[kernel] r5904 - in patch-tracking: . dsa-texts

[Micah Anderson]

Author: micah
Date: Thu Feb 16 03:55:09 2006
New Revision: 5904

Removed:
   patch-tracking/lost-sockfd_put-in-32bit-compat-routing_ioctl
Modified:
   patch-tracking/CVE-2005-3044
   patch-tracking/dsa-texts/2.4.27-sarge2
   patch-tracking/dsa-texts/2.6.8-sarge2
Log:
Removed extra patch track issue as it is addressed in CVE-2004-3044, noted
this in that patch item.
Updated description for DSA 2.6.8 to address this, also filled in 
some blanks in 2.4.27 DSA


Modified: patch-tracking/CVE-2005-3044
==============================================================================
--- patch-tracking/CVE-2005-3044	(original)
+++ patch-tracking/CVE-2005-3044	Thu Feb 16 03:55:09 2006
@@ -19,9 +19,12 @@
  dannf> Though, I guess its possible that someone would try to build an amd64
  dannf> kernel out of our tree, so I marked 2.4 "needed" below.  Lowest of the
  dannf> low priorities though...
+ micah> there are actually two issues that are fixed in this CVE, so we
+ micah> have two patches... if you look at them they look REALLY similar, but they aren't
+ micah> dont be fooled
 upstream: released (2.6.13.2)
 linux-2.6: released (2.6.12-7, 2.6.13-1) [lost-fput-in-32bit-ioctl-on-x86-64.patch, linux-2.6.13.2.patch]
-2.6.8-sarge-security: pending (2.6.8-16sarge2) [lost-fput-in-32bit-ioctl-on-x86-64.dpatch]
+2.6.8-sarge-security: pending (2.6.8-16sarge2) [lost-fput-in-32bit-ioctl-on-x86-64.dpatch, lost-sockfd_put-in-32bit-compat-routing_ioctl.patch]
 2.4.27-sid/sarge: needed
 2.4.27-sarge-security: ignored (2.4.27-10sarge2)
 2.4.19-woody-security: 

Modified: patch-tracking/dsa-texts/2.4.27-sarge2
==============================================================================
--- patch-tracking/dsa-texts/2.4.27-sarge2	(original)
+++ patch-tracking/dsa-texts/2.4.27-sarge2	Thu Feb 16 03:55:09 2006
@@ -20,15 +20,20 @@
 
 CVE-2004-0887
 
-    foo
+    Martin Schwidefsky discovered that the privileged instruction SACF (Set
+    Address Space Control Fast) on the S/390 platform is not handled properly, 
+    allowing for a local user to gain root privileges.
 
 CVE-2004-1058
 
-    foo
+    A race condition allows for a local user to read the environment variables
+    of another process that is still spawning through /proc/.../cmdline.
 
 CVE-2004-2607
 
-    foo
+    A numeric casting discrepancy in sdla_xfer allows local users to read
+    portions of kernel memory via a large len argument which is received as an
+    int but cast to a short, which prevents a read loop from filling a buffer.
 
 CVE-2005-0449
     
@@ -38,7 +43,9 @@
 
 CVE-2005-1761
 
-    foo
+    The driver for compressed ISO file systems (zisofs) allows local users and
+    remote attackers to cause a kernel crash denial of service via a crafted
+    compressed ISO file system.
 
 CVE-2005-2457
 

Modified: patch-tracking/dsa-texts/2.6.8-sarge2
==============================================================================
--- patch-tracking/dsa-texts/2.6.8-sarge2	(original)
+++ patch-tracking/dsa-texts/2.6.8-sarge2	Thu Feb 16 03:55:09 2006
@@ -182,9 +182,6 @@
     It was discovered that ptrace() on the ia64 architecture allows a local denial of
     service attack, when preemption is enabled.
 
-lost-sockfd
-
-    foo
 
 The following matrix explains which kernel version for which architecture
 fix the problems mentioned above: