[kernel] r5422 - patch-tracking
Dann Frazier
dannf at costa.debian.org
Thu Jan 12 07:06:56 UTC 2006
Author: dannf
Date: Thu Jan 12 07:06:52 2006
New Revision: 5422
Modified:
patch-tracking/CVE-2004-0136
Log:
i think this one is screwed up, and here's how i think it got that way...
Modified: patch-tracking/CVE-2004-0136
==============================================================================
--- patch-tracking/CVE-2004-0136 (original)
+++ patch-tracking/CVE-2004-0136 Thu Jan 12 07:06:52 2006
@@ -14,6 +14,20 @@
Notes:
Strange description, but I think this is actually a Linux issue; note the
RedHat URLs above.
+ .
+ dannf> I think I've traced this issue back to a flawed bug report, and that
+ dannf> this is really CAN-2004-0138.
+ + mitre references a RedHat advisory for this, RHSA-2004:504-13
+ + RHSA-2004:504-13 does in fact reference CVE-2004-0136
+ + RedHat notes that their fixed src.rpm is kernel-2.4.18-e.52.src.rpm
+ + The changelog in the spec file in the above .src.rpm contains the following
+ entry:
+ * Tue Nov 16 2004 Jim Paradis <jparadis at redhat.com>
+ - Fixes for security holes in binfmt_elf loader (Dave Anderson,
+ Jim Paradis), bugs 127916, 134876
+ + https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=127916 references
+ CVE-2004-0136, but the patches it links to are the fixes for
+ CVE-2004-0138
Bugs:
upstream:
linux-2.6:
More information about the Kernel-svn-changes
mailing list