r4586 - people/horms/patch_notes/cve

[Micah Anderson]

Author: micah
Date: 2005-10-21 17:46:59 +0000 (Fri, 21 Oct 2005)
New Revision: 4586

Added:
   people/horms/patch_notes/cve/net-bridge-forwarding-poison-2.dpatch
Log:
Added new patch/CVE mapping, note used patch-name-used.diff field for pre-requisite patches


Added: people/horms/patch_notes/cve/net-bridge-forwarding-poison-2.dpatch
===================================================================
--- people/horms/patch_notes/cve/net-bridge-forwarding-poison-2.dpatch	2005-10-21 17:35:23 UTC (rev 4585)
+++ people/horms/patch_notes/cve/net-bridge-forwarding-poison-2.dpatch	2005-10-21 17:46:59 UTC (rev 4586)
@@ -0,0 +1,16 @@
+======================================================
+Candidate: CVE-2005-3272
+URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3272
+Reference:
+CONFIRM:http://linux.bkbits.net:8080/linux-2.6/cset@1.3097.18.19?nav=index.html|src/|src/net|src/net/bridge|related/net/bridge/br_input.c
+Description:
+ Linux kernel before 2.6.12 allows remote attackers to poison the
+ bridge forwarding table using frames that have already been dropped by
+ filtering, which can cause the bridge to forward spoofed packets.  
+
+Bug: [id, id, ...]
+fixed-upstream: [2.6.12(, version)*]
+2.6.13: (pending [(version)]|released [(version)]|N/A)[, backported][, patch-name-used.diff]
+2.6.12: (pending [(version)]|released [(version)]|N/A)[, backported][, patch-name-used.diff]
+2.6.8-sarge-security: (pending [(2.6.8-16sarge2)]|released [(2.6.8-16sarge1)])[, backported][, (net-bridge-forwarding-poison-1.dpatch), (net-bridge-mangle-oops-1.dpatch), (net-bridge-mangle-oops-2.dpatch)]
+2.4.27-sarge-security: (N/A)