[kernel] r6635 - patch-tracking

Dann Frazier dannf at costa.debian.org
Sat May 20 06:21:28 UTC 2006


Author: dannf
Date: Sat May 20 06:21:26 2006
New Revision: 6635

Modified:
   patch-tracking/CVE-2006-1342
   patch-tracking/CVE-2006-1343

Log:
corrections for 1342 & 1343

Modified: patch-tracking/CVE-2006-1342
==============================================================================
--- patch-tracking/CVE-2006-1342	(original)
+++ patch-tracking/CVE-2006-1342	Sat May 20 06:21:26 2006
@@ -9,12 +9,14 @@
  potentially sensitive memory.
 Notes: 
  jmm> getorigdst() requires the fix in 2.6.8, inet_getname() is already fixed
- troyh> This isn't fixed upstream in 2.6 yet, at least not in the same way as 2.4
+ dannf> both CVE-2006-1342 & CVE-2006-1343 were fixed by the same patch;
+        however we actually coincidentally already fixed 1343 in the
+        043_ipsec.diff patch
 Bugs: 
-upstream: 
-linux-2.6:
-2.6.8-sarge-security: 
-2.4.27-sarge-security: pending (2.4.27-10sarge3)
+upstream: released (2.4.33-pre3)
+linux-2.6: N/A
+2.6.8-sarge-security: N/A
+2.4.27-sarge-security: released (2.4.27-1)
 2.4.27: needed
 2.4.19-woody-security: 
 2.4.18-woody-security: 

Modified: patch-tracking/CVE-2006-1343
==============================================================================
--- patch-tracking/CVE-2006-1343	(original)
+++ patch-tracking/CVE-2006-1343	Sat May 20 06:21:26 2006
@@ -8,11 +8,12 @@
  getsockopt function with SO_ORIGINAL_DST, which allows local users to
  obtain portions of potentially sensitive memory.
 Notes: 
+ troyh> This isn't fixed upstream in 2.6 yet, at least not in the same way as 2.4
 Bugs: 
 upstream: 
 linux-2.6:
 2.6.8-sarge-security: 
-2.4.27-sarge-security: 
+2.4.27-sarge-security: pending (2.4.27-10sarge3)
 2.4.27:
 2.4.19-woody-security: 
 2.4.18-woody-security: 



More information about the Kernel-svn-changes mailing list