[kernel] r7027 - patch-tracking
Dann Frazier
dannf at costa.debian.org
Sat Jul 15 15:47:41 UTC 2006
Author: dannf
Date: Sat Jul 15 15:47:34 2006
New Revision: 7027
Modified:
patch-tracking/00boilerplate
patch-tracking/CVE-2002-0429
patch-tracking/CVE-2002-0704
patch-tracking/CVE-2003-0001
patch-tracking/CVE-2003-0018
patch-tracking/CVE-2003-0127
patch-tracking/CVE-2003-0187
patch-tracking/CVE-2003-0244
patch-tracking/CVE-2003-0246
patch-tracking/CVE-2003-0247
patch-tracking/CVE-2003-0248
patch-tracking/CVE-2003-0364
patch-tracking/CVE-2003-0418
patch-tracking/CVE-2003-0461
patch-tracking/CVE-2003-0462
patch-tracking/CVE-2003-0464
patch-tracking/CVE-2003-0465
patch-tracking/CVE-2003-0467
patch-tracking/CVE-2003-0476
patch-tracking/CVE-2003-0501
patch-tracking/CVE-2003-0550
patch-tracking/CVE-2003-0551
patch-tracking/CVE-2003-0552
patch-tracking/CVE-2003-0643
patch-tracking/CVE-2003-0699
patch-tracking/CVE-2003-0700
patch-tracking/CVE-2003-0961
patch-tracking/CVE-2003-0984
patch-tracking/CVE-2003-0985
patch-tracking/CVE-2003-1040
patch-tracking/CVE-2004-0003
patch-tracking/CVE-2004-0010
patch-tracking/CVE-2004-0077
patch-tracking/CVE-2004-0109
patch-tracking/CVE-2004-0133
patch-tracking/CVE-2004-0136
patch-tracking/CVE-2004-0138
patch-tracking/CVE-2004-0177
patch-tracking/CVE-2004-0178
patch-tracking/CVE-2004-0181
patch-tracking/CVE-2004-0228
patch-tracking/CVE-2004-0229
patch-tracking/CVE-2004-0394
patch-tracking/CVE-2004-0415
patch-tracking/CVE-2004-0427
patch-tracking/CVE-2004-0447
patch-tracking/CVE-2004-0491
patch-tracking/CVE-2004-0495
patch-tracking/CVE-2004-0496
patch-tracking/CVE-2004-0497
patch-tracking/CVE-2004-0535
patch-tracking/CVE-2004-0554
patch-tracking/CVE-2004-0565
patch-tracking/CVE-2004-0587
patch-tracking/CVE-2004-0596
patch-tracking/CVE-2004-0619
patch-tracking/CVE-2004-0626
patch-tracking/CVE-2004-0685
patch-tracking/CVE-2004-0790
patch-tracking/CVE-2004-0812
patch-tracking/CVE-2004-0813
patch-tracking/CVE-2004-0814
patch-tracking/CVE-2004-0816
patch-tracking/CVE-2004-0883
patch-tracking/CVE-2004-0887
patch-tracking/CVE-2004-0949
patch-tracking/CVE-2004-0997
patch-tracking/CVE-2004-1016
patch-tracking/CVE-2004-1017
patch-tracking/CVE-2004-1056
patch-tracking/CVE-2004-1057
patch-tracking/CVE-2004-1058
patch-tracking/CVE-2004-1068
patch-tracking/CVE-2004-1069
patch-tracking/CVE-2004-1070
patch-tracking/CVE-2004-1071
patch-tracking/CVE-2004-1072
patch-tracking/CVE-2004-1073
patch-tracking/CVE-2004-1074
patch-tracking/CVE-2004-1137
patch-tracking/CVE-2004-1144
patch-tracking/CVE-2004-1151
patch-tracking/CVE-2004-1190
patch-tracking/CVE-2004-1234
patch-tracking/CVE-2004-1235
patch-tracking/CVE-2004-1237
patch-tracking/CVE-2004-1333
patch-tracking/CVE-2004-1334
patch-tracking/CVE-2004-1335
patch-tracking/CVE-2004-1337
patch-tracking/CVE-2004-2013
patch-tracking/CVE-2004-2135
patch-tracking/CVE-2004-2136
patch-tracking/CVE-2004-2302
patch-tracking/CVE-2004-2536
patch-tracking/CVE-2004-2607
patch-tracking/CVE-2004-2660
patch-tracking/CVE-2005-0001
patch-tracking/CVE-2005-0003
patch-tracking/CVE-2005-0090
patch-tracking/CVE-2005-0091
patch-tracking/CVE-2005-0092
patch-tracking/CVE-2005-0109
patch-tracking/CVE-2005-0124
patch-tracking/CVE-2005-0135
patch-tracking/CVE-2005-0136
patch-tracking/CVE-2005-0137
patch-tracking/CVE-2005-0176
patch-tracking/CVE-2005-0177
patch-tracking/CVE-2005-0178
patch-tracking/CVE-2005-0179
patch-tracking/CVE-2005-0180
patch-tracking/CVE-2005-0204
patch-tracking/CVE-2005-0207
patch-tracking/CVE-2005-0209
patch-tracking/CVE-2005-0210
patch-tracking/CVE-2005-0384
patch-tracking/CVE-2005-0400
patch-tracking/CVE-2005-0449
patch-tracking/CVE-2005-0489
patch-tracking/CVE-2005-0504
patch-tracking/CVE-2005-0528
patch-tracking/CVE-2005-0529
patch-tracking/CVE-2005-0530
patch-tracking/CVE-2005-0531
patch-tracking/CVE-2005-0532
patch-tracking/CVE-2005-0736
patch-tracking/CVE-2005-0749
patch-tracking/CVE-2005-0750
patch-tracking/CVE-2005-0756
patch-tracking/CVE-2005-0757
patch-tracking/CVE-2005-0767
patch-tracking/CVE-2005-0815
patch-tracking/CVE-2005-0839
patch-tracking/CVE-2005-0867
patch-tracking/CVE-2005-0916
patch-tracking/CVE-2005-0977
patch-tracking/CVE-2005-1041
patch-tracking/CVE-2005-1263
patch-tracking/CVE-2005-1264
patch-tracking/CVE-2005-1265
patch-tracking/CVE-2005-1368
patch-tracking/CVE-2005-1369
patch-tracking/CVE-2005-1589
patch-tracking/CVE-2005-1761
patch-tracking/CVE-2005-1762
patch-tracking/CVE-2005-1763
patch-tracking/CVE-2005-1764
patch-tracking/CVE-2005-1765
patch-tracking/CVE-2005-1767
patch-tracking/CVE-2005-1768
patch-tracking/CVE-2005-1913
patch-tracking/CVE-2005-2098
patch-tracking/CVE-2005-2099
patch-tracking/CVE-2005-2100
patch-tracking/CVE-2005-2456
patch-tracking/CVE-2005-2457
patch-tracking/CVE-2005-2458
patch-tracking/CVE-2005-2459
patch-tracking/CVE-2005-2490
patch-tracking/CVE-2005-2492
patch-tracking/CVE-2005-2548
patch-tracking/CVE-2005-2553
patch-tracking/CVE-2005-2555
patch-tracking/CVE-2005-2708
patch-tracking/CVE-2005-2709
patch-tracking/CVE-2005-2800
patch-tracking/CVE-2005-2801
patch-tracking/CVE-2005-2872
patch-tracking/CVE-2005-2873
patch-tracking/CVE-2005-2973
patch-tracking/CVE-2005-3044
patch-tracking/CVE-2005-3053
patch-tracking/CVE-2005-3055
patch-tracking/CVE-2005-3105
patch-tracking/CVE-2005-3106
patch-tracking/CVE-2005-3107
patch-tracking/CVE-2005-3108
patch-tracking/CVE-2005-3109
patch-tracking/CVE-2005-3110
patch-tracking/CVE-2005-3119
patch-tracking/CVE-2005-3179
patch-tracking/CVE-2005-3180
patch-tracking/CVE-2005-3181
patch-tracking/CVE-2005-3257
patch-tracking/CVE-2005-3271
patch-tracking/CVE-2005-3272
patch-tracking/CVE-2005-3273
patch-tracking/CVE-2005-3274
patch-tracking/CVE-2005-3275
patch-tracking/CVE-2005-3276
patch-tracking/CVE-2005-3356
patch-tracking/CVE-2005-3358
patch-tracking/CVE-2005-3359
patch-tracking/CVE-2005-3527
patch-tracking/CVE-2005-3623
patch-tracking/CVE-2005-3660
patch-tracking/CVE-2005-3783
patch-tracking/CVE-2005-3784
patch-tracking/CVE-2005-3805
patch-tracking/CVE-2005-3806
patch-tracking/CVE-2005-3807
patch-tracking/CVE-2005-3808
patch-tracking/CVE-2005-3809
patch-tracking/CVE-2005-3810
patch-tracking/CVE-2005-3847
patch-tracking/CVE-2005-3848
patch-tracking/CVE-2005-3857
patch-tracking/CVE-2005-3858
patch-tracking/CVE-2005-4351
patch-tracking/CVE-2005-4352
patch-tracking/CVE-2005-4440
patch-tracking/CVE-2005-4441
patch-tracking/CVE-2005-4605
patch-tracking/CVE-2005-4618
patch-tracking/CVE-2005-4635
patch-tracking/CVE-2005-4639
patch-tracking/CVE-2005-4798
patch-tracking/CVE-2006-0035
patch-tracking/CVE-2006-0036
patch-tracking/CVE-2006-0037
patch-tracking/CVE-2006-0038
patch-tracking/CVE-2006-0039
patch-tracking/CVE-2006-0095
patch-tracking/CVE-2006-0096
patch-tracking/CVE-2006-0454
patch-tracking/CVE-2006-0456
patch-tracking/CVE-2006-0457
patch-tracking/CVE-2006-0482
patch-tracking/CVE-2006-0554
patch-tracking/CVE-2006-0555
patch-tracking/CVE-2006-0557
patch-tracking/CVE-2006-0558
patch-tracking/CVE-2006-0741
patch-tracking/CVE-2006-0742
patch-tracking/CVE-2006-0744
patch-tracking/CVE-2006-1052
patch-tracking/CVE-2006-1055
patch-tracking/CVE-2006-1056
patch-tracking/CVE-2006-1066
patch-tracking/CVE-2006-1242
patch-tracking/CVE-2006-1342
patch-tracking/CVE-2006-1343
patch-tracking/CVE-2006-1368
patch-tracking/CVE-2006-1522
patch-tracking/CVE-2006-1523
patch-tracking/CVE-2006-1524
patch-tracking/CVE-2006-1525
patch-tracking/CVE-2006-1527
patch-tracking/CVE-2006-1528
patch-tracking/CVE-2006-1855
patch-tracking/CVE-2006-1856
patch-tracking/CVE-2006-1857
patch-tracking/CVE-2006-1858
patch-tracking/CVE-2006-1859
patch-tracking/CVE-2006-1860
patch-tracking/CVE-2006-1863
patch-tracking/CVE-2006-1864
patch-tracking/CVE-2006-2071
patch-tracking/CVE-2006-2271
patch-tracking/CVE-2006-2272
patch-tracking/CVE-2006-2274
patch-tracking/CVE-2006-2275
patch-tracking/CVE-2006-2444
patch-tracking/CVE-2006-2445
patch-tracking/CVE-2006-2448
patch-tracking/CVE-2006-2451
patch-tracking/CVE-2006-2629
patch-tracking/CVE-2006-2934
patch-tracking/CVE-2006-2935
patch-tracking/CVE-2006-2936
patch-tracking/CVE-2006-3085
patch-tracking/CVE-2006-3626
Log:
start tracking security issues in linux-2.6.16
Modified: patch-tracking/00boilerplate
==============================================================================
--- patch-tracking/00boilerplate (original)
+++ patch-tracking/00boilerplate Sat Jul 15 15:47:34 2006
@@ -4,6 +4,7 @@
Notes:
Bugs:
upstream:
+linux-2.6.16:
linux-2.6:
2.6.8-sarge-security:
2.4.27-sarge-security:
\ No newline at end of file
Modified: patch-tracking/CVE-2002-0429
==============================================================================
--- patch-tracking/CVE-2002-0429 (original)
+++ patch-tracking/CVE-2002-0429 Sat Jul 15 15:47:34 2006
@@ -17,6 +17,7 @@
Notes:
Bugs:
upstream: released (2.4.20)
+linux-2.6.16:
linux-2.6: N/A
2.6.8-sarge-security: N/A
2.4.27-sarge-security: N/A
Modified: patch-tracking/CVE-2002-0704
==============================================================================
--- patch-tracking/CVE-2002-0704 (original)
+++ patch-tracking/CVE-2002-0704 Sat Jul 15 15:47:34 2006
@@ -41,6 +41,7 @@
horms> problem on allong with upstream's 2.4 (~2.4.33-pre1)
Bugs:
upstream: released (2.6.11)
+linux-2.6.16:
linux-2.6: N/A
2.6.8-sarge-security: ignored (2.6.8-16sarge4)
2.4.27-sarge-security: ignored (2.4.27-10sarge4)
Modified: patch-tracking/CVE-2003-0001
==============================================================================
--- patch-tracking/CVE-2003-0001 (original)
+++ patch-tracking/CVE-2003-0001 Sat Jul 15 15:47:34 2006
@@ -26,6 +26,7 @@
dannf> I've e-mailed the security team + mdz, asking for a patch
Bugs:
upstream: released (2.4.21-pre4)
+linux-2.6.16:
linux-2.6: N/A
2.6.8-sarge-security: N/A
2.4.27-sarge-security: N/A
Modified: patch-tracking/CVE-2003-0018
==============================================================================
--- patch-tracking/CVE-2003-0018 (original)
+++ patch-tracking/CVE-2003-0018 Sat Jul 15 15:47:34 2006
@@ -26,6 +26,7 @@
dannf> Therefore, I'm marking >= sarge kernels N/A
Bugs:
upstream:
+linux-2.6.16:
linux-2.6: N/A
2.6.8-sarge-security: N/A
2.4.27-sarge-security: N/A
Modified: patch-tracking/CVE-2003-0127
==============================================================================
--- patch-tracking/CVE-2003-0127 (original)
+++ patch-tracking/CVE-2003-0127 Sat Jul 15 15:47:34 2006
@@ -50,6 +50,7 @@
so marking this issue as N/A for 2.6.
Bugs:
upstream: released (2.4.21-pre6)
+linux-2.6.16:
linux-2.6: N/A
2.6.8-sarge-security: N/A
2.4.27-sarge-security: N/A
Modified: patch-tracking/CVE-2003-0187
==============================================================================
--- patch-tracking/CVE-2003-0187 (original)
+++ patch-tracking/CVE-2003-0187 Sat Jul 15 15:47:34 2006
@@ -14,6 +14,7 @@
http://linux.bkbits.net:8080/linux-2.6/cset@3e631f9evO15b8EcYa8btEi07F2mYQ?nav=index.html|src/|src/include|src/include/linux|src/include/linux/netfilter_ipv4|related/include/linux/netfilter_ipv4/ip_conntrack.h
Bugs:
upstream: released (2.4.21)
+linux-2.6.16:
linux-2.6: N/A
2.6.8-sarge-security: N/A
2.4.27-sarge-security: N/A
Modified: patch-tracking/CVE-2003-0244
==============================================================================
--- patch-tracking/CVE-2003-0244 (original)
+++ patch-tracking/CVE-2003-0244 Sat Jul 15 15:47:34 2006
@@ -38,6 +38,7 @@
Notes:
Bugs:
upstream: released (2.4.21-rc2)
+linux-2.6.16:
linux-2.6: N/A
2.6.8-sarge-security: N/A
2.4.27-sarge-security: N/A
Modified: patch-tracking/CVE-2003-0246
==============================================================================
--- patch-tracking/CVE-2003-0246 (original)
+++ patch-tracking/CVE-2003-0246 Sat Jul 15 15:47:34 2006
@@ -38,6 +38,7 @@
Patch is x86 only.
Bugs:
upstream: released (2.4.21-rc4)
+linux-2.6.16:
linux-2.6: N/A
2.6.8-sarge-security: N/A
2.4.27-sarge-security: N/A
Modified: patch-tracking/CVE-2003-0247
==============================================================================
--- patch-tracking/CVE-2003-0247 (original)
+++ patch-tracking/CVE-2003-0247 Sat Jul 15 15:47:34 2006
@@ -30,6 +30,7 @@
Notes:
Bugs:
upstream: released (2.4.21-rc3)
+linux-2.6.16:
linux-2.6: N/A
2.6.8-sarge-security: N/A
2.4.27-sarge-security: N/A
Modified: patch-tracking/CVE-2003-0248
==============================================================================
--- patch-tracking/CVE-2003-0248 (original)
+++ patch-tracking/CVE-2003-0248 Sat Jul 15 15:47:34 2006
@@ -30,6 +30,7 @@
dannf> http://linux.bkbits.net:8080/linux-2.4/cset@3f293760h0HL1XxaPHNYxPXmpO1k8g?nav=index.html|src/|src/arch|src/arch/i386|src/arch/i386/kernel|related/arch/i386/kernel/i387.c
Bugs:
upstream: released (2.4.22-pre10)
+linux-2.6.16:
linux-2.6: N/A
2.6.8-sarge-security: N/A
2.4.27-sarge-security: N/A
Modified: patch-tracking/CVE-2003-0364
==============================================================================
--- patch-tracking/CVE-2003-0364 (original)
+++ patch-tracking/CVE-2003-0364 Sat Jul 15 15:47:34 2006
@@ -27,6 +27,7 @@
Notes:
Bugs:
upstream: released (2.4.21-rc7)
+linux-2.6.16:
linux-2.6: N/A
2.6.8-sarge-security: N/A
2.4.27-sarge-security: N/A
Modified: patch-tracking/CVE-2003-0418
==============================================================================
--- patch-tracking/CVE-2003-0418 (original)
+++ patch-tracking/CVE-2003-0418 Sat Jul 15 15:47:34 2006
@@ -10,6 +10,7 @@
Notes:
Bugs:
upstream:
+linux-2.6.16:
linux-2.6: N/A
2.6.8-sarge-security: N/A
2.4.27-sarge-security: N/A
Modified: patch-tracking/CVE-2003-0461
==============================================================================
--- patch-tracking/CVE-2003-0461 (original)
+++ patch-tracking/CVE-2003-0461 Sat Jul 15 15:47:34 2006
@@ -24,6 +24,7 @@
http://linux.bkbits.net:8080/linux-2.4/cset@41aca810DvutJ8aEj43OuUqJ4e1EIw?nav=index.html|src/|src/include|src/include/linux|related/include/linux/proc_fs.h
Bugs:
upstream: released (2.4.29-pre2, 2.6.1)
+linux-2.6.16:
linux-2.6: N/A
2.6.8-sarge-security: N/A
2.4.27-sarge-security: released (2.4.27-1) [025_proc_tty_security.diff]
Modified: patch-tracking/CVE-2003-0462
==============================================================================
--- patch-tracking/CVE-2003-0462 (original)
+++ patch-tracking/CVE-2003-0462 Sat Jul 15 15:47:34 2006
@@ -35,6 +35,7 @@
jmm> o Fix /proc/self security issue
Bugs:
upstream: released (2.6.1), released (2.4.22-pre10)
+linux-2.6.16:
linux-2.6: N/A
2.6.8-sarge-security: N/A
2.4.27-sarge-security: N/A
Modified: patch-tracking/CVE-2003-0464
==============================================================================
--- patch-tracking/CVE-2003-0464 (original)
+++ patch-tracking/CVE-2003-0464 Sat Jul 15 15:47:34 2006
@@ -16,6 +16,7 @@
This fix was in before 2.6.0.
Bugs:
upstream: released (2.4.22-pre8)
+linux-2.6.16:
linux-2.6: N/A
2.6.8-sarge-security: N/A
2.4.27-sarge-security: N/A
Modified: patch-tracking/CVE-2003-0465
==============================================================================
--- patch-tracking/CVE-2003-0465 (original)
+++ patch-tracking/CVE-2003-0465 Sat Jul 15 15:47:34 2006
@@ -22,6 +22,7 @@
jmm> The ramifications are minor anyway
Bugs:
upstream:
+linux-2.6.16:
linux-2.6: N/A
2.6.8-sarge-security: N/A
2.4.27-sarge-security: released (2.4.27-8)
Modified: patch-tracking/CVE-2003-0467
==============================================================================
--- patch-tracking/CVE-2003-0467 (original)
+++ patch-tracking/CVE-2003-0467 Sat Jul 15 15:47:34 2006
@@ -14,6 +14,7 @@
http://linux.bkbits.net:8080/linux-2.6/cset@3eb76c8aWimEpZAEU5Xbu-LPK-NxeA?nav=index.html|src/|src/net|src/net/ipv4|src/net/ipv4/netfilter|related/net/ipv4/netfilter/ip_nat_helper.c
Bugs:
upstream: released (2.4.21-rc1)
+linux-2.6.16:
linux-2.6: N/A
2.6.8-sarge-security: N/A
2.4.27-sarge-security: N/A
Modified: patch-tracking/CVE-2003-0476
==============================================================================
--- patch-tracking/CVE-2003-0476 (original)
+++ patch-tracking/CVE-2003-0476 Sat Jul 15 15:47:34 2006
@@ -25,6 +25,7 @@
Notes:
Bugs:
upstream: released (2.4.22-pre4, 2.6.1)
+linux-2.6.16:
linux-2.6: N/A
2.6.8-sarge-security: N/A
2.4.27-sarge-security: N/A
Modified: patch-tracking/CVE-2003-0501
==============================================================================
--- patch-tracking/CVE-2003-0501 (original)
+++ patch-tracking/CVE-2003-0501 Sat Jul 15 15:47:34 2006
@@ -21,6 +21,7 @@
Notes:
Bugs:
upstream: released (2.4.22-pre10)
+linux-2.6.16:
linux-2.6: N/A
2.6.8-sarge-security: N/A
2.4.27-sarge-security: N/A
Modified: patch-tracking/CVE-2003-0550
==============================================================================
--- patch-tracking/CVE-2003-0550 (original)
+++ patch-tracking/CVE-2003-0550 Sat Jul 15 15:47:34 2006
@@ -14,6 +14,7 @@
Notes:
Bugs:
upstream: released (2.4.22-pre3)
+linux-2.6.16:
linux-2.6: N/A
2.6.8-sarge-security: N/A
2.4.27-sarge-security: N/A
Modified: patch-tracking/CVE-2003-0551
==============================================================================
--- patch-tracking/CVE-2003-0551 (original)
+++ patch-tracking/CVE-2003-0551 Sat Jul 15 15:47:34 2006
@@ -16,6 +16,7 @@
Notes:
Bugs:
upstream: released (2.4.22-pre3)
+linux-2.6.16:
linux-2.6: N/A
2.6.8-sarge-security: N/A
2.4.27-sarge-security: N/A
Modified: patch-tracking/CVE-2003-0552
==============================================================================
--- patch-tracking/CVE-2003-0552 (original)
+++ patch-tracking/CVE-2003-0552 Sat Jul 15 15:47:34 2006
@@ -16,6 +16,7 @@
Notes:
Bugs:
upstream: released (2.4.22-pre3)
+linux-2.6.16:
linux-2.6: N/A
2.6.8-sarge-security: N/A
2.4.27-sarge-security: N/A
Modified: patch-tracking/CVE-2003-0643
==============================================================================
--- patch-tracking/CVE-2003-0643 (original)
+++ patch-tracking/CVE-2003-0643 Sat Jul 15 15:47:34 2006
@@ -14,6 +14,7 @@
http://linux.bkbits.net:8080/linux-2.4/cset@3f216072qjoeL8BVUjH-swPkd1CRgA?nav=index.html|src/|src/net|src/net/core|related/net/core/filter.c
Bugs:
upstream: released (2.4.22-pre10)
+linux-2.6.16:
linux-2.6: N/A
2.6.8-sarge-security: N/A
2.4.27-sarge-security: N/A
Modified: patch-tracking/CVE-2003-0699
==============================================================================
--- patch-tracking/CVE-2003-0699 (original)
+++ patch-tracking/CVE-2003-0699 Sat Jul 15 15:47:34 2006
@@ -13,6 +13,7 @@
http://linux.bkbits.net:8080/linux-2.4/cset@3eb6f77bdzIdwwIbhYPVK6Cu16OhBQ?nav=index.html|src/|src/drivers|src/drivers/sound|related/drivers/sound/cmpci.c
Bugs:
upstream: released (2.4.21-rc2)
+linux-2.6.16:
linux-2.6: N/A
2.6.8-sarge-security: N/A
2.4.27-sarge-security: N/A
Modified: patch-tracking/CVE-2003-0700
==============================================================================
--- patch-tracking/CVE-2003-0700 (original)
+++ patch-tracking/CVE-2003-0700 Sat Jul 15 15:47:34 2006
@@ -13,6 +13,7 @@
http://linux.bkbits.net:8080/linux-2.4/cset@3f0350ec7Wnpix3ihDCUMMnS-czskg?nav=index.html|src/|src/drivers|src/drivers/sound|related/drivers/sound/cmpci.c
Bugs:
upstream: released (2.4.22-pre3)
+linux-2.6.16:
linux-2.6: N/A
2.6.8-sarge-security: N/A
2.4.27-sarge-security: N/A
Modified: patch-tracking/CVE-2003-0961
==============================================================================
--- patch-tracking/CVE-2003-0961 (original)
+++ patch-tracking/CVE-2003-0961 Sat Jul 15 15:47:34 2006
@@ -55,6 +55,7 @@
Notes:
Bugs:
upstream: released (2.4.23-pre7)
+linux-2.6.16:
linux-2.6: N/A
2.6.8-sarge-security: N/A
2.4.27-sarge-security: N/A
Modified: patch-tracking/CVE-2003-0984
==============================================================================
--- patch-tracking/CVE-2003-0984 (original)
+++ patch-tracking/CVE-2003-0984 Sat Jul 15 15:47:34 2006
@@ -34,6 +34,7 @@
jmm> | o /dev/rtc can leak parts of kernel memory to unpriviledged users
Bugs:
upstream: released (2.4.24-rc1, 2.6.2)
+linux-2.6.16:
linux-2.6: N/A
2.6.8-sarge-security: N/A
2.4.27-sarge-security: N/A
Modified: patch-tracking/CVE-2003-0985
==============================================================================
--- patch-tracking/CVE-2003-0985 (original)
+++ patch-tracking/CVE-2003-0985 Sat Jul 15 15:47:34 2006
@@ -42,6 +42,7 @@
Notes:
Bugs:
upstream: released (2.4.24-rc1), released (2.6.1)
+linux-2.6.16:
linux-2.6: N/A
2.6.8-sarge-security: N/A
2.4.27-sarge-security: N/A
Modified: patch-tracking/CVE-2003-1040
==============================================================================
--- patch-tracking/CVE-2003-1040 (original)
+++ patch-tracking/CVE-2003-1040 Sat Jul 15 15:47:34 2006
@@ -17,6 +17,7 @@
fixed before 2.6 released
Bugs:
upstream: released (2.4.23)
+linux-2.6.16:
linux-2.6: N/A
2.6.8-sarge-security: N/A
2.4.27-sarge-security: N/A
Modified: patch-tracking/CVE-2004-0003
==============================================================================
--- patch-tracking/CVE-2004-0003 (original)
+++ patch-tracking/CVE-2004-0003 Sat Jul 15 15:47:34 2006
@@ -77,6 +77,7 @@
Notes:
Bugs:
upstream: released (2.4.26-rc4, 2.6.4)
+linux-2.6.16:
linux-2.6: N/A
2.6.8-sarge-security: N/A
2.4.27-sarge-security: N/A
Modified: patch-tracking/CVE-2004-0010
==============================================================================
--- patch-tracking/CVE-2004-0010 (original)
+++ patch-tracking/CVE-2004-0010 Sat Jul 15 15:47:34 2006
@@ -4,6 +4,7 @@
Notes:
Bugs:
upstream: released (2.4.25-pre7), released (2.6.3)
+linux-2.6.16:
linux-2.6: N/A
2.6.8-sarge-security: N/A
2.4.27-sarge-security: N/A
Modified: patch-tracking/CVE-2004-0077
==============================================================================
--- patch-tracking/CVE-2004-0077 (original)
+++ patch-tracking/CVE-2004-0077 Sat Jul 15 15:47:34 2006
@@ -45,6 +45,7 @@
2.4: http://linux.bkbits.net:8080/linux-2.4/cset@40327d9fxQLz7BU9yAATPsFlWiSG0A?nav=index.html|src/|src/mm|related/mm/mremap.c
Bugs:
upstream: released (2.4.25-rc4, 2.6.3)
+linux-2.6.16:
linux-2.6: N/A
2.6.8-sarge-security: N/A
2.4.27-sarge-security: N/A
Modified: patch-tracking/CVE-2004-0109
==============================================================================
--- patch-tracking/CVE-2004-0109 (original)
+++ patch-tracking/CVE-2004-0109 Sat Jul 15 15:47:34 2006
@@ -4,6 +4,7 @@
Notes:
Bugs:
upstream: released (2.4.26-rc4), released (2.6.6)
+linux-2.6.16:
linux-2.6: N/A
2.6.8-sarge-security: N/A
2.4.27-sarge-security: N/A
Modified: patch-tracking/CVE-2004-0133
==============================================================================
--- patch-tracking/CVE-2004-0133 (original)
+++ patch-tracking/CVE-2004-0133 Sat Jul 15 15:47:34 2006
@@ -18,6 +18,7 @@
dannf> based on the securityfocus page above.
Bugs:
upstream: released (2.4.26-rc2, 2.6.5)
+linux-2.6.16:
linux-2.6: N/A
2.6.8-sarge-security: N/A
2.4.27-sarge-security: N/A
Modified: patch-tracking/CVE-2004-0136
==============================================================================
--- patch-tracking/CVE-2004-0136 (original)
+++ patch-tracking/CVE-2004-0136 Sat Jul 15 15:47:34 2006
@@ -34,6 +34,7 @@
jmm> is included in 2.6.8, thus marking 2.6.8 and linux-2.6 N/A
Bugs:
upstream: released (2.4.25-rc1)
+linux-2.6.16:
linux-2.6: N/A
2.6.8-sarge-security: N/A
2.4.27-sarge-security: N/A
Modified: patch-tracking/CVE-2004-0138
==============================================================================
--- patch-tracking/CVE-2004-0138 (original)
+++ patch-tracking/CVE-2004-0138 Sat Jul 15 15:47:34 2006
@@ -11,6 +11,7 @@
jmm> This was a previous Red Hat internal name for CVE-2004-0136, so
jmm> Red hat advisories, which fix this are in fact for CVE-2004-0136
Bugs:
+linux-2.6.16:
linux-2.6: N/A
2.6.8-sarge-security: N/A
2.4.27-sarge-security: N/A
Modified: patch-tracking/CVE-2004-0177
==============================================================================
--- patch-tracking/CVE-2004-0177 (original)
+++ patch-tracking/CVE-2004-0177 Sat Jul 15 15:47:34 2006
@@ -16,6 +16,7 @@
jmm> This fix is present in 2.4.27 and 2.6.8, so marking them and l-2.6 N/A
Bugs:
upstream: released (2.4.26-pre4)
+linux-2.6.16:
linux-2.6: N/A
2.6.8-sarge-security: N/A
2.4.27-sarge-security: N/A
Modified: patch-tracking/CVE-2004-0178
==============================================================================
--- patch-tracking/CVE-2004-0178 (original)
+++ patch-tracking/CVE-2004-0178 Sat Jul 15 15:47:34 2006
@@ -28,6 +28,7 @@
jmm> I've verified that above patch is included in 2.6.8
Bugs:
upstream: released (2.4.26-pre3)
+linux-2.6.16:
linux-2.6: N/A
2.6.8-sarge-security: N/A
2.4.27-sarge-security: N/A
Modified: patch-tracking/CVE-2004-0181
==============================================================================
--- patch-tracking/CVE-2004-0181 (original)
+++ patch-tracking/CVE-2004-0181 Sat Jul 15 15:47:34 2006
@@ -16,6 +16,7 @@
jmm> so I'm marking all versions N/A
Bugs:
upstream: released (2.4.26-pre5), released (2.6.5-rc2)
+linux-2.6.16:
linux-2.6: N/A
2.6.8-sarge-security: N/A
2.4.27-sarge-security: N/A
Modified: patch-tracking/CVE-2004-0228
==============================================================================
--- patch-tracking/CVE-2004-0228 (original)
+++ patch-tracking/CVE-2004-0228 Sat Jul 15 15:47:34 2006
@@ -22,6 +22,7 @@
jmm> is included in 2.6.8
Bugs:
upstream:
+linux-2.6.16:
linux-2.6: N/A
2.6.8-sarge-security: N/A
2.4.27-sarge-security: N/A
Modified: patch-tracking/CVE-2004-0229
==============================================================================
--- patch-tracking/CVE-2004-0229 (original)
+++ patch-tracking/CVE-2004-0229 Sat Jul 15 15:47:34 2006
@@ -5,6 +5,7 @@
jmm> 2.4 is not affected by this problem.
Bugs:
upstream: released (2.6.6)
+linux-2.6.16:
linux-2.6: N/A
2.6.8-sarge-security: N/A
2.4.27-sarge-security: N/A
Modified: patch-tracking/CVE-2004-0394
==============================================================================
--- patch-tracking/CVE-2004-0394 (original)
+++ patch-tracking/CVE-2004-0394 Sat Jul 15 15:47:34 2006
@@ -27,6 +27,7 @@
jmm> needed, although I guess it's not exploitable
Bugs:
upstream: released (2.4.28-pre1)
+linux-2.6.16:
linux-2.6: N/A
2.6.8-sarge-security: N/A
2.4.27-sarge-security: released (2.4.27-1)
Modified: patch-tracking/CVE-2004-0415
==============================================================================
--- patch-tracking/CVE-2004-0415 (original)
+++ patch-tracking/CVE-2004-0415 Sat Jul 15 15:47:34 2006
@@ -30,6 +30,7 @@
level VFS functions, its safe.
Bugs:
upstream: released (2.4.27-rc5)
+linux-2.6.16:
linux-2.6: N/A
2.6.8-sarge-security: N/A
2.4.27-sarge-security: N/A
Modified: patch-tracking/CVE-2004-0427
==============================================================================
--- patch-tracking/CVE-2004-0427 (original)
+++ patch-tracking/CVE-2004-0427 Sat Jul 15 15:47:34 2006
@@ -58,6 +58,7 @@
Notes:
Bugs:
upstream: released (2.4.26, 2.6.6)
+linux-2.6.16:
linux-2.6: N/A
2.6.8-sarge-security: N/A
2.4.27-sarge-security: N/A
Modified: patch-tracking/CVE-2004-0447
==============================================================================
--- patch-tracking/CVE-2004-0447 (original)
+++ patch-tracking/CVE-2004-0447 Sat Jul 15 15:47:34 2006
@@ -25,6 +25,7 @@
jmm> is included in stock 2.4.27 and 2.6.8, so it's N/A.
Bugs:
upstream:
+linux-2.6.16:
linux-2.6: N/A
2.6.8-sarge-security: N/A
2.4.27-sarge-security: N/A
Modified: patch-tracking/CVE-2004-0491
==============================================================================
--- patch-tracking/CVE-2004-0491 (original)
+++ patch-tracking/CVE-2004-0491 Sat Jul 15 15:47:34 2006
@@ -15,6 +15,7 @@
dannf> accepted upstream in 2.4 or 2.6, so it doesn't apply to us.
Bugs:
upstream: N/A
+linux-2.6.16:
linux-2.6: N/A
2.6.8-sarge-security: N/A
2.4.27-sarge-security: N/A
Modified: patch-tracking/CVE-2004-0495
==============================================================================
--- patch-tracking/CVE-2004-0495 (original)
+++ patch-tracking/CVE-2004-0495 Sat Jul 15 15:47:34 2006
@@ -36,6 +36,7 @@
http://linux.bkbits.net:8080/linux-2.4/cset@40d975a2Ttlhd2amhkcgbfzndDMUZA?nav=index.html|src/|src/drivers|src/drivers/acpi|related/drivers/acpi/asus_acpi.c
Bugs:
upstream: released (2.4.27-rc2, 2.6.7)
+linux-2.6.16:
linux-2.6: N/A
2.6.8-sarge-security: N/A
2.4.27-sarge-security: N/A
Modified: patch-tracking/CVE-2004-0496
==============================================================================
--- patch-tracking/CVE-2004-0496 (original)
+++ patch-tracking/CVE-2004-0496 Sat Jul 15 15:47:34 2006
@@ -15,6 +15,7 @@
dannf> as fixed in 2.6.7.
Bugs:
upstream: released (2.6.7)
+linux-2.6.16:
linux-2.6: N/A
2.6.8-sarge-security: N/A
2.4.27-sarge-security: N/A
Modified: patch-tracking/CVE-2004-0497
==============================================================================
--- patch-tracking/CVE-2004-0497 (original)
+++ patch-tracking/CVE-2004-0497 Sat Jul 15 15:47:34 2006
@@ -21,6 +21,7 @@
http://linux.bkbits.net:8080/linux-2.6/cset@40e62e18vom8K1fHgbJfe1oQ6mdkkQ?nav=index.html|src/|src/fs|related/fs/attr.c
Bugs:
upstream: released (2.4.27, 2.6.8)
+linux-2.6.16:
linux-2.6: N/A
2.6.8-sarge-security: N/A
2.4.27-sarge-security: released (2.4.27-1)
Modified: patch-tracking/CVE-2004-0535
==============================================================================
--- patch-tracking/CVE-2004-0535 (original)
+++ patch-tracking/CVE-2004-0535 Sat Jul 15 15:47:34 2006
@@ -32,6 +32,7 @@
http://linux.bkbits.net:8080/linux-2.6/cset@4084025a6AP3ORKQ7iaTFCmOGvTJXw?nav=index.html|src/|src/drivers|src/drivers/net|src/drivers/net/e1000|related/drivers/net/e1000/e1000_ethtool.c
Bugs:
upstream: released (2.4.27, 2.6.6)
+linux-2.6.16:
linux-2.6: N/A
2.6.8-sarge-security: N/A
2.4.27-sarge-security: N/A
Modified: patch-tracking/CVE-2004-0554
==============================================================================
--- patch-tracking/CVE-2004-0554 (original)
+++ patch-tracking/CVE-2004-0554 Sat Jul 15 15:47:34 2006
@@ -42,6 +42,7 @@
jmm> the stock 2.4.27 and 2.6.8 contain the fix
Bugs: 261521
upstream:
+linux-2.6.16:
linux-2.6: N/A
2.6.8-sarge-security: N/A
2.4.27-sarge-security: N/A
Modified: patch-tracking/CVE-2004-0565
==============================================================================
--- patch-tracking/CVE-2004-0565 (original)
+++ patch-tracking/CVE-2004-0565 Sat Jul 15 15:47:34 2006
@@ -18,6 +18,7 @@
jmm> So it's N/A, but I don't know at which time it was fixed upstream
Bugs:
upstream: released (2.4.27)
+linux-2.6.16:
linux-2.6: N/A
2.6.8-sarge-security: N/A
2.4.27-sarge-security: N/A
Modified: patch-tracking/CVE-2004-0587
==============================================================================
--- patch-tracking/CVE-2004-0587 (original)
+++ patch-tracking/CVE-2004-0587 Sat Jul 15 15:47:34 2006
@@ -29,6 +29,7 @@
dannf> Nope; qla2xxx isn't in 2.4.27
Bugs:
upstream:
+linux-2.6.16:
linux-2.6: N/A
2.6.8-sarge-security: N/A
2.4.27-sarge-security: N/A
Modified: patch-tracking/CVE-2004-0596
==============================================================================
--- patch-tracking/CVE-2004-0596 (original)
+++ patch-tracking/CVE-2004-0596 Sat Jul 15 15:47:34 2006
@@ -12,6 +12,7 @@
Notes:
Bugs:
upstream: released (2.4.27-rc2)
+linux-2.6.16:
linux-2.6: N/A
2.6.8-sarge-security: N/A
2.4.27-sarge-security: N/A
Modified: patch-tracking/CVE-2004-0619
==============================================================================
--- patch-tracking/CVE-2004-0619 (original)
+++ patch-tracking/CVE-2004-0619 Sat Jul 15 15:47:34 2006
@@ -17,6 +17,7 @@
jmm> stock kernel, only in Red Hat's. I'm marking Woody N/A as well.
Bugs:
upstream: N/A
+linux-2.6.16:
linux-2.6: N/A
2.6.8-sarge-security: N/A
2.4.27-sarge-security: N/A
Modified: patch-tracking/CVE-2004-0626
==============================================================================
--- patch-tracking/CVE-2004-0626 (original)
+++ patch-tracking/CVE-2004-0626 Sat Jul 15 15:47:34 2006
@@ -16,6 +16,7 @@
jmm> during earlier 2.6 kernels. 2.4 has the correct u_int8_t declaration.
Bugs:
upstream: released (2.6.8)
+linux-2.6.16:
linux-2.6: N/A
2.6.8-sarge-security: N/A
2.4.27-sarge-security: N/A
Modified: patch-tracking/CVE-2004-0685
==============================================================================
--- patch-tracking/CVE-2004-0685 (original)
+++ patch-tracking/CVE-2004-0685 Sat Jul 15 15:47:34 2006
@@ -24,6 +24,7 @@
jmm> So I'm marking all 2.6 versions N/A
Bugs:
upstream: released (2.4.27)
+linux-2.6.16:
linux-2.6: N/A
2.6.8-sarge-security: N/A
2.4.27-sarge-security: N/A
Modified: patch-tracking/CVE-2004-0790
==============================================================================
--- patch-tracking/CVE-2004-0790 (original)
+++ patch-tracking/CVE-2004-0790 Sat Jul 15 15:47:34 2006
@@ -32,6 +32,7 @@
Notes:
Bugs: 305655 305664
upstream:
+linux-2.6.16:
linux-2.6:
2.6.8-sarge-security: released (2.6.8-16) [net-ipv4-icmp-quench.dpatch]
2.4.27-sarge-security: released (2.4.27-10) [164_net-ipv4-icmp-quench.diff]
Modified: patch-tracking/CVE-2004-0812
==============================================================================
--- patch-tracking/CVE-2004-0812 (original)
+++ patch-tracking/CVE-2004-0812 Sat Jul 15 15:47:34 2006
@@ -24,6 +24,7 @@
jmm> the 2.4 kernels
Bugs:
upstream: released (2.6.0-test10)
+linux-2.6.16:
linux-2.6: N/A
2.6.8-sarge-security: N/A
2.4.27-sarge-security: N/A
Modified: patch-tracking/CVE-2004-0813
==============================================================================
--- patch-tracking/CVE-2004-0813 (original)
+++ patch-tracking/CVE-2004-0813 Sat Jul 15 15:47:34 2006
@@ -21,6 +21,7 @@
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=133098
Bugs:
upstream: fixed (2.6.10)
+linux-2.6.16:
linux-2.6: N/A
2.6.8-sarge-security: released (2.6.8-14)
2.4.27-sarge-security: ignored (2.4.27-10sarge3)
Modified: patch-tracking/CVE-2004-0814
==============================================================================
--- patch-tracking/CVE-2004-0814 (original)
+++ patch-tracking/CVE-2004-0814 Sat Jul 15 15:47:34 2006
@@ -26,6 +26,7 @@
Notes:
Bugs:
upstream: released (2.6.9)
+linux-2.6.16:
linux-2.6: N/A
2.6.8-sarge-security: released (2.6.8-8) [tty-locking-fixes.dpatch, tty-locking-fixes2.dpatch, tty-locking-fixes3.dpatch, tty-locking-fixes4.dpatch, tty-locking-fixes5.dpatch, tty-locking-fixes6.dpatch, tty-locking-fixes7.dpatch, tty-locking-fixes8.dpatch]
2.4.27-sarge-security: released (2.4.27-7) [093_tty_lockup.diff, 093_tty_lockup-2.diff, 115_tty_lockup-3.diff, 093-tty_lockup-3.diff]
Modified: patch-tracking/CVE-2004-0816
==============================================================================
--- patch-tracking/CVE-2004-0816 (original)
+++ patch-tracking/CVE-2004-0816 Sat Jul 15 15:47:34 2006
@@ -23,6 +23,7 @@
jmm> So I'm marking all kernels N/A
Bugs:
upstream:
+linux-2.6.16:
linux-2.6: N/A
2.6.8-sarge-security: N/A
2.4.27-sarge-security: N/A
Modified: patch-tracking/CVE-2004-0883
==============================================================================
--- patch-tracking/CVE-2004-0883 (original)
+++ patch-tracking/CVE-2004-0883 Sat Jul 15 15:47:34 2006
@@ -36,6 +36,7 @@
Notes:
Bugs:
upstream: released (2.4.28-rc3), released (2.6.10)
+linux-2.6.16:
linux-2.6: N/A
2.6.8-sarge-security: released (2.6.8-9) [smbfs-overflow-fixes-2.dpatch]
2.4.27-sarge-security: released (2.4.27-6) [111-smb-client-overflow-fix-1.diff, 111-smb-client-overflow-fix-2.diff]
Modified: patch-tracking/CVE-2004-0887
==============================================================================
--- patch-tracking/CVE-2004-0887 (original)
+++ patch-tracking/CVE-2004-0887 Sat Jul 15 15:47:34 2006
@@ -11,6 +11,7 @@
dannf> 2.4 looks vulnerable; I've asked waldi's advice on applying it.
Bugs:
upstream:
+linux-2.6.16:
linux-2.6:
2.6.8-sarge-security: released (2.6.8-10) [s390-sacf-fix.dpatch]
2.4.27-sarge-security: released (2.4.27-10sarge2) [206_s390-sacf-fix.diff]
Modified: patch-tracking/CVE-2004-0949
==============================================================================
--- patch-tracking/CVE-2004-0949 (original)
+++ patch-tracking/CVE-2004-0949 Sat Jul 15 15:47:34 2006
@@ -28,6 +28,7 @@
Notes:
Bugs:
upstream: released (2.4.28-rc3), released (2.6.10)
+linux-2.6.16:
linux-2.6: N/A
2.6.8-sarge-security: released (2.6.8-13) [smbfs-overrun.dpatch]
2.4.27-sarge-security: released (2.4.27-6) [111-smb-client-overflow-fix-1.diff, 111-smb-client-overflow-fix-2.diff]
Modified: patch-tracking/CVE-2004-0997
==============================================================================
--- patch-tracking/CVE-2004-0997 (original)
+++ patch-tracking/CVE-2004-0997 Sat Jul 15 15:47:34 2006
@@ -11,6 +11,7 @@
dannf> there is no 2.6.8 mips kernel-image in sarge, so mark it N/A
Bugs:
upstream:
+linux-2.6.16:
linux-2.6:
2.6.8-sarge-security: N/A
2.4.27-sarge-security: ignored (2.4.27-10sarge3)
Modified: patch-tracking/CVE-2004-1016
==============================================================================
--- patch-tracking/CVE-2004-1016 (original)
+++ patch-tracking/CVE-2004-1016 Sat Jul 15 15:47:34 2006
@@ -24,6 +24,7 @@
dannf> on second review, those patches look correct
Bugs:
upstream:
+linux-2.6.16:
linux-2.6: N/A
2.6.8-sarge-security: released (2.6.8-11) [scm_send-dos-fix.dpatch, scm_send-dos-fix2.dpatch]
2.4.27-sarge-security: released (2.4.27-7) [116-cmsg-validation-checks.patch, 118-cmsg-validation-checks-compat.patch]
Modified: patch-tracking/CVE-2004-1017
==============================================================================
--- patch-tracking/CVE-2004-1017 (original)
+++ patch-tracking/CVE-2004-1017 Sat Jul 15 15:47:34 2006
@@ -15,6 +15,7 @@
jmm> The fix is required for 2.6.8
Bugs:
upstream:
+linux-2.6.16:
linux-2.6: released (2.4.31-rc1, 2.6.10)
2.6.8-sarge-security: released (2.6.8-16sarge2) [io_edgeport_overflow.dpatch]
2.4.27-sarge-security: released (2.4.27-9) [137_io_edgeport_overflow.diff]
Modified: patch-tracking/CVE-2004-1056
==============================================================================
--- patch-tracking/CVE-2004-1056 (original)
+++ patch-tracking/CVE-2004-1056 Sat Jul 15 15:47:34 2006
@@ -15,6 +15,7 @@
Notes:
Bugs:
upstream:
+linux-2.6.16:
linux-2.6:
2.6.8-sarge-security: released (2.6.8-11) [drm-locking-fixes.dpatch]
2.4.27-sarge-security: released (2.4.27-8) [121_drm-locking-checks-1.diff, 121_drm-locking-checks-2.diff]
Modified: patch-tracking/CVE-2004-1057
==============================================================================
--- patch-tracking/CVE-2004-1057 (original)
+++ patch-tracking/CVE-2004-1057 Sat Jul 15 15:47:34 2006
@@ -15,6 +15,7 @@
dannf> so I'll mark 2.6 N/A
Bugs:
upstream:
+linux-2.6.16:
linux-2.6: N/A
2.6.8-sarge-security: N/A
2.4.27-sarge-security: released (2.4.27-10) [165_VM_IO.diff]
Modified: patch-tracking/CVE-2004-1058
==============================================================================
--- patch-tracking/CVE-2004-1058 (original)
+++ patch-tracking/CVE-2004-1058 Sat Jul 15 15:47:34 2006
@@ -16,6 +16,7 @@
Notes:
Bugs:
upstream: released (2.4.33-pre2)
+linux-2.6.16:
linux-2.6:
2.6.8-sarge-security: released (2.6.8-14) [proc-cmdline-mmput-leak.dpatch]
2.4.27-sarge-security: released (2.4.27-10sarge2) [203_proc_pid_cmdline_race.diff]
Modified: patch-tracking/CVE-2004-1068
==============================================================================
--- patch-tracking/CVE-2004-1068 (original)
+++ patch-tracking/CVE-2004-1068 Sat Jul 15 15:47:34 2006
@@ -21,6 +21,7 @@
Notes:
Bugs:
upstream: released (2.4.27, 2.6.9)
+linux-2.6.16:
linux-2.6: N/A
2.6.8-sarge-security: released (2.6.8-11)
2.4.27-sarge-security: released (2.4.27-7)
Modified: patch-tracking/CVE-2004-1069
==============================================================================
--- patch-tracking/CVE-2004-1069 (original)
+++ patch-tracking/CVE-2004-1069 Sat Jul 15 15:47:34 2006
@@ -12,6 +12,7 @@
Notes:
Bugs:
upstream:
+linux-2.6.16:
linux-2.6:
2.6.8-sarge-security: released (2.6.8-11)
2.4.27-sarge-security: N/A
Modified: patch-tracking/CVE-2004-1070
==============================================================================
--- patch-tracking/CVE-2004-1070 (original)
+++ patch-tracking/CVE-2004-1070 Sat Jul 15 15:47:34 2006
@@ -18,6 +18,7 @@
Notes:
Bugs:
upstream:
+linux-2.6.16:
linux-2.6:
2.6.8-sarge-security: released (2.6.8-9) [elf-loader-fixes.dpatch, elf-loader-fixes-the-return.dpatch]
2.4.27-sarge-security: released (2.4.27-6) [097-elf_loader_overflow-1.diff, 097-elf_loader_overflow-2.diff, 097-elf_loader_overflow-3.diff, 097-elf_loader_overflow-4.diff]
Modified: patch-tracking/CVE-2004-1071
==============================================================================
--- patch-tracking/CVE-2004-1071 (original)
+++ patch-tracking/CVE-2004-1071 Sat Jul 15 15:47:34 2006
@@ -17,6 +17,7 @@
Notes:
Bugs:
upstream:
+linux-2.6.16:
linux-2.6:
2.6.8-sarge-security: released (2.6.8-9) [elf-loader-fixes.dpatch, elf-loader-fixes-the-return.dpatch]
2.4.27-sarge-security: released (2.4.27-6) [097-elf_loader_overflow-1.diff, 097-elf_loader_overflow-2.diff, 097-elf_loader_overflow-3.diff, 097-elf_loader_overflow-4.diff]
Modified: patch-tracking/CVE-2004-1072
==============================================================================
--- patch-tracking/CVE-2004-1072 (original)
+++ patch-tracking/CVE-2004-1072 Sat Jul 15 15:47:34 2006
@@ -20,6 +20,7 @@
Notes:
Bugs:
upstream:
+linux-2.6.16:
linux-2.6:
2.6.8-sarge-security: released (2.6.8-9) [elf-loader-fixes.dpatch, elf-loader-fixes-the-return.dpatch]
2.4.27-sarge-security: released (2.4.27-6) [097-elf_loader_overflow-1.diff, 097-elf_loader_overflow-2.diff, 097-elf_loader_overflow-3.diff, 097-elf_loader_overflow-4.diff]
Modified: patch-tracking/CVE-2004-1073
==============================================================================
--- patch-tracking/CVE-2004-1073 (original)
+++ patch-tracking/CVE-2004-1073 Sat Jul 15 15:47:34 2006
@@ -16,6 +16,7 @@
Notes:
Bugs:
upstream:
+linux-2.6.16:
linux-2.6:
2.6.8-sarge-security: released (2.6.8-9) [elf-loader-fixes.dpatch, elf-loader-fixes-the-return.dpatch]
2.4.27-sarge-security: released (2.4.27-6) [097-elf_loader_overflow-1.diff, 097-elf_loader_overflow-2.diff, 097-elf_loader_overflow-3.diff, 097-elf_loader_overflow-4.diff]
Modified: patch-tracking/CVE-2004-1074
==============================================================================
--- patch-tracking/CVE-2004-1074 (original)
+++ patch-tracking/CVE-2004-1074 Sat Jul 15 15:47:34 2006
@@ -26,6 +26,7 @@
setting up bss in a.out [fs/binfmt_aout.c, CAN-2004-1074]
Bugs:
upstream:
+linux-2.6.16:
linux-2.6:
2.6.8-sarge-security: released (2.6.8-11) [binfmt-huge-vma-dos.dpatch, binfmt-huge-vma-dos2.dpatch]
2.4.27-sarge-security: released (2.4.27-7) [114-binfmt_aout-CVE-2004-1074.diff]
Modified: patch-tracking/CVE-2004-1137
==============================================================================
--- patch-tracking/CVE-2004-1137 (original)
+++ patch-tracking/CVE-2004-1137 Sat Jul 15 15:47:34 2006
@@ -27,6 +27,7 @@
Notes:
Bugs:
upstream:
+linux-2.6.16:
linux-2.6: N/A
2.6.8-sarge-security: released (2.6.8-11) [igmp-src-list-fix.dpatch]
2.4.27-sarge-security: released (2.4.27-7) [117-igmp-source-filter-fixes.patch]
Modified: patch-tracking/CVE-2004-1144
==============================================================================
--- patch-tracking/CVE-2004-1144 (original)
+++ patch-tracking/CVE-2004-1144 Sat Jul 15 15:47:34 2006
@@ -15,6 +15,7 @@
jmm> # hole because some unrelated changes in 2.5 fixed it as a side effect.
Bugs:
upstream:
+linux-2.6.16:
linux-2.6: N/A
2.6.8-sarge-security: N/A
2.4.27-sarge-security: released (2.4.27-9) [138_amd64_syscall_vuln.diff]
Modified: patch-tracking/CVE-2004-1151
==============================================================================
--- patch-tracking/CVE-2004-1151 (original)
+++ patch-tracking/CVE-2004-1151 Sat Jul 15 15:47:34 2006
@@ -16,6 +16,7 @@
<= 2.4.27 doesn't look vulnerable, and we don't have 2.4/x86_64 anyway.
Bugs:
upstream: released (2.6.10)
+linux-2.6.16:
linux-2.6: N/A
2.6.8-sarge-security: released (2.6.8-11) [arch-x86_64-sys32_ni-overflow.dpatch]
2.4.27-sarge-security: N/A
Modified: patch-tracking/CVE-2004-1190
==============================================================================
--- patch-tracking/CVE-2004-1190 (original)
+++ patch-tracking/CVE-2004-1190 Sat Jul 15 15:47:34 2006
@@ -13,6 +13,7 @@
Notes:
Bugs: 300162
upstream: released (2.6.10)
+linux-2.6.16:
linux-2.6: N/A
2.6.8-sarge-security: released (2.6.8-14) [scsi-ioctl-cmd-warned.dpatch, scsi-ioctl-remove-dup.dpatch, scsi-ioctl-permit.dpatch, SG_IO-cap.dpatch, SG_IO-safe-commands-2.dpatch, SG_IO-safe-commands-3.dpatch, SG_IO-safe-commands-5.dpatch]
2.4.27-sarge-security: ignored (2.4.27-10sarge3)
Modified: patch-tracking/CVE-2004-1234
==============================================================================
--- patch-tracking/CVE-2004-1234 (original)
+++ patch-tracking/CVE-2004-1234 Sat Jul 15 15:47:34 2006
@@ -23,6 +23,7 @@
jmm> fput(interpreter);
Bugs:
upstream: released (2.4.26-rc3)
+linux-2.6.16:
linux-2.6: N/A
2.6.8-sarge-security: N/A
2.4.27-sarge-security: N/A
Modified: patch-tracking/CVE-2004-1235
==============================================================================
--- patch-tracking/CVE-2004-1235 (original)
+++ patch-tracking/CVE-2004-1235 Sat Jul 15 15:47:34 2006
@@ -31,6 +31,7 @@
Notes:
Bugs:
upstream:
+linux-2.6.16:
linux-2.6:
2.6.8-sarge-security: released (2.6.8-12) [028-do_brk_security_fixes.dpatch]
2.4.27-sarge-security: released (2.4.27-8) [122_sec_brk-locked.diff]
Modified: patch-tracking/CVE-2004-1237
==============================================================================
--- patch-tracking/CVE-2004-1237 (original)
+++ patch-tracking/CVE-2004-1237 Sat Jul 15 15:47:34 2006
@@ -17,6 +17,7 @@
jmm> I'm marking it at such, but please double-check someone
Bugs:
upstream: N/A
+linux-2.6.16:
linux-2.6: N/A
2.6.8-sarge-security: N/A
2.4.27-sarge-security: N/A
Modified: patch-tracking/CVE-2004-1333
==============================================================================
--- patch-tracking/CVE-2004-1333 (original)
+++ patch-tracking/CVE-2004-1333 Sat Jul 15 15:47:34 2006
@@ -20,6 +20,7 @@
Notes:
Bugs:
upstream: released (2.6.10)
+linux-2.6.16:
linux-2.6: N/A
2.6.8-sarge-security: released (2.6.8-11) [vt-of-death.dpatch]
2.4.27-sarge-security: released (2.4.27-9) [136_vc_resizing_overflow.diff]
Modified: patch-tracking/CVE-2004-1334
==============================================================================
--- patch-tracking/CVE-2004-1334 (original)
+++ patch-tracking/CVE-2004-1334 Sat Jul 15 15:47:34 2006
@@ -13,6 +13,7 @@
dannf> This is a duplicate of CAN-2004-1016
Bugs:
upstream:
+linux-2.6.16:
linux-2.6: N/A
2.6.8-sarge-security: released (2.6.8-11) [scm_send-dos-fix.dpatch, scm_send-dos-fix2.dpatch]
2.4.27-sarge-security: released (2.4.27-7) [116-cmsg-validation-checks.patch, 118-cmsg-validation-checks-compat.patch]
Modified: patch-tracking/CVE-2004-1335
==============================================================================
--- patch-tracking/CVE-2004-1335 (original)
+++ patch-tracking/CVE-2004-1335 Sat Jul 15 15:47:34 2006
@@ -16,6 +16,7 @@
Notes:
Bugs:
upstream: released (2.6.10)
+linux-2.6.16:
linux-2.6: N/A
2.6.8-sarge-security: released (2.6.8-11) [fix-ip-options-leak.dpatch]
2.4.27-sarge-security: released (2.4.27-9) [135_fix_ip_options_leak.diff]
Modified: patch-tracking/CVE-2004-1337
==============================================================================
--- patch-tracking/CVE-2004-1337 (original)
+++ patch-tracking/CVE-2004-1337 Sat Jul 15 15:47:34 2006
@@ -16,6 +16,7 @@
dannf> This code isn't in <= 2.4.27
Bugs:
upstream: released (2.6.11)
+linux-2.6.16:
linux-2.6: N/A
2.6.8-sarge-security: released (2.6.8-14) [025-track_dummy_capability.dpatch, 027-track_dummy_capability.dpatch]
2.4.27-sarge-security: N/A
Modified: patch-tracking/CVE-2004-2013
==============================================================================
--- patch-tracking/CVE-2004-2013 (original)
+++ patch-tracking/CVE-2004-2013 Sat Jul 15 15:47:34 2006
@@ -16,6 +16,7 @@
jmm> Woody could be affected, though
Bugs:
upstream: released (2.4.26)
+linux-2.6.16:
linux-2.6: N/A
2.6.8-sarge-security: N/A
2.4.27-sarge-security: N/A
Modified: patch-tracking/CVE-2004-2135
==============================================================================
--- patch-tracking/CVE-2004-2135 (original)
+++ patch-tracking/CVE-2004-2135 Sat Jul 15 15:47:34 2006
@@ -17,6 +17,7 @@
jmm> I'm marking all these N/A
Bugs:
upstream:
+linux-2.6.16:
linux-2.6:
2.6.8-sarge-security: ignored (2.6.8-16sarge4)
2.4.27-sarge-security: N/A
Modified: patch-tracking/CVE-2004-2136
==============================================================================
--- patch-tracking/CVE-2004-2136 (original)
+++ patch-tracking/CVE-2004-2136 Sat Jul 15 15:47:34 2006
@@ -13,6 +13,7 @@
jmm> 2.4 doesn't have dm-crypt, though
Bugs:
upstream:
+linux-2.6.16:
linux-2.6:
2.6.8-sarge-security: ignored (2.6.8-16sarge4)
2.4.27-sarge-security: N/A
Modified: patch-tracking/CVE-2004-2302
==============================================================================
--- patch-tracking/CVE-2004-2302 (original)
+++ patch-tracking/CVE-2004-2302 Sat Jul 15 15:47:34 2006
@@ -13,6 +13,7 @@
dannf> sysfs is only in 2.6, so marking 2.4 N/A
Bugs: 322339
upstream: released (2.6.10)
+linux-2.6.16:
linux-2.6: N/A
2.6.8-sarge-security: released (2.6.8-16sarge1) [fs-sysfs-read-write-race.dpatch]
2.4.27-sarge-security: N/A
Modified: patch-tracking/CVE-2004-2536
==============================================================================
--- patch-tracking/CVE-2004-2536 (original)
+++ patch-tracking/CVE-2004-2536 Sat Jul 15 15:47:34 2006
@@ -16,6 +16,7 @@
its just a 2.6 problem. I marked 2.4.27 and the woody kernels N/A
Bugs:
upstream: released (2.6.6)
+linux-2.6.16:
linux-2.6: N/A
2.6.8-sarge-security: N/A
2.4.27-sarge-security: N/A
Modified: patch-tracking/CVE-2004-2607
==============================================================================
--- patch-tracking/CVE-2004-2607 (original)
+++ patch-tracking/CVE-2004-2607 Sat Jul 15 15:47:34 2006
@@ -18,6 +18,7 @@
horms> 2.4.27 is vulnerable, added fix to SVN. Woody is likely vulnerable
Bugs:
upstream: released (2.4.33-pre2), released (2.6.6)
+linux-2.6.16:
linux-2.6: N/A
2.6.8-sarge-security: N/A
2.4.27-sarge-security: released (2.4.27-10sarge2) [200_net_sdla_xfer_leak.diff]
Modified: patch-tracking/CVE-2004-2660
==============================================================================
--- patch-tracking/CVE-2004-2660 (original)
+++ patch-tracking/CVE-2004-2660 Sat Jul 15 15:47:34 2006
@@ -6,6 +6,7 @@
jmm> Vulnerable code not present in 2.4
Bugs:
upstream: released (2.6.10)
+linux-2.6.16:
linux-2.6: N/A
2.6.8-sarge-security: needed
2.4.27-sarge-security: N/A
Modified: patch-tracking/CVE-2005-0001
==============================================================================
--- patch-tracking/CVE-2005-0001 (original)
+++ patch-tracking/CVE-2005-0001 Sat Jul 15 15:47:34 2006
@@ -30,6 +30,7 @@
Notes:
Bugs:
upstream:
+linux-2.6.16:
linux-2.6:
2.6.8-sarge-security: released (2.6.8-13) [034-stack_resize_exploit.dpatch]
2.4.27-sarge-security: released (2.4.27-8) [131_expand_stack_race.diff]
Modified: patch-tracking/CVE-2005-0003
==============================================================================
--- patch-tracking/CVE-2005-0003 (original)
+++ patch-tracking/CVE-2005-0003 Sat Jul 15 15:47:34 2006
@@ -22,6 +22,7 @@
Notes:
Bugs:
upstream: released (2.6.10)
+linux-2.6.16:
linux-2.6: N/A
2.6.8-sarge-security: released (2.6.8-11) [binfmt-huge-vma-dos2.dpatch]
2.4.27-sarge-security: released (2.4.27-9) [145_insert_vm_struct-no-BUG.patch]
Modified: patch-tracking/CVE-2005-0090
==============================================================================
--- patch-tracking/CVE-2005-0090 (original)
+++ patch-tracking/CVE-2005-0090 Sat Jul 15 15:47:34 2006
@@ -11,6 +11,7 @@
Red Hat specific vulnerability
Bugs:
upstream:
+linux-2.6.16:
linux-2.6: N/A
2.6.8-sarge-security: N/A
2.4.27-sarge-security: N/A
Modified: patch-tracking/CVE-2005-0091
==============================================================================
--- patch-tracking/CVE-2005-0091 (original)
+++ patch-tracking/CVE-2005-0091 Sat Jul 15 15:47:34 2006
@@ -11,6 +11,7 @@
Red Hat specific.
Bugs:
upstream: N/A
+linux-2.6.16:
linux-2.6: N/A
2.6.8-sarge-security: N/A
2.4.27-sarge-security: N/A
Modified: patch-tracking/CVE-2005-0092
==============================================================================
--- patch-tracking/CVE-2005-0092 (original)
+++ patch-tracking/CVE-2005-0092 Sat Jul 15 15:47:34 2006
@@ -11,6 +11,7 @@
Red Hat specific.
Bugs:
upstream: N/A
+linux-2.6.16:
linux-2.6: N/A
2.6.8-sarge-security: N/A
2.4.27-sarge-security: N/A
Modified: patch-tracking/CVE-2005-0109
==============================================================================
--- patch-tracking/CVE-2005-0109 (original)
+++ patch-tracking/CVE-2005-0109 Sat Jul 15 15:47:34 2006
@@ -44,6 +44,7 @@
jmm> What did other distributions like Red Hat, SuSE or OWL do?
Bugs:
upstream:
+linux-2.6.16:
linux-2.6:
2.6.8-sarge-security: ignored (2.6.8-16sarge4)
2.4.27-sarge-security: ignored (2.4.27-10sarge4)
Modified: patch-tracking/CVE-2005-0124
==============================================================================
--- patch-tracking/CVE-2005-0124 (original)
+++ patch-tracking/CVE-2005-0124 Sat Jul 15 15:47:34 2006
@@ -17,6 +17,7 @@
dannf> It doesn't look like a fix has ever gone upstream
Bugs:
upstream:
+linux-2.6.16:
linux-2.6:
2.6.8-sarge-security: released (2.6.8-16sarge2) [fs_coda_coverty.dpatch]
2.4.27-sarge-security: released (2.4.27-8)
Modified: patch-tracking/CVE-2005-0135
==============================================================================
--- patch-tracking/CVE-2005-0135 (original)
+++ patch-tracking/CVE-2005-0135 Sat Jul 15 15:47:34 2006
@@ -16,6 +16,7 @@
dannf> This is fixed in kernel-patch-2.4.27-ia64
Bugs:
upstream: released (linux-2.4.29-ia64-050312.diff, 2.6.11)
+linux-2.6.16:
linux-2.6: N/A
2.6.8-sarge-security: released (2.6.8-14) [ia64-unwind-fix.dpatch]
2.4.27-sarge-security: released (2.4.27-10)
Modified: patch-tracking/CVE-2005-0136
==============================================================================
--- patch-tracking/CVE-2005-0136 (original)
+++ patch-tracking/CVE-2005-0136 Sat Jul 15 15:47:34 2006
@@ -6,6 +6,7 @@
dannf> This is fixed in kernel-patch-2.4.27-ia64
Bugs:
upstream: released (linux-2.4.29-ia64-050312.diff, 2.6.11)
+linux-2.6.16:
linux-2.6: N/A
2.6.8-sarge-security: released (2.6.8-14) [ia64-ptrace-fixes.dpatch, ia64-ptrace-speedup.dpatch]
2.4.27-sarge-security: released (2.4.27-10)
Modified: patch-tracking/CVE-2005-0137
==============================================================================
--- patch-tracking/CVE-2005-0137 (original)
+++ patch-tracking/CVE-2005-0137 Sat Jul 15 15:47:34 2006
@@ -11,6 +11,7 @@
dannf> This is actually 2.4 specific - the mitre description is incorrect.
Bugs:
upstream: released (2.4.30-rc2)
+linux-2.6.16:
linux-2.6: N/A
2.6.8-sarge-security: N/A
2.4.27-sarge-security: released (2.4.27-10) [165_arch-ia64-kernel-missing-sysctl.diff]
Modified: patch-tracking/CVE-2005-0176
==============================================================================
--- patch-tracking/CVE-2005-0176 (original)
+++ patch-tracking/CVE-2005-0176 Sat Jul 15 15:47:34 2006
@@ -16,6 +16,7 @@
That is, only 2.6.10 is effected.
Bugs:
upstream: fixed (2.6.10)
+linux-2.6.16:
linux-2.6: N/A
2.6.8-sarge-security: N/A
2.4.27-sarge-security: N/A
Modified: patch-tracking/CVE-2005-0177
==============================================================================
--- patch-tracking/CVE-2005-0177 (original)
+++ patch-tracking/CVE-2005-0177 Sat Jul 15 15:47:34 2006
@@ -14,6 +14,7 @@
dannf> nls_ascii.c isn't in <= 2.4.27
Bugs:
upstream: released (2.6.8.1, 2.6.11)
+linux-2.6.16:
linux-2.6: N/A
2.6.8-sarge-security: released (2.6.8-14) [nls-table-overflow.dpatch]
2.4.27-sarge-security: N/A
Modified: patch-tracking/CVE-2005-0178
==============================================================================
--- patch-tracking/CVE-2005-0178 (original)
+++ patch-tracking/CVE-2005-0178 Sat Jul 15 15:47:34 2006
@@ -18,6 +18,7 @@
Alan> setsid in the same thread as is opening current->tty.
Bugs:
upstream: released (2.6.8.1, 2.6.11)
+linux-2.6.16:
linux-2.6: N/A
2.6.8-sarge-security: released (2.6.8-14) [setsid-race.dpatch]
2.4.27-sarge-security: N/A
Modified: patch-tracking/CVE-2005-0179
==============================================================================
--- patch-tracking/CVE-2005-0179 (original)
+++ patch-tracking/CVE-2005-0179 Sat Jul 15 15:47:34 2006
@@ -11,6 +11,7 @@
jmm> The vulnerable code was only introduced in 2.6.9
Bugs:
upstream:
+linux-2.6.16:
linux-2.6:
2.6.8-sarge-security: N/A
2.4.27-sarge-security: N/A
Modified: patch-tracking/CVE-2005-0180
==============================================================================
--- patch-tracking/CVE-2005-0180 (original)
+++ patch-tracking/CVE-2005-0180 Sat Jul 15 15:47:34 2006
@@ -16,6 +16,7 @@
jmm> intlen and outlen are unsigned ints
Bugs:
upstream:
+linux-2.6.16:
linux-2.6: N/A
2.6.8-sarge-security: released (2.6.8-12) [031-sg_scsi_ioctl_int_overflows.dpatch]
2.4.27-sarge-security: N/A
Modified: patch-tracking/CVE-2005-0204
==============================================================================
--- patch-tracking/CVE-2005-0204 (original)
+++ patch-tracking/CVE-2005-0204 Sat Jul 15 15:47:34 2006
@@ -10,6 +10,7 @@
jmm> 190_outs-2.diff had regressions
Bugs: 296700
upstream:
+linux-2.6.16:
linux-2.6: N/A
2.6.8-sarge-security: released (2.6.8-14) [outs.dpatch]
2.4.27-sarge-security: released (2.4.27-9) [143_outs.diff]
Modified: patch-tracking/CVE-2005-0207
==============================================================================
--- patch-tracking/CVE-2005-0207 (original)
+++ patch-tracking/CVE-2005-0207 Sat Jul 15 15:47:34 2006
@@ -15,6 +15,7 @@
dannf> The vulnerable code doesn't exist in <= 2.4.27
Bugs:
upstream: released (2.6.11)
+linux-2.6.16:
linux-2.6: N/A
2.6.8-sarge-security: released (2.6.8-14) [nfs-O_DIRECT-fix.dpatch]
2.4.27-sarge-security: N/A
Modified: patch-tracking/CVE-2005-0209
==============================================================================
--- patch-tracking/CVE-2005-0209 (original)
+++ patch-tracking/CVE-2005-0209 Sat Jul 15 15:47:34 2006
@@ -13,6 +13,7 @@
Notes:
Bugs:
upstream:
+linux-2.6.16:
linux-2.6:
2.6.8-sarge-security: released (2.6.8-14) [skb-reset-ip_summed.dpatch]
2.4.27-sarge-security: released (2.4.27-9) [134_skb_reset_ip_summed.diff]
Modified: patch-tracking/CVE-2005-0210
==============================================================================
--- patch-tracking/CVE-2005-0210 (original)
+++ patch-tracking/CVE-2005-0210 Sat Jul 15 15:47:34 2006
@@ -13,6 +13,7 @@
Notes:
Bugs:
upstream:
+linux-2.6.16:
linux-2.6:
2.6.8-sarge-security: released (2.6.8-15) [ip_copy_metadata_leak.dpatch, ip6_copy_metadata_leak.dpatch]
2.4.27-sarge-security: released (2.4.27-9) [146_ip6_copy_metadata_leak.diff, 147_ip_copy_metadata_leak.diff]
Modified: patch-tracking/CVE-2005-0384
==============================================================================
--- patch-tracking/CVE-2005-0384 (original)
+++ patch-tracking/CVE-2005-0384 Sat Jul 15 15:47:34 2006
@@ -19,6 +19,7 @@
Notes:
Bugs:
upstream:
+linux-2.6.16:
linux-2.6:
2.6.8-sarge-security: released (2.6.8-15) [drivers-net-ppp_async-fix-dos.dpatch]
2.4.27-sarge-security: released (2.4.27-9) [153_ppp_async_dos.diff]
Modified: patch-tracking/CVE-2005-0400
==============================================================================
--- patch-tracking/CVE-2005-0400 (original)
+++ patch-tracking/CVE-2005-0400 Sat Jul 15 15:47:34 2006
@@ -20,6 +20,7 @@
Notes:
Bugs: 301799 303294
upstream: released (2.6.11.6)
+linux-2.6.16:
linux-2.6: N/A
2.6.8-sarge-security: released (2.6.8-16) [fs-ext2-info-leak.dpatch]
2.4.27-sarge-security: released (2.4.27-10) [156_fs-ext2-info-leak.diff]
Modified: patch-tracking/CVE-2005-0449
==============================================================================
--- patch-tracking/CVE-2005-0449 (original)
+++ patch-tracking/CVE-2005-0449 Sat Jul 15 15:47:34 2006
@@ -15,6 +15,7 @@
150_private_fragment_queues-[1,2].diff are awaiting a 2.4.27 ABI event
Bugs:
upstream: released (2.6.8.1)
+linux-2.6.16:
linux-2.6: N/A
2.6.8-sarge-security: released (2.6.8-16sarge2) [ipv4-fragment-queues-1.dpatch, ipv4-fragment-queues-2.dpatch, ipv4-fragment-queues-3.dpatch, ipv4-fragment-queues-4.dpatch]
2.4.27-sarge-security: released (2.4.27-10sarge2) [150_private_fragment_queues-1.diff, 150_private_fragment_queues-2.diff]
Modified: patch-tracking/CVE-2005-0489
==============================================================================
--- patch-tracking/CVE-2005-0489 (original)
+++ patch-tracking/CVE-2005-0489 Sat Jul 15 15:47:34 2006
@@ -10,6 +10,7 @@
Bugs:
upstream: released (2.4.27-pre1)
+linux-2.6.16:
linux-2.6: N/A
2.6.8-sarge-security: N/A
2.4.27-sarge-security: N/A
Modified: patch-tracking/CVE-2005-0504
==============================================================================
--- patch-tracking/CVE-2005-0504 (original)
+++ patch-tracking/CVE-2005-0504 Sat Jul 15 15:47:34 2006
@@ -7,6 +7,7 @@
Notes:
Bugs:
upstream:
+linux-2.6.16:
linux-2.6:
2.6.8-sarge-security: released (2.6.8-12) [030-moxa_user_copy_checking.dpatch]
2.4.27-sarge-security: released (2.4.27-8) [125_moxa_bound_checking.diff]
Modified: patch-tracking/CVE-2005-0528
==============================================================================
--- patch-tracking/CVE-2005-0528 (original)
+++ patch-tracking/CVE-2005-0528 Sat Jul 15 15:47:34 2006
@@ -17,6 +17,7 @@
jmm> This turned out to be a dupe of CVE-2003-0985
Bugs:
upstream: N/A
+linux-2.6.16:
linux-2.6: N/A
2.6.8-sarge-security: N/A
2.4.27-sarge-security: N/A
Modified: patch-tracking/CVE-2005-0529
==============================================================================
--- patch-tracking/CVE-2005-0529 (original)
+++ patch-tracking/CVE-2005-0529 Sat Jul 15 15:47:34 2006
@@ -19,6 +19,7 @@
dannf> 2.4 doesn't do the signed cast, so it shouldn't be vulnerable
Bugs:
upstream: released (2.6.11)
+linux-2.6.16:
linux-2.6: N/A
2.6.8-sarge-security: released (2.6.8-14) [115-proc_file_read_nbytes_signedness_fix.dpatch]
2.4.27-sarge-security: N/A
Modified: patch-tracking/CVE-2005-0530
==============================================================================
--- patch-tracking/CVE-2005-0530 (original)
+++ patch-tracking/CVE-2005-0530 Sat Jul 15 15:47:34 2006
@@ -26,6 +26,7 @@
marcello> 2^31 would be treated as a negative signed.
Bugs:
upstream: released (2.6.11)
+linux-2.6.16:
linux-2.6: N/A
2.6.8-sarge-security: released (2.6.8-14) [116-n_tty_copy_from_read_buf_signedness_fixes.dpatch]
2.4.27-sarge-security: N/A
Modified: patch-tracking/CVE-2005-0531
==============================================================================
--- patch-tracking/CVE-2005-0531 (original)
+++ patch-tracking/CVE-2005-0531 Sat Jul 15 15:47:34 2006
@@ -15,6 +15,7 @@
Notes:
Bugs:
upstream: released (2.6.11-rc4)
+linux-2.6.16:
linux-2.6: N/A
2.6.8-sarge-security: released (2.6.8-14) [123-atm_get_addr_signedness_fix.dpatch]
2.4.27-sarge-security: released (2.4.27-9) [151_atm_get_addr_signedness_fix.diff]
Modified: patch-tracking/CVE-2005-0532
==============================================================================
--- patch-tracking/CVE-2005-0532 (original)
+++ patch-tracking/CVE-2005-0532 Sat Jul 15 15:47:34 2006
@@ -17,6 +17,7 @@
dannf> Vulnerable code didn't exist in 2.4
Bugs:
upstream: released (2.6.11-rc3)
+linux-2.6.16:
linux-2.6: N/A
2.6.8-sarge-security: released (2.6.8-14) [117-reiserfs_file_64bit_size_t_fixes.dpatch]
2.4.27-sarge-security: N/A
Modified: patch-tracking/CVE-2005-0736
==============================================================================
--- patch-tracking/CVE-2005-0736 (original)
+++ patch-tracking/CVE-2005-0736 Sat Jul 15 15:47:34 2006
@@ -11,6 +11,7 @@
Notes: 2.4.* doesn't have epoll()
Bugs:
upstream: released (2.6.11.2)
+linux-2.6.16:
linux-2.6: N/A
2.6.8-sarge-security: N/A
2.4.27-sarge-security: N/A
Modified: patch-tracking/CVE-2005-0749
==============================================================================
--- patch-tracking/CVE-2005-0749 (original)
+++ patch-tracking/CVE-2005-0749 Sat Jul 15 15:47:34 2006
@@ -16,6 +16,7 @@
Notes:
Bugs: 301799, 303498
upstream: released (2.6.11.6)
+linux-2.6.16:
linux-2.6: N/A
2.6.8-sarge-security: released (2.6.8-16) [fs-binfmt_elf-dos.dpatch]
2.4.27-sarge-security: released (2.4.27-10) [158_fs-binfmt_elf-dos.diff]
Modified: patch-tracking/CVE-2005-0750
==============================================================================
--- patch-tracking/CVE-2005-0750 (original)
+++ patch-tracking/CVE-2005-0750 Sat Jul 15 15:47:34 2006
@@ -20,6 +20,7 @@
Notes:
Bugs: 301799
upstream: released (2.6.11.5)
+linux-2.6.16:
linux-2.6: N/A
2.6.8-sarge-security: released (2.6.8-16) [net-bluetooth-signdness-fix.dpatch]
2.4.27-sarge-security: released (2.4.27-10) [155_net-bluetooth-signdness-fix.diff]
Modified: patch-tracking/CVE-2005-0756
==============================================================================
--- patch-tracking/CVE-2005-0756 (original)
+++ patch-tracking/CVE-2005-0756 Sat Jul 15 15:47:34 2006
@@ -7,6 +7,7 @@
Notes:
Bugs:
upstream:
+linux-2.6.16:
linux-2.6:
2.6.8-sarge-security: released (2.6.8-16sarge1) [arch-x86_64-kernel-ptrace-canonical-rip-2.dpatch]
2.4.27-sarge-security: released (2.4.27-10sarge1)
Modified: patch-tracking/CVE-2005-0757
==============================================================================
--- patch-tracking/CVE-2005-0757 (original)
+++ patch-tracking/CVE-2005-0757 Sat Jul 15 15:47:34 2006
@@ -10,6 +10,7 @@
Bugs:
upstream:
2.4.27-sarge-security: released (2.4.27-10sarge1)
+linux-2.6.16:
linux-2.6: N/A
2.6.8-sarge-security: released (2.6.8-16sarge1) [fs-ext3-64bit-offset.dpatch]
2.4.19-woody-security:
Modified: patch-tracking/CVE-2005-0767
==============================================================================
--- patch-tracking/CVE-2005-0767 (original)
+++ patch-tracking/CVE-2005-0767 Sat Jul 15 15:47:34 2006
@@ -11,6 +11,7 @@
horms> And the bug does not seem to be present in 2.4.27.
Bugs: 297203
upstream: released (2.6.11-rc4)
+linux-2.6.16:
linux-2.6: N/A
2.6.8-sarge-security: released (2.6.8-15)
2.4.27-sarge-security: N/A
Modified: patch-tracking/CVE-2005-0815
==============================================================================
--- patch-tracking/CVE-2005-0815 (original)
+++ patch-tracking/CVE-2005-0815 Sat Jul 15 15:47:34 2006
@@ -16,6 +16,7 @@
Notes:
Bugs: 301799
upstream: released (2.6.12-rc1)
+linux-2.6.16:
linux-2.6: N/A
2.6.8-sarge-security: released (2.6.8-16) [fs-isofs-range-check-1.dpatch, fs-isofs-range-check-2.dpatch, fs-isofs-range-check-3.dpatch]
2.4.27-sarge-security: released (2.4.27-10) [157_fs-isofs-range-check-1.diff, 157_fs-isofs-range-check-2.diff, 157_fs-isofs-range-check-3.diff]
Modified: patch-tracking/CVE-2005-0839
==============================================================================
--- patch-tracking/CVE-2005-0839 (original)
+++ patch-tracking/CVE-2005-0839 Sat Jul 15 15:47:34 2006
@@ -11,6 +11,7 @@
dannf> This file isn't in <= 2.4.27
Bugs: 301372
upstream: released (2.6.11)
+linux-2.6.16:
linux-2.6: N/A
2.6.8-sarge-security: released (2.6.8-16) [drivers-input-serio-nmouse.dpatch]
2.4.27-sarge-security: N/A
Modified: patch-tracking/CVE-2005-0867
==============================================================================
--- patch-tracking/CVE-2005-0867 (original)
+++ patch-tracking/CVE-2005-0867 Sat Jul 15 15:47:34 2006
@@ -11,6 +11,7 @@
jmm> The patch for the vulnerability in question can be found in the BTS
Bugs: 306137
upstream:
+linux-2.6.16:
linux-2.6: N/A
2.6.8-sarge-security: N/A
2.4.27-sarge-security: N/A
Modified: patch-tracking/CVE-2005-0916
==============================================================================
--- patch-tracking/CVE-2005-0916 (original)
+++ patch-tracking/CVE-2005-0916 Sat Jul 15 15:47:34 2006
@@ -11,6 +11,7 @@
Notes:
Bugs:
upstream: released (2.6.12)
+linux-2.6.16:
linux-2.6: released (2.6.12-1)
2.6.8-sarge-security: released (2.6.8-16) [arch-ppc64-hugepage-aio-panic.dpatch]
2.4.27-sarge-security: N/A
Modified: patch-tracking/CVE-2005-0977
==============================================================================
--- patch-tracking/CVE-2005-0977 (original)
+++ patch-tracking/CVE-2005-0977 Sat Jul 15 15:47:34 2006
@@ -14,6 +14,7 @@
aren't in 2.4, so the port isn't trivial for me.
Bugs: 303177
upstream: released (2.6.11)
+linux-2.6.16:
linux-2.6: N/A
2.6.8-sarge-security: released (2.6.8-16) [mm-shmem-truncate.dpatch]
2.4.27-sarge-security: ignored (2.4.27-10sarge3)
Modified: patch-tracking/CVE-2005-1041
==============================================================================
--- patch-tracking/CVE-2005-1041 (original)
+++ patch-tracking/CVE-2005-1041 Sat Jul 15 15:47:34 2006
@@ -10,6 +10,7 @@
horms> for 2.4.27, and it seems fine.
Bugs: 304548
upstream: released (2.6.11.5)
+linux-2.6.16:
linux-2.6: N/A
2.6.8-sarge-security: released (2.6.8-16)
2.4.27-sarge-security: N/A
Modified: patch-tracking/CVE-2005-1263
==============================================================================
--- patch-tracking/CVE-2005-1263 (original)
+++ patch-tracking/CVE-2005-1263 Sat Jul 15 15:47:34 2006
@@ -16,6 +16,7 @@
Notes:
Bugs:
upstream: released (2.2.27-rc2, 2.4.31-pre1, 2.6.12-rc4)
+linux-2.6.16:
linux-2.6: N/A
2.6.8-sarge-security: released (2.6.8-16)
2.4.27-sarge-security: released (2.4.27-10)
Modified: patch-tracking/CVE-2005-1264
==============================================================================
--- patch-tracking/CVE-2005-1264 (original)
+++ patch-tracking/CVE-2005-1264 Sat Jul 15 15:47:34 2006
@@ -18,6 +18,7 @@
dannf> Code is very different in 2.4, don't know if its vulnerable
Bugs:
upstream: released (2.6.11.10)
+linux-2.6.16:
linux-2.6: N/A
2.6.8-sarge-security: released (2.6.8-16) [drivers-block-raw-ioctl.dpatch]
2.4.27-sarge-security: ignored (2.4.27-10sarge3)
Modified: patch-tracking/CVE-2005-1265
==============================================================================
--- patch-tracking/CVE-2005-1265 (original)
+++ patch-tracking/CVE-2005-1265 Sat Jul 15 15:47:34 2006
@@ -9,6 +9,7 @@
dannf> Code is very different in 2.4; dunno if its vulnerable
Bugs:
upstream:
+linux-2.6.16:
linux-2.6:
2.6.8-sarge-security: released (2.6.8-16sarge1) [mm-mmap-range-test.dpatch]
2.4.27-sarge-security: ignored (2.4.27-10sarge3)
Modified: patch-tracking/CVE-2005-1368
==============================================================================
--- patch-tracking/CVE-2005-1368 (original)
+++ patch-tracking/CVE-2005-1368 Sat Jul 15 15:47:34 2006
@@ -12,6 +12,7 @@
jmm> The code in question isn't present in Woody either
Bugs:
upstream: released (2.6.11.8)
+linux-2.6.16:
linux-2.6: N/A
2.6.8-sarge-security: N/A
2.4.27-sarge-security: N/A
Modified: patch-tracking/CVE-2005-1369
==============================================================================
--- patch-tracking/CVE-2005-1369 (original)
+++ patch-tracking/CVE-2005-1369 Sat Jul 15 15:47:34 2006
@@ -12,6 +12,7 @@
jmm> These drivers are not present in 2.4
Bugs: 307552
upstream: released (2.6.11.8)
+linux-2.6.16:
linux-2.6: N/A
2.6.8-sarge-security: released (2.6.8-16)
2.4.27-sarge-security: N/A
Modified: patch-tracking/CVE-2005-1589
==============================================================================
--- patch-tracking/CVE-2005-1589 (original)
+++ patch-tracking/CVE-2005-1589 Sat Jul 15 15:47:34 2006
@@ -24,6 +24,7 @@
horms> 2.4.27 does not appear to be vulnerable to either of these problems.
Bugs: 309429
upstream: released (2.6.11.10), released (2.6.12-rc5)
+linux-2.6.16:
linux-2.6: N/A
2.6.8-sarge-security: released (2.6.8-16)
2.4.27-sarge-security: N/A
Modified: patch-tracking/CVE-2005-1761
==============================================================================
--- patch-tracking/CVE-2005-1761 (original)
+++ patch-tracking/CVE-2005-1761 Sat Jul 15 15:47:34 2006
@@ -13,6 +13,7 @@
dannf> trivially
Bugs:
upstream: released (2.6.12.1)
+linux-2.6.16:
linux-2.6: N/A
2.6.8-sarge-security: released (2.6.8-16sarge1) [arch-x86_64-private-tss.dpatch, arch-x86_64-nmi.dpatch, arch-ia64-ptrace-getregs-putregs.dpatch, arch-ia64-ptrace-restore_sigcontext.dpatch]
2.4.27-sarge-security: released (2.4.27-10sarge2) [204_arch-ia64-ptrace-getregs-putregs.diff, 205_arch-ia64-ptrace-restore_sigcontext.diff]
Modified: patch-tracking/CVE-2005-1762
==============================================================================
--- patch-tracking/CVE-2005-1762 (original)
+++ patch-tracking/CVE-2005-1762 Sat Jul 15 15:47:34 2006
@@ -10,6 +10,7 @@
Notes:
Bugs:
upstream: released (2.6.12-rc5)
+linux-2.6.16:
linux-2.6: N/A
2.6.8-sarge-security: released (2.6.8-16sarge1) [arch-x86_64-kernel-ptrace-canonical-rip-1.dpatch]
2.4.27-sarge-security: released (2.4.27-10sarge1) [169_arch-x86_64-kernel-ptrace-canonical-rip-1.dpatch]
Modified: patch-tracking/CVE-2005-1763
==============================================================================
--- patch-tracking/CVE-2005-1763 (original)
+++ patch-tracking/CVE-2005-1763 Sat Jul 15 15:47:34 2006
@@ -10,6 +10,7 @@
dannf> The question is, does this affect other 64-bit archs?
Bugs:
upstream: released (2.6.12-rc5)
+linux-2.6.16:
linux-2.6: N/A
2.6.8-sarge-security: released (2.6.8-16sarge1) [arch-x86_64-kernel-ptrace-boundary-check.dpatch]
2.4.27-sarge-security: ignored (2.4.27-10sarge4)
Modified: patch-tracking/CVE-2005-1764
==============================================================================
--- patch-tracking/CVE-2005-1764 (original)
+++ patch-tracking/CVE-2005-1764 Sat Jul 15 15:47:34 2006
@@ -20,6 +20,7 @@
2.6.8-sarge-security: N/A
2.4.27-sid/sarge: N/A
2.4.27-sarge-security: N/A
+linux-2.6.16:
linux-2.6: N/A
2.4.19-woody-security: N/A
2.4.18-woody-security: N/A
Modified: patch-tracking/CVE-2005-1765
==============================================================================
--- patch-tracking/CVE-2005-1765 (original)
+++ patch-tracking/CVE-2005-1765 Sat Jul 15 15:47:34 2006
@@ -12,6 +12,7 @@
I'll mark 2.4 N/A
Bugs:
upstream:
+linux-2.6.16:
linux-2.6:
2.6.8-sarge-security: released (2.6.8-16sarge1) [arch-x86_64-mm-mmap.dpatch]
2.4.27-sarge-security: N/A
Modified: patch-tracking/CVE-2005-1767
==============================================================================
--- patch-tracking/CVE-2005-1767 (original)
+++ patch-tracking/CVE-2005-1767 Sat Jul 15 15:47:34 2006
@@ -11,6 +11,7 @@
Horms> This is amd64 specific, and thus should not affect 2.4
Bugs:
upstream: 2.6.12/2.4.32
+linux-2.6.16:
linux-2.6: N/A
2.6.8-sarge-security: released (2.6.8-16sarge1) [arch-x86_64-kernel-stack-faults.dpatch, arch-x86_64-nmi.dpatch, arch-x86_64-kernel-stack-faults.dpatch]
2.4.27-sarge-security: released (2.4.27-10sarge1) [181_arch-x86_64-kernel-stack-faults.diff]
Modified: patch-tracking/CVE-2005-1768
==============================================================================
--- patch-tracking/CVE-2005-1768 (original)
+++ patch-tracking/CVE-2005-1768 Sat Jul 15 15:47:34 2006
@@ -24,6 +24,7 @@
2.6.8-sarge-security: N/A
2.4.27-sid/sarge: released (2.4.27-11)
2.4.27-sarge-security: released (2.4.27-10sarge1)
+linux-2.6.16:
linux-2.6: N/A
2.4.19-woody-security:
2.4.18-woody-security:
Modified: patch-tracking/CVE-2005-1913
==============================================================================
--- patch-tracking/CVE-2005-1913 (original)
+++ patch-tracking/CVE-2005-1913 Sat Jul 15 15:47:34 2006
@@ -27,6 +27,7 @@
2.6.8-sarge-security: N/A
2.4.27-sid/sarge: N/A
2.4.27-sarge-security: N/A
+linux-2.6.16:
linux-2.6: released (2.6.12-1) [linux-2.6.12.1.patch]
2.4.19-woody-security:
2.4.18-woody-security:
Modified: patch-tracking/CVE-2005-2098
==============================================================================
--- patch-tracking/CVE-2005-2098 (original)
+++ patch-tracking/CVE-2005-2098 Sat Jul 15 15:47:34 2006
@@ -23,6 +23,7 @@
2.6.8-sarge-security: N/A
2.4.27-sid/sarge: N/A
2.4.27-sarge-security: N/A
+linux-2.6.16:
linux-2.6: released (2.6.12-3) [linux-2.6.12.5.patch]
2.4.19-woody-security:
2.4.18-woody-security:
Modified: patch-tracking/CVE-2005-2099
==============================================================================
--- patch-tracking/CVE-2005-2099 (original)
+++ patch-tracking/CVE-2005-2099 Sat Jul 15 15:47:34 2006
@@ -22,6 +22,7 @@
2.6.8-sarge-security: N/A
2.4.27-sid/sarge: N/A
2.4.27-sarge-security: N/A
+linux-2.6.16:
linux-2.6: released (2.6.12-3) [linux-2.6.12.5.patch]
2.4.19-woody-security:
2.4.18-woody-security:
Modified: patch-tracking/CVE-2005-2100
==============================================================================
--- patch-tracking/CVE-2005-2100 (original)
+++ patch-tracking/CVE-2005-2100 Sat Jul 15 15:47:34 2006
@@ -12,6 +12,7 @@
in Upstream or Debian Kernels.
Bugs:
upstream:
+linux-2.6.16:
linux-2.6: N/A
2.6.8-sarge-security: N/A
2.4.27-sarge-security: N/A
Modified: patch-tracking/CVE-2005-2456
==============================================================================
--- patch-tracking/CVE-2005-2456 (original)
+++ patch-tracking/CVE-2005-2456 Sat Jul 15 15:47:34 2006
@@ -20,6 +20,7 @@
Notes:
Bugs: 321401
upstream:
+linux-2.6.16:
linux-2.6: released (2.6.12-2)
2.6.8-sarge-security: released (2.6.8-16sarge1)
2.4.27-sarge-security: released (2.4.27-10sarge1) [176_ipsec-array-overflow.diff]
Modified: patch-tracking/CVE-2005-2457
==============================================================================
--- patch-tracking/CVE-2005-2457 (original)
+++ patch-tracking/CVE-2005-2457 Sat Jul 15 15:47:34 2006
@@ -17,6 +17,7 @@
2.6.8-sarge-security: released (2.6.8-16sarge2) [zisofs.diff]
2.4.27-sid/sarge: pending [187_zisofs-2.diff]
2.4.27-sarge-security: released (2.4.27-10sarge2) [187_zisofs-2.diff]
+linux-2.6.16:
linux-2.6: released (2.6.12-3) [linux-2.6.12.5.patch]
2.4.19-woody-security:
2.4.18-woody-security:
Modified: patch-tracking/CVE-2005-2458
==============================================================================
--- patch-tracking/CVE-2005-2458 (original)
+++ patch-tracking/CVE-2005-2458 Sat Jul 15 15:47:34 2006
@@ -19,6 +19,7 @@
allows remote attackers to cause a denial of service (kernel crash)
via a compressed file with "improper tables".
upstream: released (2.6.12.5)
+linux-2.6.16:
linux-2.6: released (2.6.12-3) [linux-2.6.12.5.patch]
2.6.8-sarge-security: released (2.6.8-16sarge1) [linux-zlib-fixes.dpatch]
2.4.27-sid/sarge: released (2.4.27-11) [182_linux-zlib-fixes.diff]
Modified: patch-tracking/CVE-2005-2459
==============================================================================
--- patch-tracking/CVE-2005-2459 (original)
+++ patch-tracking/CVE-2005-2459 Sat Jul 15 15:47:34 2006
@@ -18,6 +18,7 @@
http://kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.12.6
We included the broken fix in the sarge1 releases, so this backs it out.
upstream: released (2.6.12.5)
+linux-2.6.16:
linux-2.6: released (2.6.12.3)
2.6.8-sarge-security: released (2.6.8-16sarge1) [linux-zlib-fixes.dpatch]
2.4.27-sid/sarge: released (2.4.27-11) [182_linux-zlib-fixes.diff]
Modified: patch-tracking/CVE-2005-2490
==============================================================================
--- patch-tracking/CVE-2005-2490 (original)
+++ patch-tracking/CVE-2005-2490 Sat Jul 15 15:47:34 2006
@@ -23,6 +23,7 @@
by calling sendmsg and modifying the message contents in another
thread.
upstream: released (2.6.13.1), released (2.4.33-pre1)
+linux-2.6.16:
linux-2.6: released (2.6.12-7, 2.6.13-1) [sendmsg-stackoverflow.patch, linux-2.6.13.1.patch]
2.6.8-sarge-security: released (2.6.8-16sarge2) [sendmsg-stackoverflow.dpatch]
2.4.27-sid/sarge: N/A
Modified: patch-tracking/CVE-2005-2492
==============================================================================
--- patch-tracking/CVE-2005-2492 (original)
+++ patch-tracking/CVE-2005-2492 Sat Jul 15 15:47:34 2006
@@ -22,6 +22,7 @@
allows local users to cause a denial of service (change hardware
state) or read from arbitrary memory via crafted input.
upstream: released (2.6.13.1)
+linux-2.6.16:
linux-2.6: released (2.6.12-7, 2.6.13-1) [sendmsg-DoS.patch, linux-2.6.13.1.patch]
2.6.8-sarge-security: N/A
2.4.27-sid/sarge: N/A
Modified: patch-tracking/CVE-2005-2548
==============================================================================
--- patch-tracking/CVE-2005-2548 (original)
+++ patch-tracking/CVE-2005-2548 Sat Jul 15 15:47:34 2006
@@ -17,6 +17,7 @@
2.6.8-sarge-security: released (2.6.8-16sarge1) [vlan-mii-ioctl.dpatch]
2.4.27-sid/sarge: N/A
2.4.27-sarge-security: N/A
+linux-2.6.16:
linux-2.6: N/A
2.4.19-woody-security:
2.4.18-woody-security:
Modified: patch-tracking/CVE-2005-2553
==============================================================================
--- patch-tracking/CVE-2005-2553 (original)
+++ patch-tracking/CVE-2005-2553 Sat Jul 15 15:47:34 2006
@@ -11,6 +11,7 @@
the -i option on a 64-bit executable program.
Bugs:
upstream: released (2.4.29)
+linux-2.6.16:
linux-2.6: N/A
2.6.8-sarge-security: N/A
2.4.27-sid/sarge: pending [184_arch-x86_64-ia32-ptrace32-oops.diff]
Modified: patch-tracking/CVE-2005-2555
==============================================================================
--- patch-tracking/CVE-2005-2555 (original)
+++ patch-tracking/CVE-2005-2555 Sat Jul 15 15:47:34 2006
@@ -9,6 +9,7 @@
Notes:
Bugs:
upstream: released (2.6.13)
+linux-2.6.16:
linux-2.6: released (2.6.13-1)
2.6.8-sarge-security: released (2.6.8-16sarge2)
2.4.27-sarge-security: released (2.4.27-10sarge2)
Modified: patch-tracking/CVE-2005-2708
==============================================================================
--- patch-tracking/CVE-2005-2708 (original)
+++ patch-tracking/CVE-2005-2708 Sat Jul 15 15:47:34 2006
@@ -12,6 +12,7 @@
Debian
Bugs:
upstream: released (2.4.33-pre1)
+linux-2.6.16:
linux-2.6: N/A
2.6.8-sarge-security: N/A
2.4.27-sarge-security: N/A
Modified: patch-tracking/CVE-2005-2709
==============================================================================
--- patch-tracking/CVE-2005-2709 (original)
+++ patch-tracking/CVE-2005-2709 Sat Jul 15 15:47:34 2006
@@ -18,6 +18,7 @@
**THIS IS AN ABI CHANGE**
Bug:
upstream: released (2.6.14.1), released (2.4.33-pre1)
+linux-2.6.16:
linux-2.6: released (2.6.14-3)
2.6.8-sarge-security: released (2.6.8-16sarge2) [sysctl-unregistration-oops.dpatch]
2.4.27-sarge-security: released (2.4.27-10sarge2) [196_sysctl-unregistration-oops.patch]
Modified: patch-tracking/CVE-2005-2800
==============================================================================
--- patch-tracking/CVE-2005-2800 (original)
+++ patch-tracking/CVE-2005-2800 Sat Jul 15 15:47:34 2006
@@ -12,6 +12,7 @@
dannf> There's a trivial test case - can it be reproduce this on 2.4?
Bugs:
upstream: released (2.6.12.6)
+linux-2.6.16:
linux-2.6: released (2.6.12-6)
2.6.8-sarge-security: released (2.6.8-16sarge2)
2.4.27-sarge-security: N/A
Modified: patch-tracking/CVE-2005-2801
==============================================================================
--- patch-tracking/CVE-2005-2801 (original)
+++ patch-tracking/CVE-2005-2801 Sat Jul 15 15:47:34 2006
@@ -16,6 +16,7 @@
2.6.8-sarge-security: released (2.6.8-16sarge1) [fs_ext2_ext3_xattr-sharing.dpatch]
2.4.27-sarge-security: released (2.4.27-10sarge1) [178_fs_ext2_ext3_xattr-sharing.diff]
2.4.27-sid: released (2.4.27-12) [178_fs_ext2_ext3_xattr-sharing.diff]
+linux-2.6.16:
linux-2.6: N/A
2.4.19-woody-security:
2.4.18-woody-security:
Modified: patch-tracking/CVE-2005-2872
==============================================================================
--- patch-tracking/CVE-2005-2872 (original)
+++ patch-tracking/CVE-2005-2872 Sat Jul 15 15:47:34 2006
@@ -21,6 +21,7 @@
2.6.8-sarge-security: released (2.6.8-16sarge1) [net-ipv4-netfilter-ip_recent-last_pkts.dpatch]
2.4.27-sid/sarge: released (2.4.27-12) [179_net-ipv4-netfilter-ip_recent-last_pkts.diff]
2.4.27-sarge-security: released (2.4.27-10sarge1) [179_net-ipv4-netfilter-ip_recent-last_pkts.diff]
+linux-2.6.16:
linux-2.6: N/A
2.4.19-woody-security:
2.4.18-woody-security:
Modified: patch-tracking/CVE-2005-2873
==============================================================================
--- patch-tracking/CVE-2005-2873 (original)
+++ patch-tracking/CVE-2005-2873 Sat Jul 15 15:47:34 2006
@@ -19,6 +19,7 @@
http://lists.debian.org/debian-kernel/2005/09/msg00257.html
upstream: vulnerable
Bugs: 332381, 332231, 332228
+linux-2.6.16:
linux-2.6: needed
2.6.8-sarge-security: ignored (2.6.8-16sarge4)
2.4.27-sid/sarge: needed
Modified: patch-tracking/CVE-2005-2973
==============================================================================
--- patch-tracking/CVE-2005-2973 (original)
+++ patch-tracking/CVE-2005-2973 Sat Jul 15 15:47:34 2006
@@ -11,6 +11,7 @@
2.6.8-sarge-security: released (2.6.8-16sarge2) [net-ipv6-udp_v6_get_port-loop.patch]
2.4.27-sarge-security: released (2.4.27-10sarge2) [195_net-ipv6-udp_v6_get_port-loop.diff]
2.4.27-sarge/sid: pending (2.4.27-12)
+linux-2.6.16:
linux-2.6: released (2.6.13+2.6.14-rc4-0experimental.1)
2.4.19-woody-security:
2.4.18-woody-security:
Modified: patch-tracking/CVE-2005-3044
==============================================================================
--- patch-tracking/CVE-2005-3044 (original)
+++ patch-tracking/CVE-2005-3044 Sat Jul 15 15:47:34 2006
@@ -23,6 +23,7 @@
micah> have two patches... if you look at them they look REALLY similar, but they aren't
micah> dont be fooled
upstream: released (2.6.13.2)
+linux-2.6.16:
linux-2.6: released (2.6.12-7, 2.6.13-1) [lost-fput-in-32bit-ioctl-on-x86-64.patch, linux-2.6.13.2.patch]
2.6.8-sarge-security: released (2.6.8-16sarge2) [lost-fput-in-32bit-ioctl-on-x86-64.dpatch, lost-sockfd_put-in-32bit-compat-routing_ioctl.patch]
2.4.27-sid/sarge: needed
Modified: patch-tracking/CVE-2005-3053
==============================================================================
--- patch-tracking/CVE-2005-3053 (original)
+++ patch-tracking/CVE-2005-3053 Sat Jul 15 15:47:34 2006
@@ -15,6 +15,7 @@
Notes:
horms> http://lkml.org/lkml/2005/9/30/218
upstream: released (2.6.12.5)
+linux-2.6.16:
linux-2.6: released (2.6.12-3)
2.6.8-sarge-security: released (2.6.8-16sarge2) [mempolicy-check-mode.dpatch]
2.4.27-sid/sarge: N/A
Modified: patch-tracking/CVE-2005-3055
==============================================================================
--- patch-tracking/CVE-2005-3055 (original)
+++ patch-tracking/CVE-2005-3055 Sat Jul 15 15:47:34 2006
@@ -20,6 +20,7 @@
horms> http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=330287;msg=21
Bugs: 330287, 332587
upstream: released (2.6.14-rc4)
+linux-2.6.16:
linux-2.6: released (2.6.14-1)
2.6.8-sarge-security: released (2.6.8-16sarge2)
2.4.27-sid/sarge: N/A
Modified: patch-tracking/CVE-2005-3105
==============================================================================
--- patch-tracking/CVE-2005-3105 (original)
+++ patch-tracking/CVE-2005-3105 Sat Jul 15 15:47:34 2006
@@ -29,6 +29,7 @@
2.6.8-sarge-security: released (2.6.8-16sarge1) [mckinley_icache.dpatch]
2.4.27-sid/sarge: needed
2.4.27-sarge-security: ignored (2.4.27-10sarge3)
+linux-2.6.16:
linux-2.6: N/A
2.4.19-woody-security:
2.4.18-woody-security:
Modified: patch-tracking/CVE-2005-3106
==============================================================================
--- patch-tracking/CVE-2005-3106 (original)
+++ patch-tracking/CVE-2005-3106 Sat Jul 15 15:47:34 2006
@@ -23,6 +23,7 @@
2.6.8-sarge-security: released (2.6.8-16sarge1) [fs-exec-ptrace-core-exec-race.dpatch]
2.4.27-sid/sarge: N/A
2.4.27-sarge-security: N/A
+linux-2.6.16:
linux-2.6: N/A
2.4.19-woody-security:
2.4.18-woody-security:
Modified: patch-tracking/CVE-2005-3107
==============================================================================
--- patch-tracking/CVE-2005-3107 (original)
+++ patch-tracking/CVE-2005-3107 Sat Jul 15 15:47:34 2006
@@ -23,6 +23,7 @@
2.6.8-sarge-security: released (2.6.8-16sarge1) [fs-exec-ptrace-deadlock.dpatch]
2.4.27-sid/sarge: N/A
2.4.27-sarge-security: N/A
+linux-2.6.16:
linux-2.6: N/A
2.4.19-woody-security:
2.4.18-woody-security:
Modified: patch-tracking/CVE-2005-3108
==============================================================================
--- patch-tracking/CVE-2005-3108 (original)
+++ patch-tracking/CVE-2005-3108 Sat Jul 15 15:47:34 2006
@@ -21,6 +21,7 @@
2.6.8-sarge-security: released (2.6.8-16sarge1) [arch-x86_64-mm-ioremap-page-lookup.dpatch]
2.4.27-sid/sarge: N/A
2.4.27-sarge-security: N/A
+linux-2.6.16:
linux-2.6: N/A
2.4.19-woody-security:
2.4.18-woody-security:
Modified: patch-tracking/CVE-2005-3109
==============================================================================
--- patch-tracking/CVE-2005-3109 (original)
+++ patch-tracking/CVE-2005-3109 Sat Jul 15 15:47:34 2006
@@ -22,6 +22,7 @@
2.6.8-sarge-security: released (2.6.8-16sarge1) [fs-hfs-oops-and-leak.dpatch]
2.4.27-sid/sarge: N/A
2.4.27-sarge-security: N/A
+linux-2.6.16:
linux-2.6: N/A
2.4.19-woody-security: N/A
2.4.18-woody-security: N/A
Modified: patch-tracking/CVE-2005-3110
==============================================================================
--- patch-tracking/CVE-2005-3110 (original)
+++ patch-tracking/CVE-2005-3110 Sat Jul 15 15:47:34 2006
@@ -22,6 +22,7 @@
2.6.8-sarge-security: released (2.6.8-16sarge1) [net-bridge-netfilter-etables-smp-race.dpatch]
2.4.27-sid/sarge: N/A
2.4.27-sarge-security: N/A
+linux-2.6.16:
linux-2.6: N/A
2.4.19-woody-security:
2.4.18-woody-security:
Modified: patch-tracking/CVE-2005-3119
==============================================================================
--- patch-tracking/CVE-2005-3119 (original)
+++ patch-tracking/CVE-2005-3119 Sat Jul 15 15:47:34 2006
@@ -17,6 +17,7 @@
.
dannf> This file doesn't exist in 2.6.8, so sarge isn't vulnerable
upstream: released (2.6.13.4, 2.6.14)
+linux-2.6.16:
linux-2.6: released (2.6.13+2.6.14-rc4-0experimental.1)
2.6.8-sarge-security: N/A
2.4.27-sid/sarge: N/A
Modified: patch-tracking/CVE-2005-3179
==============================================================================
--- patch-tracking/CVE-2005-3179 (original)
+++ patch-tracking/CVE-2005-3179 Sat Jul 15 15:47:34 2006
@@ -14,6 +14,7 @@
> > Please consider for next 2.6.13, it is a minor security issue allowing
> > users to turn on drm debugging when they shouldn't...
upstream: released (2.6.13.4)
+linux-2.6.16:
linux-2.6: released (2.6.13+2.6.14-rc4-0experimental.1)
2.6.8-sarge-security: N/A
2.4.27-sid/sarge: N/A
Modified: patch-tracking/CVE-2005-3180
==============================================================================
--- patch-tracking/CVE-2005-3180 (original)
+++ patch-tracking/CVE-2005-3180 Sat Jul 15 15:47:34 2006
@@ -19,6 +19,7 @@
horms> defined elsewhere in 2.4.
horms> is added by 192_orinoco-info-leak-2.diff
upstream: released (2.6.13.4), released (2.4.33-pre2)
+linux-2.6.16:
linux-2.6: released (2.6.13+2.6.14-rc4-0experimental.1)
2.6.8-sarge-security: released (2.6.8-16sarge2) [orinoco-info-leak.dpatch]
2.4.27-sarge-security: released (2.4.27-10sarge2) [192_orinoco-info-leak.diff, 192_orinoco-info-leak-2.diff]
Modified: patch-tracking/CVE-2005-3181
==============================================================================
--- patch-tracking/CVE-2005-3181 (original)
+++ patch-tracking/CVE-2005-3181 Sat Jul 15 15:47:34 2006
@@ -14,6 +14,7 @@
2.6.8-sarge-security: released (2.6.8-16sarge2)
2.4.27-sarge-security: N/A
2.4.27-sarge/sid: N/A
+linux-2.6.16:
linux-2.6: released (2.6.13+2.6.14-rc4-0experimental.1)
2.4.19-woody-security:
2.4.18-woody-security:
Modified: patch-tracking/CVE-2005-3257
==============================================================================
--- patch-tracking/CVE-2005-3257 (original)
+++ patch-tracking/CVE-2005-3257 Sat Jul 15 15:47:34 2006
@@ -15,6 +15,7 @@
upstream: released (2.4.32-rc3), released (2.6.15-rc1), released (2.6.14.4)
2.6.8-sarge-security: released (2.6.8-16sarge2) [setkeys-needs-root-1.dpatch, setkeys-needs-root-2.dpatch]
2.4.27-sarge-security: released (2.4.27-10sarge2) [197_setkeys-needs-root-1.diff, 197_setkeys-needs-root-2.diff]
+linux-2.6.16:
linux-2.6: released (2.6.14-6)
2.4.19-woody-security:
2.4.18-woody-security:
Modified: patch-tracking/CVE-2005-3271
==============================================================================
--- patch-tracking/CVE-2005-3271 (original)
+++ patch-tracking/CVE-2005-3271 Sat Jul 15 15:47:34 2006
@@ -14,6 +14,7 @@
upstream: released (2.6.9)
2.6.8-sarge-security: released (2.6.8-16sarge1) [fs-exec-posix-timers-leak-1.dpatch]
2.4.27-sarge-security: N/A
+linux-2.6.16:
linux-2.6: N/A
2.4.19-woody-security:
2.4.18-woody-security:
Modified: patch-tracking/CVE-2005-3272
==============================================================================
--- patch-tracking/CVE-2005-3272 (original)
+++ patch-tracking/CVE-2005-3272 Sat Jul 15 15:47:34 2006
@@ -10,6 +10,7 @@
upstream: released (2.6.12)
2.6.8-sarge-security: released (2.6.8-16sarge1) [net-bridge-forwarding-poison-1.dpatch, net-bridge-mangle-oops-1.dpatch, net-bridge-mangle-oops-2.dpatch]
2.4.27-sarge-security: N/A
+linux-2.6.16:
linux-2.6: released (2.6.12-1)
2.4.19-woody-security:
2.4.18-woody-security:
Modified: patch-tracking/CVE-2005-3273
==============================================================================
--- patch-tracking/CVE-2005-3273 (original)
+++ patch-tracking/CVE-2005-3273 Sat Jul 15 15:47:34 2006
@@ -12,6 +12,7 @@
upstream: released (2.6.12)
2.6.8-sarge-security: released (2.6.8-16sarge1) [net-rose-ndigis-verify.dpatch]
2.4.27-sarge-security: N/A
+linux-2.6.16:
linux-2.6: released (2.6.12-1)
2.4.19-woody-security:
2.4.18-woody-security:
Modified: patch-tracking/CVE-2005-3274
==============================================================================
--- patch-tracking/CVE-2005-3274 (original)
+++ patch-tracking/CVE-2005-3274 Sat Jul 15 15:47:34 2006
@@ -12,6 +12,7 @@
appropriate lock is acquired.
Bugs:
upstream: released (2.6.13, 2.4.32-pre2)
+linux-2.6.16:
linux-2.6: released (2.6.13-1)
2.6.8-sarge-security: released (2.6.8-16sarge1) [net-ipv4-ipvs-conn_tab-race.dpatch]
2.4.27-sarge-security: released (2.4.27-10sarge1)
Modified: patch-tracking/CVE-2005-3275
==============================================================================
--- patch-tracking/CVE-2005-3275 (original)
+++ patch-tracking/CVE-2005-3275 Sat Jul 15 15:47:34 2006
@@ -13,6 +13,7 @@
upstream: released (2.6.12.3)
2.6.8-sarge-security: released (2.6.8-16sarge1) [netfilter-NAT-memory-corruption.dpatch]
2.4.27-sarge-security: released (2.4.27-10sarge1) [174_net-ipv4-netfilter-nat-mem.diff]
+linux-2.6.16:
linux-2.6: released (2.6.12-1)
2.4.19-woody-security:
2.4.18-woody-security:
Modified: patch-tracking/CVE-2005-3276
==============================================================================
--- patch-tracking/CVE-2005-3276 (original)
+++ patch-tracking/CVE-2005-3276 Sat Jul 15 15:47:34 2006
@@ -9,6 +9,7 @@
to userspace, resulting in a small information leak.
Bugs:
upstream: released (2.6.12.4)
+linux-2.6.16:
linux-2.6: released (2.6.12-2)
2.6.8-sarge-security: released (2.6.8-16sarge1) [sys_get_thread_area-leak.dpatch]
2.4.27-sarge-security: N/A
Modified: patch-tracking/CVE-2005-3356
==============================================================================
--- patch-tracking/CVE-2005-3356 (original)
+++ patch-tracking/CVE-2005-3356 Sat Jul 15 15:47:34 2006
@@ -23,6 +23,7 @@
jmm> Discovered by Doug Chapman
Bugs:
upstream: released (2.6.15.2)
+linux-2.6.16:
linux-2.6: released (2.6.15-4)
2.6.8-sarge-security: released (2.6.8-16sarge2)
2.4.27-sarge-security: N/A
Modified: patch-tracking/CVE-2005-3358
==============================================================================
--- patch-tracking/CVE-2005-3358 (original)
+++ patch-tracking/CVE-2005-3358 Sat Jul 15 15:47:34 2006
@@ -10,6 +10,7 @@
jmm> turned out to be wrong.
Bugs:
upstream: released (2.6.15)
+linux-2.6.16:
linux-2.6: released (2.6.15-1)
2.6.8-sarge-security: released (2.6.8-16sarge2) [mempolicy-undefined-nodes.dpatch]
2.4.27-sarge-security: N/A
Modified: patch-tracking/CVE-2005-3359
==============================================================================
--- patch-tracking/CVE-2005-3359 (original)
+++ patch-tracking/CVE-2005-3359 Sat Jul 15 15:47:34 2006
@@ -24,6 +24,7 @@
dannf> build their own kernels, and this isn't atm specific
Bugs:
upstream: released (2.6.14)
+linux-2.6.16:
linux-2.6: released (2.6.14-1)
2.6.8-sarge-security: released (2.6.8-16sarge3)
2.4.27-sarge-security: N/A
Modified: patch-tracking/CVE-2005-3527
==============================================================================
--- patch-tracking/CVE-2005-3527 (original)
+++ patch-tracking/CVE-2005-3527 Sat Jul 15 15:47:34 2006
@@ -27,6 +27,7 @@
backporting is too hard for the same reasons as 2.6.8.
Bugs:
upstream: released (2.6.14)
+linux-2.6.16:
linux-2.6: N/A
2.6.8-sarge-security: ignored (2.6.8-16sarge4)
2.4.27-sarge-security: ignored (2.4.27-10sarge4)
Modified: patch-tracking/CVE-2005-3623
==============================================================================
--- patch-tracking/CVE-2005-3623 (original)
+++ patch-tracking/CVE-2005-3623 Sat Jul 15 15:47:34 2006
@@ -10,6 +10,7 @@
jmm> Sarge and Woody are not vulnerable
Bugs:
upstream: released (2.6.14.5), released (2.6.15-pre7)
+linux-2.6.16:
linux-2.6: released (2.6.14-7)
2.6.8-sarge-security: N/A
2.4.27-sarge-security: N/A
Modified: patch-tracking/CVE-2005-3660
==============================================================================
--- patch-tracking/CVE-2005-3660 (original)
+++ patch-tracking/CVE-2005-3660 Sat Jul 15 15:47:34 2006
@@ -14,6 +14,7 @@
dannf> to struct file. No such thing has gone upstream yet, however.
Bugs:
upstream:
+linux-2.6.16:
linux-2.6:
2.6.8-sarge-security: ignored (2.6.8-16sarge4)
2.4.27-sarge-security: ignored (2.4.27-10sarge4)
Modified: patch-tracking/CVE-2005-3783
==============================================================================
--- patch-tracking/CVE-2005-3783 (original)
+++ patch-tracking/CVE-2005-3783 Sat Jul 15 15:47:34 2006
@@ -10,6 +10,7 @@
Notes:
Bugs:
upstream: released (2.4.33-pre1, 2.6.14.2)
+linux-2.6.16:
linux-2.6: released (2.6.14-3)
2.6.8-sarge-security: released (2.6.8-16sarge2) [ptrace-fix_self-attach_rule.dpatch]
2.4.27-sarge-security: released (2.4.27-10sarge2) [201_ptrace-fix_self-attach_rule.diff]
Modified: patch-tracking/CVE-2005-3784
==============================================================================
--- patch-tracking/CVE-2005-3784 (original)
+++ patch-tracking/CVE-2005-3784 Sat Jul 15 15:47:34 2006
@@ -9,6 +9,7 @@
jmm,horms> 2.4 code seems very different and not vulnerable
Bugs:
upstream: released (2.5.15)
+linux-2.6.16:
linux-2.6: released (2.5.15-1)
2.6.8-sarge-security: released (2.6.8-16sarge2) [kernel-dont-reap-traced.dpatch]
2.4.27-sarge-security: N/A
Modified: patch-tracking/CVE-2005-3805
==============================================================================
--- patch-tracking/CVE-2005-3805 (original)
+++ patch-tracking/CVE-2005-3805 Sat Jul 15 15:47:34 2006
@@ -10,6 +10,7 @@
versions listed in the description are wrong.
Bugs:
upstream: released (2.6.14)
+linux-2.6.16:
linux-2.6: released (2.6.14-1)
2.6.8-sarge-security: N/A
2.4.27-sarge-security: N/A
Modified: patch-tracking/CVE-2005-3806
==============================================================================
--- patch-tracking/CVE-2005-3806 (original)
+++ patch-tracking/CVE-2005-3806 Sat Jul 15 15:47:34 2006
@@ -11,6 +11,7 @@
Notes:
Bugs:
upstream: released (2.6.14)
+linux-2.6.16:
linux-2.6: released (2.6.14-1)
2.6.8-sarge-security: released (2.6.8-16sarge2) [net-ipv6-flowlabel-refcnt.dpatch]
2.4.27-sarge-security: released (2.4.27-10sarge2) [net-ipv6-flowlabel-refcnt.dpatch]
Modified: patch-tracking/CVE-2005-3807
==============================================================================
--- patch-tracking/CVE-2005-3807 (original)
+++ patch-tracking/CVE-2005-3807 Sat Jul 15 15:47:34 2006
@@ -12,6 +12,7 @@
Notes:
Bugs:
upstream: released (2.6.14.3)
+linux-2.6.16:
linux-2.6: released (2.6.14-4)
2.6.8-sarge-security: N/A
2.4.27-sarge-security: N/A
Modified: patch-tracking/CVE-2005-3808
==============================================================================
--- patch-tracking/CVE-2005-3808 (original)
+++ patch-tracking/CVE-2005-3808 Sat Jul 15 15:47:34 2006
@@ -7,6 +7,7 @@
I didn't check the woody kernels, but it seems very unlikely it is there
Bugs:
upstream: released (2.6.14.4)
+linux-2.6.16:
linux-2.6: released (2.6.14-4)
2.6.8-sarge-security: N/A
2.4.27-sarge-security: N/A
Modified: patch-tracking/CVE-2005-3809
==============================================================================
--- patch-tracking/CVE-2005-3809 (original)
+++ patch-tracking/CVE-2005-3809 Sat Jul 15 15:47:34 2006
@@ -4,6 +4,7 @@
Notes:
Bugs:
upstream: released (2.6.15-rc1, 2.6.14.3)
+linux-2.6.16:
linux-2.6: pending (2.6.14-4)
2.6.8-sarge-security: N/A
2.4.27-sarge-security: N/A
Modified: patch-tracking/CVE-2005-3810
==============================================================================
--- patch-tracking/CVE-2005-3810 (original)
+++ patch-tracking/CVE-2005-3810 Sat Jul 15 15:47:34 2006
@@ -8,6 +8,7 @@
Notes:
Bugs:
upstream: released (2.6.15-rc1/2.6.14.3)
+linux-2.6.16:
linux-2.6: released (2.6.14-4)
2.6.8-sarge-security: N/A
2.4.27-sarge-security: N/A
Modified: patch-tracking/CVE-2005-3847
==============================================================================
--- patch-tracking/CVE-2005-3847 (original)
+++ patch-tracking/CVE-2005-3847 Sat Jul 15 15:47:34 2006
@@ -18,6 +18,7 @@
dump.
Bug:
upstream: released (2.6.12.6, 2.6.13)
+linux-2.6.16:
linux-2.6: N/A
2.6.8-sarge-security: released (2.6.8-16sarge2) [nptl-signal-delivery-deadlock-fix.dpatch]
2.4.27-sarge-security: N/A
Modified: patch-tracking/CVE-2005-3848
==============================================================================
--- patch-tracking/CVE-2005-3848 (original)
+++ patch-tracking/CVE-2005-3848 Sat Jul 15 15:47:34 2006
@@ -22,6 +22,7 @@
2.6.8-sarge-security: released (2.6.8-16sarge2) [fix-dst-leak-in-icmp_push_reply.dpatch]
2.4.27-sid/sarge: released (2.4.27-12) [188_fix-dst-leak-in-icmp_push_reply.diff]
2.4.27-sarge-security: released (2.4.27-10sarge2) [188_fix-dst-leak-in-icmp_push_reply.diff]
+linux-2.6.16:
linux-2.6:
2.4.19-woody-security: N/A
2.4.18-woody-security: N/A
Modified: patch-tracking/CVE-2005-3857
==============================================================================
--- patch-tracking/CVE-2005-3857 (original)
+++ patch-tracking/CVE-2005-3857 Sat Jul 15 15:47:34 2006
@@ -12,6 +12,7 @@
Sent for inclusion in 2.4.33
Bugs:
upstream: released (2.6.15-rc2) needed (2.6.33)
+linux-2.6.16:
linux-2.6: released (2.6.14+2.6.15-rc5-0experimental.1)
2.6.8-sarge-security: released (2.6.8-16sarge2)
2.4.27-sarge-security: released (2.4.27-10sarge2)
Modified: patch-tracking/CVE-2005-3858
==============================================================================
--- patch-tracking/CVE-2005-3858 (original)
+++ patch-tracking/CVE-2005-3858 Sat Jul 15 15:47:34 2006
@@ -11,6 +11,7 @@
dannf> 2.4 code could be vulnerable.
Bugs:
upstream: released (2.6.12.6, 2.6.13)
+linux-2.6.16:
linux-2.6: N/A
2.6.8-sarge-security: released (2.6.8-16sarge2)
2.4.27-sarge-security: released (2.4.27-10sarge2) [189_ipv6-skb-leak.diff]
Modified: patch-tracking/CVE-2005-4351
==============================================================================
--- patch-tracking/CVE-2005-4351 (original)
+++ patch-tracking/CVE-2005-4351 Sat Jul 15 15:47:34 2006
@@ -11,6 +11,7 @@
jmm> 2.6.8
Bugs:
upstream:
+linux-2.6.16:
linux-2.6:
2.6.8-sarge-security: N/A
2.4.27-sarge-security: N/A
Modified: patch-tracking/CVE-2005-4352
==============================================================================
--- patch-tracking/CVE-2005-4352 (original)
+++ patch-tracking/CVE-2005-4352 Sat Jul 15 15:47:34 2006
@@ -12,6 +12,7 @@
jmm> and 2.4.27
Bugs:
upstream:
+linux-2.6.16:
linux-2.6:
2.6.8-sarge-security: N/A
2.4.27-sarge-security: N/A
Modified: patch-tracking/CVE-2005-4440
==============================================================================
--- patch-tracking/CVE-2005-4440 (original)
+++ patch-tracking/CVE-2005-4440 Sat Jul 15 15:47:34 2006
@@ -34,6 +34,7 @@
dannf> series of kernels & follow what upstream does.
Bugs:
upstream:
+linux-2.6.16:
linux-2.6:
2.6.8-sarge-security: ignored (2.6.8-16sarge4)
2.4.27-sarge-security: ignored (2.4.27-10sarge4)
Modified: patch-tracking/CVE-2005-4441
==============================================================================
--- patch-tracking/CVE-2005-4441 (original)
+++ patch-tracking/CVE-2005-4441 Sat Jul 15 15:47:34 2006
@@ -38,6 +38,7 @@
dannf> series of kernels & follow what upstream does.
Bugs:
upstream:
+linux-2.6.16:
linux-2.6:
2.6.8-sarge-security: ignored (2.6.8-16sarge4)
2.4.27-sarge-security: ignored (2.4.27-10sarge4)
Modified: patch-tracking/CVE-2005-4605
==============================================================================
--- patch-tracking/CVE-2005-4605 (original)
+++ patch-tracking/CVE-2005-4605 Sat Jul 15 15:47:34 2006
@@ -14,6 +14,7 @@
jmm> Discovered by Karl Janmar
Bugs:
upstream: released (2.6.15), released (2.6.14.6)
+linux-2.6.16:
linux-2.6: released (2.6.15-1)
2.6.8-sarge-security: released (2.6.8-16sarge2) [proc-legacy-loff-underflow.dpatch]
2.4.27-sarge-security: N/A
Modified: patch-tracking/CVE-2005-4618
==============================================================================
--- patch-tracking/CVE-2005-4618 (original)
+++ patch-tracking/CVE-2005-4618 Sat Jul 15 15:47:34 2006
@@ -11,6 +11,7 @@
jmm> Discovered by Yi Ying
Bugs:
upstream: released (2.6.15)
+linux-2.6.16:
linux-2.6: released (2.6.15-1)
2.6.8-sarge-security: released (2.6.8-16sarge2)
2.4.27-sarge-security: released (2.4.27-10sarge2)
Modified: patch-tracking/CVE-2005-4635
==============================================================================
--- patch-tracking/CVE-2005-4635 (original)
+++ patch-tracking/CVE-2005-4635 Sat Jul 15 15:47:34 2006
@@ -18,6 +18,7 @@
dannf> wasn't added until after 2.6.12, and is already fixed in 2.6.15.
Bugs:
upstream: released (2.6.15)
+linux-2.6.16:
linux-2.6: released (2.6.15-1)
2.6.8-sarge-security: N/A
2.4.27-sarge-security: N/A
Modified: patch-tracking/CVE-2005-4639
==============================================================================
--- patch-tracking/CVE-2005-4639 (original)
+++ patch-tracking/CVE-2005-4639 Sat Jul 15 15:47:34 2006
@@ -14,6 +14,7 @@
dannf> Driver wasn't added till after 2.6.8
Bugs:
upstream: released (2.6.15)
+linux-2.6.16:
linux-2.6: released (2.6.15-1)
2.6.8-sarge-security: N/A
2.4.27-sarge-security: N/A
Modified: patch-tracking/CVE-2005-4798
==============================================================================
--- patch-tracking/CVE-2005-4798 (original)
+++ patch-tracking/CVE-2005-4798 Sat Jul 15 15:47:34 2006
@@ -9,6 +9,7 @@
jmm> http://www.ussg.iu.edu/hypermail/linux/kernel/0509.1/1333.html
Bugs:
upstream:
+linux-2.6.16:
linux-2.6:
2.6.8-sarge-security:
2.4.27-sarge-security:
Modified: patch-tracking/CVE-2006-0035
==============================================================================
--- patch-tracking/CVE-2006-0035 (original)
+++ patch-tracking/CVE-2006-0035 Sat Jul 15 15:47:34 2006
@@ -8,6 +8,7 @@
dannf> The vulnerable code doesn't exist in <= 2.6.8
Bugs:
upstream: released (2.6.15.1)
+linux-2.6.16:
linux-2.6: released (2.6.15-3)
2.6.8-sarge-security: N/A
2.4.27-sarge-security: N/A
Modified: patch-tracking/CVE-2006-0036
==============================================================================
--- patch-tracking/CVE-2006-0036 (original)
+++ patch-tracking/CVE-2006-0036 Sat Jul 15 15:47:34 2006
@@ -10,6 +10,7 @@
jmm> This is not included in 2.4 and 2.6.8
Bugs:
upstream: released (2.6.15.1)
+linux-2.6.16:
linux-2.6: released (2.6.15-3)
2.6.8-sarge-security: N/A
2.4.27-sarge-security: N/A
Modified: patch-tracking/CVE-2006-0037
==============================================================================
--- patch-tracking/CVE-2006-0037 (original)
+++ patch-tracking/CVE-2006-0037 Sat Jul 15 15:47:34 2006
@@ -10,6 +10,7 @@
jmm> The vulnerable code isn't present in 2.4 and 2.6.8
Bugs:
upstream: released (2.6.15.1)
+linux-2.6.16:
linux-2.6: released (2.6.15-3)
2.6.8-sarge-security: N/A
2.4.27-sarge-security: N/A
Modified: patch-tracking/CVE-2006-0038
==============================================================================
--- patch-tracking/CVE-2006-0038 (original)
+++ patch-tracking/CVE-2006-0038 Sat Jul 15 15:47:34 2006
@@ -11,6 +11,7 @@
dannf> Submitted to Marcelo for 2.4
Bugs:
upstream: released (2.6.16-rc3)
+linux-2.6.16:
linux-2.6: released (2.6.16-1)
2.6.8-sarge-security: released (2.6.8-16sarge3) [netfilter-do_replace-overflow.dpatch]
2.4.27-sarge-security: released (2.4.27-10sarge3) [221_netfilter-do_replace-overflow.diff]
Modified: patch-tracking/CVE-2006-0039
==============================================================================
--- patch-tracking/CVE-2006-0039 (original)
+++ patch-tracking/CVE-2006-0039 Sat Jul 15 15:47:34 2006
@@ -8,6 +8,7 @@
dannf> Submitted to Marcelo for 2.4
Bugs:
upstream: released (2.6.16.17)
+linux-2.6.16:
linux-2.6: released (2.6.16-14)
2.6.8-sarge-security: released (2.6.8-16sarge3)
2.4.27-sarge-security: released (2.4.27-10sarge3)
Modified: patch-tracking/CVE-2006-0095
==============================================================================
--- patch-tracking/CVE-2006-0095 (original)
+++ patch-tracking/CVE-2006-0095 Sat Jul 15 15:47:34 2006
@@ -11,6 +11,7 @@
jmm> Discovered by Stefan Rompf
Bugs:
upstream: released (2.6.16-rc1)
+linux-2.6.16:
linux-2.6: released (2.6.16-1)
2.6.8-sarge-security: released (2.6.8-16sarge2) [dm-crypt-zero-key.dpatch]
2.4.27-sarge-security: N/A
Modified: patch-tracking/CVE-2006-0096
==============================================================================
--- patch-tracking/CVE-2006-0096 (original)
+++ patch-tracking/CVE-2006-0096 Sat Jul 15 15:47:34 2006
@@ -23,6 +23,7 @@
horms> of the statement above is correct
Bugs:
upstream: released (2.6.11), fixed (2.4.29)
+linux-2.6.16:
linux-2.6: N/A
2.6.8-sarge-security: released (2.6.8-16sarge2) [net-sdla-coverty.dpatch]
2.4.27-sarge-security: released (2.4.27-8) [129_net_sdla_coverty.diff]
Modified: patch-tracking/CVE-2006-0454
==============================================================================
--- patch-tracking/CVE-2006-0454 (original)
+++ patch-tracking/CVE-2006-0454 Sat Jul 15 15:47:34 2006
@@ -11,6 +11,7 @@
horms> http://www.kernel.org/git/?p=linux/kernel/git/tglx/history.git;a=commitdiff;h=2c7ec2528b5776bd64a7c1240879087198e57da9
Bugs:
upstream: pending (2.6.15.3)
+linux-2.6.16:
linux-2.6: pending (2.6.16-5) [2.6.15.3.patch]
2.6.8-sarge-security: N/A
2.4.27-sarge-security: N/A
Modified: patch-tracking/CVE-2006-0456
==============================================================================
--- patch-tracking/CVE-2006-0456 (original)
+++ patch-tracking/CVE-2006-0456 Sat Jul 15 15:47:34 2006
@@ -9,6 +9,7 @@
jmm> 2.4 doesn't have an assembly version
Bugs:
upstream: released (2.6.16)
+linux-2.6.16:
linux-2.6: released (2.6.16-1)
2.6.8-sarge-security: released (2.6.8-16sarge3)
2.4.27-sarge-security: N/A
Modified: patch-tracking/CVE-2006-0457
==============================================================================
--- patch-tracking/CVE-2006-0457 (original)
+++ patch-tracking/CVE-2006-0457 Sat Jul 15 15:47:34 2006
@@ -20,6 +20,7 @@
Notes:
Bugs:
upstream: released (2.6.10)
+linux-2.6.16:
linux-2.6: released (2.6.10-1)
2.6.8-sarge-security: N/A
2.4.27-sarge-security: N/A
Modified: patch-tracking/CVE-2006-0482
==============================================================================
--- patch-tracking/CVE-2006-0482 (original)
+++ patch-tracking/CVE-2006-0482 Sat Jul 15 15:47:34 2006
@@ -10,6 +10,7 @@
dannf> in sparc64 32-bit compat code
Bugs:
upstream: pending (2.6.16-rc2)
+linux-2.6.16:
linux-2.6: pending (2.6.16-4) [sparc64-clock-settime.patch]
2.6.8-sarge-security: released (2.6.8-16sarge2) [sparc64-clock-settime.dpatch]
2.4.27-sarge-security: N/A
Modified: patch-tracking/CVE-2006-0554
==============================================================================
--- patch-tracking/CVE-2006-0554 (original)
+++ patch-tracking/CVE-2006-0554 Sat Jul 15 15:47:34 2006
@@ -7,6 +7,7 @@
Notes:
Bugs:
upstream: released (2.6.15.5)
+linux-2.6.16:
linux-2.6: released (2.6.15-8)
2.6.8-sarge-security: released (2.6.8-16sarge3)
2.4.27-sarge-security: N/A
Modified: patch-tracking/CVE-2006-0555
==============================================================================
--- patch-tracking/CVE-2006-0555 (original)
+++ patch-tracking/CVE-2006-0555 Sat Jul 15 15:47:34 2006
@@ -8,6 +8,7 @@
Notes: UBUNTU:USN-263-1
Bugs:
upstream: released (2.6.15.5)
+linux-2.6.16:
linux-2.6: released (2.6.15-8)
2.6.8-sarge-security: released (2.6.8-16sarge3)
2.4.27-sarge-security: N/A
Modified: patch-tracking/CVE-2006-0557
==============================================================================
--- patch-tracking/CVE-2006-0557 (original)
+++ patch-tracking/CVE-2006-0557 Sat Jul 15 15:47:34 2006
@@ -9,6 +9,7 @@
dannf> mempolicy.c doesn't exist in 2.4, marking N/A
Bugs:
upstream: released (2.6.16-rc4)
+linux-2.6.16:
linux-2.6: released (2.6.16-1)
2.6.8-sarge-security: released (2.6.8-16sarge3)
2.4.27-sarge-security: N/A
Modified: patch-tracking/CVE-2006-0558
==============================================================================
--- patch-tracking/CVE-2006-0558 (original)
+++ patch-tracking/CVE-2006-0558 Sat Jul 15 15:47:34 2006
@@ -19,6 +19,7 @@
dannf> be ported to the 2.4 perfmon API to test 2.4.27
Bugs: 365375
upstream: released (2.6.16)
+linux-2.6.16:
linux-2.6: released (2.6.16-1)
2.6.8-sarge-security: released (2.6.8-16sarge3)
2.4.27-sarge-security:
Modified: patch-tracking/CVE-2006-0741
==============================================================================
--- patch-tracking/CVE-2006-0741 (original)
+++ patch-tracking/CVE-2006-0741 Sat Jul 15 15:47:34 2006
@@ -9,6 +9,7 @@
This is amd64-specific (em64t in particular), so we could ignore it for 2.4
Bugs:
upstream: released (2.6.15.5)
+linux-2.6.16:
linux-2.6: released (2.6.15-8)
2.6.8-sarge-security: released (2.6.8-16sarge3) [binfmt-bad-elf-entry-address.dpatch]
2.4.27-sarge-security: released (2.4.27-10sarge3) [222_binfmt-bad-elf-entry-address.diff]
Modified: patch-tracking/CVE-2006-0742
==============================================================================
--- patch-tracking/CVE-2006-0742 (original)
+++ patch-tracking/CVE-2006-0742 Sat Jul 15 15:47:34 2006
@@ -10,6 +10,7 @@
dannf> Forwarded to Bjorn for 2.4-ia64 inclusion
Bugs:
upstream: released (2.6.15.6)
+linux-2.6.16:
linux-2.6: released (2.6.15-8)
2.6.8-sarge-security: released (2.6.8-16sarge3)
2.4.27-sarge-security: released (2.4.27-10sarge3)
Modified: patch-tracking/CVE-2006-0744
==============================================================================
--- patch-tracking/CVE-2006-0744 (original)
+++ patch-tracking/CVE-2006-0744 Sat Jul 15 15:47:34 2006
@@ -9,6 +9,7 @@
2.4/sarge3
Bugs:
upstream:
+linux-2.6.16:
linux-2.6: released (2.6.16-7)
2.6.8-sarge-security: released (2.6.8-16sarge3) [em64t-uncanonical-return-addr.dpatch]
2.4.27-sarge-security: ignored (2.4.27-10sarge3)
Modified: patch-tracking/CVE-2006-1052
==============================================================================
--- patch-tracking/CVE-2006-1052 (original)
+++ patch-tracking/CVE-2006-1052 Sat Jul 15 15:47:34 2006
@@ -10,6 +10,7 @@
Notes:
Bugs:
upstream: released (2.6.16)
+linux-2.6.16:
linux-2.6: released (2.6.16-1)
2.6.8-sarge-security: needed
2.4.27-sarge-security: N/A
Modified: patch-tracking/CVE-2006-1055
==============================================================================
--- patch-tracking/CVE-2006-1055 (original)
+++ patch-tracking/CVE-2006-1055 Sat Jul 15 15:47:34 2006
@@ -15,6 +15,7 @@
and since its's sysfs 2.4 is N/A.
Bugs:
upstream: released (2.6.17-rc1), released (2.6.16.2)
+linux-2.6.16:
linux-2.6: released (2.6.16-6)
2.6.8-sarge-security: N/A
2.4.27-sarge-security: N/A
Modified: patch-tracking/CVE-2006-1056
==============================================================================
--- patch-tracking/CVE-2006-1056 (original)
+++ patch-tracking/CVE-2006-1056 Sat Jul 15 15:47:34 2006
@@ -18,6 +18,7 @@
Notes:
Bugs:
upstream: released (2.4.33-pre3), released (2.6.16.9)
+linux-2.6.16:
linux-2.6: released (2.6.16-9)
2.6.8-sarge-security: released (2.6.8-16sarge3)
2.4.27-sarge-security: released (2.4.27-10sarge3)
Modified: patch-tracking/CVE-2006-1066
==============================================================================
--- patch-tracking/CVE-2006-1066 (original)
+++ patch-tracking/CVE-2006-1066 Sat Jul 15 15:47:34 2006
@@ -28,6 +28,7 @@
dannf> for the pending/released tags to match the others.
Bugs:
upstream:
+linux-2.6.16:
linux-2.6: N/A
2.6.8-sarge-security: released (2.6.8-16sarge2)
2.4.27-sarge-security: N/A
Modified: patch-tracking/CVE-2006-1242
==============================================================================
--- patch-tracking/CVE-2006-1242 (original)
+++ patch-tracking/CVE-2006-1242 Sat Jul 15 15:47:34 2006
@@ -27,6 +27,7 @@
dannf> troyh gave me a patch for 2.4, so I guess it is affected
Bugs:
upstream: released (2.6.16.1)
+linux-2.6.16:
linux-2.6: released (2.6.16-4)
2.6.8-sarge-security: released (2.6.8-16sarge3)
2.4.27-sarge-security: released (2.4.27-10sarge3)
Modified: patch-tracking/CVE-2006-1342
==============================================================================
--- patch-tracking/CVE-2006-1342 (original)
+++ patch-tracking/CVE-2006-1342 Sat Jul 15 15:47:34 2006
@@ -14,6 +14,7 @@
043_ipsec.diff patch
Bugs:
upstream: released (2.4.33-pre3)
+linux-2.6.16:
linux-2.6: N/A
2.6.8-sarge-security: N/A
2.4.27-sarge-security: released (2.4.27-1)
Modified: patch-tracking/CVE-2006-1343
==============================================================================
--- patch-tracking/CVE-2006-1343 (original)
+++ patch-tracking/CVE-2006-1343 Sat Jul 15 15:47:34 2006
@@ -13,6 +13,7 @@
jmm> It's now fixed upstream in 2.6 as well, let's include it in sarge4
Bugs:
upstream: released (2.4.33-pre3), released (2.6.16.19)
+linux-2.6.16:
linux-2.6: released (2.6.16-15)
2.6.8-sarge-security: ignored (2.6.8-16sarge3)
2.4.27-sarge-security: released (2.4.27-10sarge3)
Modified: patch-tracking/CVE-2006-1368
==============================================================================
--- patch-tracking/CVE-2006-1368 (original)
+++ patch-tracking/CVE-2006-1368 Sat Jul 15 15:47:34 2006
@@ -12,6 +12,7 @@
feedback, so it should be upstream soon
Bugs:
upstream: released (2.6.16)
+linux-2.6.16:
linux-2.6: released (2.6.16-1)
2.6.8-sarge-security: released (2.6.8-16sarge3)
2.4.27-sarge-security: released (2.4.27-10sarge3)
Modified: patch-tracking/CVE-2006-1522
==============================================================================
--- patch-tracking/CVE-2006-1522 (original)
+++ patch-tracking/CVE-2006-1522 Sat Jul 15 15:47:34 2006
@@ -5,6 +5,7 @@
jmm> Vulnerable code not present in 2.6.8 and 2.4
Bugs:
upstream:
+linux-2.6.16:
linux-2.6: released (2.6.16-7)
2.6.8-sarge-security: N/A
2.4.27-sarge-security: N/A
Modified: patch-tracking/CVE-2006-1523
==============================================================================
--- patch-tracking/CVE-2006-1523 (original)
+++ patch-tracking/CVE-2006-1523 Sat Jul 15 15:47:34 2006
@@ -12,6 +12,7 @@
Notes:
Bugs:
upstream:
+linux-2.6.16:
linux-2.6:
2.6.8-sarge-security: released (2.6.8-16sarge3)
2.4.27-sarge-security: N/A
Modified: patch-tracking/CVE-2006-1524
==============================================================================
--- patch-tracking/CVE-2006-1524 (original)
+++ patch-tracking/CVE-2006-1524 Sat Jul 15 15:47:34 2006
@@ -17,6 +17,7 @@
Notes:
Bugs:
upstream: released (2.6.16.7)
+linux-2.6.16:
linux-2.6:
2.6.8-sarge-security: released (2.6.8-16sarge3)
2.4.27-sarge-security: released (2.4.27-10sarge3)
Modified: patch-tracking/CVE-2006-1525
==============================================================================
--- patch-tracking/CVE-2006-1525 (original)
+++ patch-tracking/CVE-2006-1525 Sat Jul 15 15:47:34 2006
@@ -12,6 +12,7 @@
dannf> Submitted to Marcelo for 2.4
Bugs:
upstream: released (2.6.16.8)
+linux-2.6.16:
linux-2.6: released (2.6.16-9)
2.6.8-sarge-security: released (2.6.8-16sarge3)
2.4.27-sarge-security: released (2.4.27-10sarge3)
Modified: patch-tracking/CVE-2006-1527
==============================================================================
--- patch-tracking/CVE-2006-1527 (original)
+++ patch-tracking/CVE-2006-1527 Sat Jul 15 15:47:34 2006
@@ -19,6 +19,7 @@
troyh> SCTP-netfilter code didn't exist until after 2.6.8
Bugs:
upstream:
+linux-2.6.16:
linux-2.6:
2.6.8-sarge-security: N/A
2.4.27-sarge-security: N/A
Modified: patch-tracking/CVE-2006-1528
==============================================================================
--- patch-tracking/CVE-2006-1528 (original)
+++ patch-tracking/CVE-2006-1528 Sat Jul 15 15:47:34 2006
@@ -9,6 +9,7 @@
Notes:
Bugs:
upstream: released (2.6.13)
+linux-2.6.16:
linux-2.6: released (2.6.13-1)
2.6.8-sarge-security:
2.4.27-sarge-security:
Modified: patch-tracking/CVE-2006-1855
==============================================================================
--- patch-tracking/CVE-2006-1855 (original)
+++ patch-tracking/CVE-2006-1855 Sat Jul 15 15:47:34 2006
@@ -11,6 +11,7 @@
jmm> Vulnerable code not present in 2.4.27
Bugs:
upstream: released (2.6.11.12)
+linux-2.6.16:
linux-2.6: N/A
2.6.8-sarge-security: needed
2.4.27-sarge-security: N/A
Modified: patch-tracking/CVE-2006-1856
==============================================================================
--- patch-tracking/CVE-2006-1856 (original)
+++ patch-tracking/CVE-2006-1856 Sat Jul 15 15:47:34 2006
@@ -11,6 +11,7 @@
Notes:
Bugs:
upstream:
+linux-2.6.16:
linux-2.6:
2.6.8-sarge-security:
2.4.27-sarge-security:
Modified: patch-tracking/CVE-2006-1857
==============================================================================
--- patch-tracking/CVE-2006-1857 (original)
+++ patch-tracking/CVE-2006-1857 Sat Jul 15 15:47:34 2006
@@ -9,6 +9,7 @@
dannf> Submitted to Marcelo for 2.4
Bugs:
upstream: released (2.6.16.17)
+linux-2.6.16:
linux-2.6: released (2.6.16-14)
2.6.8-sarge-security: released (2.6.8-16sarge3)
2.4.27-sarge-security: released (2.4.27-10sarge3)
Modified: patch-tracking/CVE-2006-1858
==============================================================================
--- patch-tracking/CVE-2006-1858 (original)
+++ patch-tracking/CVE-2006-1858 Sat Jul 15 15:47:34 2006
@@ -9,6 +9,7 @@
dannf> Submitted to Marcello for 2.4
Bugs:
upstream: released (2.6.16.17)
+linux-2.6.16:
linux-2.6: released (2.6.16-14)
2.6.8-sarge-security: released (2.6.8-16sarge3)
2.4.27-sarge-security: released (2.4.27-10sarge3)
Modified: patch-tracking/CVE-2006-1859
==============================================================================
--- patch-tracking/CVE-2006-1859 (original)
+++ patch-tracking/CVE-2006-1859 Sat Jul 15 15:47:34 2006
@@ -14,6 +14,7 @@
jmm> The vulnerable NFS4 leases code was only introduced in 2.6.10
Bugs:
upstream: released (2.6.16.6)
+linux-2.6.16:
linux-2.6: released (2.6.16-8)
2.6.8-sarge-security: N/A
2.4.27-sarge-security: N/A
Modified: patch-tracking/CVE-2006-1860
==============================================================================
--- patch-tracking/CVE-2006-1860 (original)
+++ patch-tracking/CVE-2006-1860 Sat Jul 15 15:47:34 2006
@@ -14,6 +14,7 @@
jmm> The vulnerable NFS4 leases code was only introduced in 2.6.10
Bugs:
upstream: released (2.6.16.6)
+linux-2.6.16:
linux-2.6: released (2.6.16-8)
2.6.8-sarge-security: N/A
2.4.27-sarge-security: N/A
Modified: patch-tracking/CVE-2006-1863
==============================================================================
--- patch-tracking/CVE-2006-1863 (original)
+++ patch-tracking/CVE-2006-1863 Sat Jul 15 15:47:34 2006
@@ -6,6 +6,7 @@
jmm> 2.4 doesn't have CIFS
Bugs:
upstream: released (2.6.16.11)
+linux-2.6.16:
linux-2.6: released (2.6.16-10)
2.6.8-sarge-security: released (2.6.8-16sarge3)
2.4.27-sarge-security: N/A
Modified: patch-tracking/CVE-2006-1864
==============================================================================
--- patch-tracking/CVE-2006-1864 (original)
+++ patch-tracking/CVE-2006-1864 Sat Jul 15 15:47:34 2006
@@ -10,6 +10,7 @@
Notes:
Bugs:
upstream: pending (2.4.33-pre4), released (2.6.16.14)
+linux-2.6.16:
linux-2.6: released (2.6.16-10)
2.6.8-sarge-security: released (2.6.8-16sarge3)
2.4.27-sarge-security: released (2.4.27-10sarge3)
Modified: patch-tracking/CVE-2006-2071
==============================================================================
--- patch-tracking/CVE-2006-2071 (original)
+++ patch-tracking/CVE-2006-2071 Sat Jul 15 15:47:34 2006
@@ -11,6 +11,7 @@
Notes:
Bugs:
upstream: released (2.6.16.6)
+linux-2.6.16:
linux-2.6: released (2.6.16-8)
2.6.8-sarge-security: needed
2.4.27-sarge-security: needed
Modified: patch-tracking/CVE-2006-2271
==============================================================================
--- patch-tracking/CVE-2006-2271 (original)
+++ patch-tracking/CVE-2006-2271 Sat Jul 15 15:47:34 2006
@@ -16,6 +16,7 @@
dannf> Forwarded to Marcelo for 2.4 inclusion
Bugs:
upstream: released (2.6.16.15)
+linux-2.6.16:
linux-2.6: released (2.6.16-13)
2.6.8-sarge-security: released (2.6.8-16sarge3)
2.4.27-sarge-security: released (2.4.27-10sarge3)
Modified: patch-tracking/CVE-2006-2272
==============================================================================
--- patch-tracking/CVE-2006-2272 (original)
+++ patch-tracking/CVE-2006-2272 Sat Jul 15 15:47:34 2006
@@ -11,6 +11,7 @@
dannf> Submitted to Marcelo for inclusion in 2.4
Bugs:
upstream: released (2.6.16.15)
+linux-2.6.16:
linux-2.6: released (2.6.16-13)
2.6.8-sarge-security: released (2.6.8-16sarge3)
2.4.27-sarge-security: released (2.4.27-10sarge3)
Modified: patch-tracking/CVE-2006-2274
==============================================================================
--- patch-tracking/CVE-2006-2274 (original)
+++ patch-tracking/CVE-2006-2274 Sat Jul 15 15:47:34 2006
@@ -14,6 +14,7 @@
dannf> Submitted to Marcelo for 2.4
Bugs:
upstream: released (2.6.16.15)
+linux-2.6.16:
linux-2.6: released (2.6.16-13)
2.6.8-sarge-security: released (2.6.8-16sarge3)
2.4.27-sarge-security: released (2.4.27-10sarge3)
Modified: patch-tracking/CVE-2006-2275
==============================================================================
--- patch-tracking/CVE-2006-2275 (original)
+++ patch-tracking/CVE-2006-2275 Sat Jul 15 15:47:34 2006
@@ -12,6 +12,7 @@
jmm> be postponed for now
Bugs:
upstream: released (2.6.16.15)
+linux-2.6.16:
linux-2.6: released (2.6.16-13)
2.6.8-sarge-security: ignored (2.6.8-16sarge4)
2.4.27-sarge-security: ignored (2.4.27-10sarge4)
Modified: patch-tracking/CVE-2006-2444
==============================================================================
--- patch-tracking/CVE-2006-2444 (original)
+++ patch-tracking/CVE-2006-2444 Sat Jul 15 15:47:34 2006
@@ -11,6 +11,7 @@
Notes:
Bugs:
upstream: released (2.6.16.18)
+linux-2.6.16:
linux-2.6: released (2.6.16-15)
2.6.8-sarge-security: needed
2.4.27-sarge-security: needed
Modified: patch-tracking/CVE-2006-2445
==============================================================================
--- patch-tracking/CVE-2006-2445 (original)
+++ patch-tracking/CVE-2006-2445 Sat Jul 15 15:47:34 2006
@@ -10,6 +10,7 @@
jmm> Vulnerable code not present in 2.4
Bugs:
upstream:
+linux-2.6.16:
linux-2.6: released (2.6.16-15)
2.6.8-sarge-security:
2.4.27-sarge-security: N/A
Modified: patch-tracking/CVE-2006-2448
==============================================================================
--- patch-tracking/CVE-2006-2448 (original)
+++ patch-tracking/CVE-2006-2448 Sat Jul 15 15:47:34 2006
@@ -5,6 +5,7 @@
Notes:
Bugs:
upstream: released (2.6.16.21)
+linux-2.6.16:
linux-2.6: released (2.6.16-15)
2.6.8-sarge-security:
2.4.27-sarge-security:
Modified: patch-tracking/CVE-2006-2451
==============================================================================
--- patch-tracking/CVE-2006-2451 (original)
+++ patch-tracking/CVE-2006-2451 Sat Jul 15 15:47:34 2006
@@ -4,6 +4,7 @@
Notes:
Bugs:
upstream: released (2.6.16.14), released (2.6.17.4)
+linux-2.6.16:
linux-2.6:
2.6.8-sarge-security: N/A
2.4.27-sarge-security: N/A
\ No newline at end of file
Modified: patch-tracking/CVE-2006-2629
==============================================================================
--- patch-tracking/CVE-2006-2629 (original)
+++ patch-tracking/CVE-2006-2629 Sat Jul 15 15:47:34 2006
@@ -11,6 +11,7 @@
Notes:
Bugs:
upstream:
+linux-2.6.16:
linux-2.6:
2.6.8-sarge-security:
2.4.27-sarge-security:
Modified: patch-tracking/CVE-2006-2934
==============================================================================
--- patch-tracking/CVE-2006-2934 (original)
+++ patch-tracking/CVE-2006-2934 Sat Jul 15 15:47:34 2006
@@ -4,6 +4,7 @@
Notes:
Bugs:
upstream:
+linux-2.6.16:
linux-2.6:
2.6.8-sarge-security:
2.4.27-sarge-security:
\ No newline at end of file
Modified: patch-tracking/CVE-2006-2935
==============================================================================
--- patch-tracking/CVE-2006-2935 (original)
+++ patch-tracking/CVE-2006-2935 Sat Jul 15 15:47:34 2006
@@ -4,6 +4,7 @@
Notes:
Bugs:
upstream:
+linux-2.6.16:
linux-2.6:
2.6.8-sarge-security:
2.4.27-sarge-security:
\ No newline at end of file
Modified: patch-tracking/CVE-2006-2936
==============================================================================
--- patch-tracking/CVE-2006-2936 (original)
+++ patch-tracking/CVE-2006-2936 Sat Jul 15 15:47:34 2006
@@ -6,6 +6,7 @@
jmm> 2.4 not affected due to different memory allocation
Bugs:
upstream:
+linux-2.6.16:
linux-2.6:
2.6.8-sarge-security:
2.4.27-sarge-security: N/A
\ No newline at end of file
Modified: patch-tracking/CVE-2006-3085
==============================================================================
--- patch-tracking/CVE-2006-3085 (original)
+++ patch-tracking/CVE-2006-3085 Sat Jul 15 15:47:34 2006
@@ -4,6 +4,7 @@
Notes:
Bugs:
upstream: released (2.6.16.21)
+linux-2.6.16:
linux-2.6: released (2.6.16-15)
2.6.8-sarge-security:
2.4.27-sarge-security:
\ No newline at end of file
Modified: patch-tracking/CVE-2006-3626
==============================================================================
--- patch-tracking/CVE-2006-3626 (original)
+++ patch-tracking/CVE-2006-3626 Sat Jul 15 15:47:34 2006
@@ -7,6 +7,7 @@
Notes:
Bugs:
upstream: http://www.kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commitdiff;h=18b0bbd8ca6d3cb90425aa0d77b99a762c6d6de3
+linux-2.6.16:
linux-2.6: needed
2.6.8-sarge-security: pending (2.6.8-16sarge4)
2.4.27-sarge-security: N/A
More information about the Kernel-svn-changes
mailing list