[kernel] r5626 - patch-tracking
Dann Frazier
dannf at costa.debian.org
Mon Jan 30 00:29:47 UTC 2006
Author: dannf
Date: Mon Jan 30 00:29:46 2006
New Revision: 5626
Modified:
patch-tracking/CVE-2005-0529
Log:
doesn't apply to 2.4; fixed in 2.6.11
Modified: patch-tracking/CVE-2005-0529
==============================================================================
--- patch-tracking/CVE-2005-0529 (original)
+++ patch-tracking/CVE-2005-0529 Mon Jan 30 00:29:46 2006
@@ -16,15 +16,16 @@
a heap-based buffer overflow when a signed comparison causes negative integers
to be used in a positive context.
Notes:
+ dannf> 2.4 doesn't do the signed cast, so it shouldn't be vulnerable
Bugs:
-upstream:
-linux-2.6:
+upstream: released (2.6.11)
+linux-2.6: released (2.6.11-1)
2.6.8-sarge-security: released (2.6.8-14) [115-proc_file_read_nbytes_signedness_fix.dpatch]
-2.4.27-sarge-security:
-2.4.19-woody-security:
-2.4.18-woody-security:
-2.4.17-woody-security:
-2.4.16-woody-security:
-2.4.17-woody-security-hppa:
-2.4.17-woody-security-ia64:
-2.4.18-woody-security-hppa:
+2.4.27-sarge-security: N/A
+2.4.19-woody-security: N/A
+2.4.18-woody-security: N/A
+2.4.17-woody-security: N/A
+2.4.16-woody-security: N/A
+2.4.17-woody-security-hppa: N/A
+2.4.17-woody-security-ia64: N/A
+2.4.18-woody-security-hppa: N/A
More information about the Kernel-svn-changes
mailing list