[kernel] r5428 - patch-tracking

Moritz Muehlenhoff jmm-guest at costa.debian.org
Fri Jan 13 12:55:29 UTC 2006 

Author: jmm-guest
Date: Fri Jan 13 12:55:28 2006
New Revision: 5428

Modified:
   patch-tracking/CVE-2004-0136
   patch-tracking/CVE-2004-0138
Log:
Mark Cox from Red Hat clarified this.


Modified: patch-tracking/CVE-2004-0136
==============================================================================
--- patch-tracking/CVE-2004-0136	(original)
+++ patch-tracking/CVE-2004-0136	Fri Jan 13 12:55:28 2006
@@ -14,7 +14,6 @@
 Notes: 
  Strange description, but I think this is actually a Linux issue; note the
  RedHat URLs above.
- .
  dannf> I think I've traced this issue back to a flawed bug report, and that
  dannf> this is really CAN-2004-0138.
   + mitre references a RedHat advisory for this, RHSA-2004:504-13
@@ -28,15 +27,17 @@
   + https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=127916 references
     CVE-2004-0136, but the patches it links to are the fixes for
     CVE-2004-0138
+ jmm> Red Hat accidentally used CVE-2004-0138 for this in an advisory, pulling
+ jmm> over the entries from it
 Bugs: 
-upstream: 
+upstream: released (2.4.25-rc1)
 linux-2.6: 
 2.6.8-sarge-security: 
-2.4.27-sarge-security: 
-2.4.19-woody-security: 
-2.4.18-woody-security: 
-2.4.17-woody-security: 
-2.4.16-woody-security: 
-2.4.17-woody-security-hppa: 
-2.4.17-woody-security-ia64: 
-2.4.18-woody-security-hppa: 
+2.4.27-sarge-security: N/A
+2.4.19-woody-security: pending (2.4.19-4.woody3)
+2.4.18-woody-security: released (2.4.18-14.4)
+2.4.17-woody-security: pending (2.4.17-1woody4)
+2.4.16-woody-security: pending (2.4.16-1woody3)
+2.4.17-woody-security-hppa: pending (32.5)
+2.4.17-woody-security-ia64: pending (011226.18)
+2.4.18-woody-security-hppa: pending (62.4)

Modified: patch-tracking/CVE-2004-0138
==============================================================================
--- patch-tracking/CVE-2004-0138	(original)
+++ patch-tracking/CVE-2004-0138	Fri Jan 13 12:55:28 2006
@@ -8,15 +8,16 @@
     when the interpreter architecture doesn't match the current one
     <http://linux.bkbits.net:8080/linux-2.4/cset@4021346f79nBb-4X_usRikR3Iyb4Vg>
     [fs/binfmt_elf.c, CAN-2004-0138]
+ jmm> This was a previous Red Hat internal name for CVE-2004-0136, so
+ jmm> Red hat advisories, which fix this are in fact for CVE-2004-0136
 Bugs: 
-upstream: released (2.4.25-rc1)
 linux-2.6: N/A
 2.6.8-sarge-security: N/A
 2.4.27-sarge-security: N/A
-2.4.19-woody-security: pending (2.4.19-4.woody3)
-2.4.18-woody-security: released (2.4.18-14.4)
-2.4.17-woody-security: pending (2.4.17-1woody4)
-2.4.16-woody-security: pending (2.4.16-1woody3)
-2.4.17-woody-security-hppa: pending (32.5)
-2.4.17-woody-security-ia64: pending (011226.18)
-2.4.18-woody-security-hppa: pending (62.4)
+2.4.19-woody-security: N/A
+2.4.18-woody-security: N/A
+2.4.17-woody-security: N/A
+2.4.16-woody-security: N/A
+2.4.17-woody-security-hppa: N/A
+2.4.17-woody-security-ia64: N/A
+2.4.18-woody-security-hppa: N/A
\ No newline at end of file

More information about the Kernel-svn-changes mailing list