r4408 - people/horms/patch_notes/2.6-stable

Simon Horman horms at costa.debian.org
Tue Oct 11 10:36:26 UTC 2005 

Author: horms
Date: 2005-10-11 10:36:25 +0000 (Tue, 11 Oct 2005)
New Revision: 4408

Modified:
   people/horms/patch_notes/2.6-stable/2.6.13.4
Log:
2.6.13.4 annotations

Modified: people/horms/patch_notes/2.6-stable/2.6.13.4
===================================================================
--- people/horms/patch_notes/2.6-stable/2.6.13.4	2005-10-11 10:36:18 UTC (rev 4407)
+++ people/horms/patch_notes/2.6-stable/2.6.13.4	2005-10-11 10:36:25 UTC (rev 4408)
@@ -6,65 +6,71 @@
 
    Security: No
    2.6.13: applied
-   2.6.12: pending examination
-   2.6.8-sarge: will add to svn; ieee1394-sbp2-fixes-for-hot-unplug-and-module-unloading.dpatch
+   2.6.12: added to svn; ieee1394-sbp2-fixes-for-hot-unplug-and-module-unloading.patch
+   2.6.8-sarge: added to svn; ieee1394-sbp2-fixes-for-hot-unplug-and-module-unloading.dpatch
    2.6.8-sarge-security: not a security fix
-   2.4.27-sid/sarge: not applicable 
-   2.4.27-sarge-security:  not applicable; not a security fix
+   2.4.27-sid/sarge: not vulnerable 
+   2.4.27-sarge-security:  not vulnerable; not a security fix
 
- * orinoco: Information leakage due to incorrect padding
+ * [SECURITY] orinoco: Information leakage due to incorrect padding
    orinoco-info-leak.patch
 
-   Security: Yes
+   Security: Yes; Should request CVE
    2.6.13: applied
-   2.6.12: pending examination
-   2.6.8-sarge: will add to svn; backported; orinoco-info-leak.dpatch
-   2.6.8-sarge-security: will add to svn; backported; orinoco-info-leak.dpatch
-   2.4.27-sid/sarge: will add to svn; backported; orinoco-info-leak.diff
-   2.4.27-sarge-security: will add to svn; backported; orinoco-info-leak.diff
+   2.6.12: added to svn; orinoco-info-leak.patch
+   2.6.8-sarge: added to svn; backported; orinoco-info-leak.dpatch
+   2.6.8-sarge-security: added to svn; backported; orinoco-info-leak.dpatch
+   2.4.27-sid/sarge: added to svn; backported; 192_orinoco-info-leak.diff
+   2.4.27-sarge-security: added to svn; backported; 192_orinoco-info-leak.diff
 
  * [TCP]: BIC coding bug in Linux 2.6.13
    tcp-congestion-control-bug.patch
 
    Security: pending examination: 
    2.6.13: applied
-   2.6.12: pending examination
-   2.6.8-sarge: pending examination
-   2.6.8-sarge-security: pending examination
-   2.4.27-sid/sarge: pending examination
-   2.4.27-sarge-security: pending examination
+   2.6.12: not vulnerable
+   2.6.8-sarge: not vulnerable
+   2.6.8-sarge-security: not vulnerable; not a security fix
+   2.4.27-sid/sarge: not vulnerable
+   2.4.27-sarge-security: not vulnerable; not a security fix
 
- * Fix drm 'debug' sysfs permissions
+ * [SECURITY] Fix drm 'debug' sysfs permissions
    drm-module_param-permissions-fix.patch
 
-   Security: Yes
+   Security: Yes; Should request CVE
    2.6.13: applied
-   2.6.12: pending examination
-   2.6.8-sarge: pending examination
-   2.6.8-sarge-security: pending examination
-   2.4.27-sid/sarge: pending examination
-   2.4.27-sarge-security: pending examination
+   2.6.12: added to svn; drm-module_param-permissions-fix.patch
+   2.6.8-sarge: not vulnerable
+   2.6.8-sarge-security: not vulnerable
+   2.4.27-sid/sarge: not vulnerable
+   2.4.27-sarge-security: not vulnerable
 
  * [SPARC64]: Fix userland FPU state corruption.
    fix-sparc64-fpu-register-corruption.patch
 
-   Security: pending examination: 
+   Security: No
    2.6.13: applied
-   2.6.12: pending examination
-   2.6.8-sarge: pending examination
-   2.6.8-sarge-security: pending examination
-   2.4.27-sid/sarge: pending examination
-   2.4.27-sarge-security: pending examination
+   2.6.12: added to svn; backport; fix-sparc64-fpu-register-corruption.patch
+   2.6.8-sarge: added to svn; backport; fix-sparc64-fpu-register-corruption.dpatch
+   2.6.8-sarge-security: not a security fix
+   2.4.27-sid/sarge: not vulnerable
+   2.4.27-sarge-security: not vulnerable
 
+   N.B: Could someone please look at these backports.
+        They were trivial enough, but I have no way of testing them,
+	nor do I have a good grasp of sparc assembly.
+	I know this bug was painful to find, so presumably
+	a miss-fix would be simmilarly painful. -- Horms
+
  * Avoid 'names_cache' memory leak with CONFIG_AUDITSYSCALL
    plug-names_cache-memleak.patch
 
-   Security: pending examination: 
+   Security: No
    2.6.13: applied
-   2.6.12: pending examination
-   2.6.8-sarge: pending examination
-   2.6.8-sarge-security: pending examination
-   2.4.27-sid/sarge: pending examination
+   2.6.12: added to svn; backport; plug-names_cache-memleak.dpatch
+   2.6.8-sarge: added to svn; backport; plug-names_cache-memleak.dpatch
+   2.6.8-sarge-security: not a security fix
+   2.4.27-sid/sarge: added to svn; backport; 193_plug-names_cache-memleak.diff
    2.4.27-sarge-security: pending examination
 
  * [SECURITY] key: plug request_key_auth memleak
@@ -73,9 +79,9 @@
 
    Security: Yes; CAN-2005-3119
    2.6.13: applied
-   2.6.12: pending examination
-   2.6.8-sarge: pending examination
-   2.6.8-sarge-security: pending examination
-   2.4.27-sid/sarge: pending examination
-   2.4.27-sarge-security: pending examination
+   2.6.12: not vulnerable
+   2.6.8-sarge: not vulnerable
+   2.6.8-sarge-security: not vulnerable
+   2.4.27-sid/sarge: not vulnerable
+   2.4.27-sarge-security: not vulnerable

More information about the Kernel-svn-changes mailing list