21 23:45:46 2005
@@ -1,4 +1,4 @@
-Candidate: CAN-2005-2553
+Candidate: CVE-2005-2553
References:
URL:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2553
CONFIRM:http://lkml.org/lkml/2005/1/5/245
Copied: patch-tracking/CVE-2005-2555 (from r4853, patch-tracking/CAN-2005-2555)
==============================================================================
--- patch-tracking/CAN-2005-2555 (original)
+++ patch-tracking/CVE-2005-2555 Mon Nov 21 23:45:46 2005
@@ -1,6 +1,6 @@
-Candidate: CAN-2005-2555
+Candidate: CVE-2005-2555
References:
- URL:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2555
+ URL:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2555
Description:
Linux kernel 2.6.x does not properly restrict socket policy access to users
with the CAP_NET_ADMIN capability, which could allow local users to conduct
Copied: patch-tracking/CVE-2005-2800 (from r4853, patch-tracking/CAN-2005-2800)
==============================================================================
--- patch-tracking/CAN-2005-2800 (original)
+++ patch-tracking/CVE-2005-2800 Mon Nov 21 23:45:46 2005
@@ -1,6 +1,6 @@
-Candidate: CAN-2005-2800
+Candidate: CVE-2005-2800
References:
- URL:http://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=CAN-2005-2800
+ URL:http://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=CVE-2005-2800
Description:
Memory leak in the seq_file implemenetation in the SCSI procfs interface
(sg.c) in Linux kernel 2.6.13 and earlier allows local users to cause a
Copied: patch-tracking/CVE-2005-2872 (from r4853, patch-tracking/CAN-2005-2872)
==============================================================================
--- patch-tracking/CAN-2005-2872 (original)
+++ patch-tracking/CVE-2005-2872 Mon Nov 21 23:45:46 2005
@@ -1,6 +1,6 @@
-Candidate: CAN-2005-2872
+Candidate: CVE-2005-2872
References:
- URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2872
+ URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2872
Final-Decision:
Interim-Decision:
Modified:
@@ -16,7 +16,7 @@
attackers to cause a denial of service (kernel panic) via certain
attacks such as SSH brute force, which leads to memset calls using a
length based on the u_int32_t type, acting on an array of unsigned
- long elements, a different vulnerability than CAN-2005-2873.
+ long elements, a different vulnerability than CVE-2005-2873.
upstream: released (2.6.12)
2.6.13: N/A
2.6.12: N/A
Copied: patch-tracking/CVE-2005-2873 (from r4853, patch-tracking/CAN-2005-2873)
==============================================================================
--- patch-tracking/CAN-2005-2873 (original)
+++ patch-tracking/CVE-2005-2873 Mon Nov 21 23:45:46 2005
@@ -1,6 +1,6 @@
-Candidate: CAN-2005-2873
+Candidate: CVE-2005-2873
References:
- URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2873
+ URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2873
Final-Decision:
Interim-Decision:
Modified:
@@ -13,7 +13,7 @@
earlier does not properly perform certain time tests when the jiffies
value is greater than LONG_MAX, which can cause ipt_recent netfilter
rules to block too early, a different vulnerability than
- CAN-2005-2872.
+ CVE-2005-2872.
Notes:
horms> No patch that is acceptable upstream is available
http://lists.debian.org/debian-kernel/2005/09/msg00257.html
Copied: patch-tracking/CVE-2005-3044 (from r4853, patch-tracking/CAN-2005-3044)
==============================================================================
--- patch-tracking/CAN-2005-3044 (original)
+++ patch-tracking/CVE-2005-3044 Mon Nov 21 23:45:46 2005
@@ -1,6 +1,6 @@
-Candidate: CAN-2005-3044
+Candidate: CVE-2005-3044
References:
- URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-3044
+ URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3044
Final-Decision:
Interim-Decision:
Modified:
Copied: patch-tracking/CVE-2005-3053 (from r4853, patch-tracking/CAN-2005-3053)
==============================================================================
--- patch-tracking/CAN-2005-3053 (original)
+++ patch-tracking/CVE-2005-3053 Mon Nov 21 23:45:46 2005
@@ -1,6 +1,6 @@
-Candidate: CAN-2005-3053
+Candidate: CVE-2005-3053
References:
- URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-3053
+ URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3053
Final-Decision:
Interim-Decision:
Modified:
Copied: patch-tracking/CVE-2005-3055 (from r4853, patch-tracking/CAN-2005-3055)
==============================================================================
--- patch-tracking/CAN-2005-3055 (original)
+++ patch-tracking/CVE-2005-3055 Mon Nov 21 23:45:46 2005
@@ -1,6 +1,6 @@
-Candidate: CAN-2005-3055
+Candidate: CVE-2005-3055
References:
- URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-3055
+ URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3055
Final-Decision:
Interim-Decision:
Modified:
Copied: patch-tracking/CVE-2005-3055.patch (from r4853, patch-tracking/CAN-2005-3055.patch)
==============================================================================
--- patch-tracking/CAN-2005-3055.patch (original)
+++ patch-tracking/CVE-2005-3055.patch Mon Nov 21 23:45:46 2005
@@ -5,7 +5,7 @@
* 22.12.1999 0.1 Initial release (split from proc_usb.c)
* 04.01.2000 0.2 Turned into its own filesystem
+ * 30.09.2005 0.3 Fix user-triggerable oops in async URB delivery
-+ * (CAN-2005-3055)
++ * (CVE-2005-3055)
*/
/*****************************************************************************/
Copied: patch-tracking/CVE-2005-3105 (from r4853, patch-tracking/CAN-2005-3105)
==============================================================================
--- patch-tracking/CAN-2005-3105 (original)
+++ patch-tracking/CVE-2005-3105 Mon Nov 21 23:45:46 2005
@@ -1,6 +1,6 @@
-Candidate: CAN-2005-3105
+Candidate: CVE-2005-3105
References:
- URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-3105
+ URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3105
Final-Decision:
Interim-Decision:
Modified:
Copied: patch-tracking/CVE-2005-3106 (from r4853, patch-tracking/CAN-2005-3106)
==============================================================================
--- patch-tracking/CAN-2005-3106 (original)
+++ patch-tracking/CVE-2005-3106 Mon Nov 21 23:45:46 2005
@@ -1,6 +1,6 @@
-Candidate: CAN-2005-3106
+Candidate: CVE-2005-3106
References:
- URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-3106
+ URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3106
Final-Decision:
Interim-Decision:
Modified:
@@ -15,7 +15,7 @@
while waiting for a thread that has just performed an exec.
.
Extra information from Moritz Muehlenhof:
- CAN-2005-3106:
+ CVE-2005-3106:
DoS through race condition in processes that share a memory mapping through
CLONE_VM
http://linux.bkbits.net:8080/linux-2.6/diffs/fs/exec.c@1.156?nav=index.html|src/|src/fs|hist/fs/exec.c
Copied: patch-tracking/CVE-2005-3107 (from r4853, patch-tracking/CAN-2005-3107)
==============================================================================
--- patch-tracking/CAN-2005-3107 (original)
+++ patch-tracking/CVE-2005-3107 Mon Nov 21 23:45:46 2005
@@ -1,6 +1,6 @@
-Candidate: CAN-2005-3107
+Candidate: CVE-2005-3107
References:
- URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-3107
+ URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3107
Final-Decision:
Interim-Decision:
Modified:
Copied: patch-tracking/CVE-2005-3108 (from r4853, patch-tracking/CAN-2005-3108)
==============================================================================
--- patch-tracking/CAN-2005-3108 (original)
+++ patch-tracking/CVE-2005-3108 Mon Nov 21 23:45:46 2005
@@ -1,6 +1,6 @@
-Candidate: CAN-2005-3108
+Candidate: CVE-2005-3108
References:
- URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-3108
+ URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3108
Final-Decision:
Interim-Decision:
Modified:
Copied: patch-tracking/CVE-2005-3109 (from r4853, patch-tracking/CAN-2005-3109)
==============================================================================
--- patch-tracking/CAN-2005-3109 (original)
+++ patch-tracking/CVE-2005-3109 Mon Nov 21 23:45:46 2005
@@ -1,6 +1,6 @@
-Candidate: CAN-2005-3109
+Candidate: CVE-2005-3109
References:
- URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-3109
+ URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3109
Final-Decision:
Interim-Decision:
Modified:
Copied: patch-tracking/CVE-2005-3110 (from r4853, patch-tracking/CAN-2005-3110)
==============================================================================
--- patch-tracking/CAN-2005-3110 (original)
+++ patch-tracking/CVE-2005-3110 Mon Nov 21 23:45:46 2005
@@ -1,6 +1,6 @@
-Candidate: CAN-2005-3110
+Candidate: CVE-2005-3110
References:
- URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-3110
+ URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3110
Final-Decision:
Interim-Decision:
Modified:
Copied: patch-tracking/CVE-2005-3119 (from r4853, patch-tracking/CAN-2005-3119)
==============================================================================
--- patch-tracking/CAN-2005-3119 (original)
+++ patch-tracking/CVE-2005-3119 Mon Nov 21 23:45:46 2005
@@ -1,6 +1,6 @@
-Candidate: CAN-2005-3119
+Candidate: CVE-2005-3119
References:
- URL:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-3119
+ URL:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3119
CONFIRM:http://linux.bkbits.net:8080/linux-2.6/cset@43483fddCiQX1WyG_orbko06TrjMVA
REDHAT:RHSA-2005:808
URL:http://www.redhat.com/support/errata/RHSA-2005-808.html
Copied: patch-tracking/CVE-2005-3179 (from r4853, patch-tracking/CAN-2005-3179)
==============================================================================
--- patch-tracking/CAN-2005-3179 (original)
+++ patch-tracking/CVE-2005-3179 Mon Nov 21 23:45:46 2005
@@ -1,6 +1,6 @@
-Candidate: CAN-2005-3179
+Candidate: CVE-2005-3179
References:
- URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-3179
+ URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3179
Reference: CONFIRM:http://www.kernel.org/hg/linux-2.6/?cmd=changeset;node=d7067d7d1f92cba14963a430cfbd53098cbbc8fd
Reference: CONFIRM:http://bugs.gentoo.org/show_bug.cgi?id=107893
Description:
Copied: patch-tracking/CVE-2005-3180 (from r4853, patch-tracking/CAN-2005-3180)
==============================================================================
--- patch-tracking/CAN-2005-3180 (original)
+++ patch-tracking/CVE-2005-3180 Mon Nov 21 23:45:46 2005
@@ -1,6 +1,6 @@
-Candidate: CAN-2005-3180
+Candidate: CVE-2005-3180
References:
- URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-3180
+ URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3180
CONFIRM:http://www.kernel.org/hg/linux-2.6/?cmd=changeset;node=feecb2ffde28639e60ede769c6f817dc536c677b
Description:
The Orinoco driver (orinoco.c) in Linux kernel 2.6.13 and earlier does
Modified: patch-tracking/CVE-2005-3181
==============================================================================
--- patch-tracking/CVE-2005-3181 (original)
+++ patch-tracking/CVE-2005-3181 Mon Nov 21 23:45:46 2005
@@ -1,6 +1,6 @@
-Candidate: CAN-2005-3181
+Candidate: CVE-2005-3181
References:
- URL: http://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=CAN-2005-3181
+ URL: http://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=CVE-2005-3181
CONFIRM: http://www.kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=829841146878e082613a49581ae252c071057c23
Description:
Linux kernel before 2.6.13.4, when CONFIG_AUDITSYSCALL is enabled, uses an
Modified: patch-tracking/lost-sockfd_put-in-32bit-compat-routing_ioctl
==============================================================================
--- patch-tracking/lost-sockfd_put-in-32bit-compat-routing_ioctl (original)
+++ patch-tracking/lost-sockfd_put-in-32bit-compat-routing_ioctl Mon Nov 21 23:45:46 2005
@@ -2,7 +2,7 @@
References:
Description: lost sockfd_put() in routing_ioctl(); local DoS
Notes:
- dannf> Is this part of CAN-2005-3044, or something different?
+ dannf> Is this part of CVE-2005-3044, or something different?
Bugs:
upstream: released (2.6.13.2)
2.6.14:
More information about the Kernel-svn-changes
mailing list