[kernel] r6757 - in patch-tracking: dsa-texts
Moritz Muehlenhoff
jmm-guest at costa.debian.org
Mon May 29 10:02:33 UTC 2006
Author: jmm-guest
Date: Mon May 29 10:02:23 2006
New Revision: 6757
Added:
patch-tracking/CVE-2004-2660
patch-tracking/CVE-2005-4798
patch-tracking/CVE-2006-1855
patch-tracking/CVE-2006-1856
patch-tracking/CVE-2006-2444
patch-tracking/CVE-2006-2629
Modified:
patch-tracking/CVE-2006-0039
patch-tracking/dsa-texts/dsa-XXXX-1.kernel-source-2.4.18
Log:
add more issues
Added: patch-tracking/CVE-2004-2660
==============================================================================
--- (empty file)
+++ patch-tracking/CVE-2004-2660 Mon May 29 10:02:23 2006
@@ -0,0 +1,17 @@
+Candidate: CVE-2004-2660
+References:
+Description:
+Notes:
+ jmm> This was only covered by MITRE in May 2006
+Bugs:
+upstream:
+linux-2.6:
+2.6.8-sarge-security:
+2.4.27-sarge-security:
+2.4.27:
+2.4.19-woody-security:
+2.4.18-woody-security:
+2.4.17-woody-security:
+2.4.16-woody-security:
+2.4.17-woody-security-hppa:
+2.4.17-woody-security-ia64:
Added: patch-tracking/CVE-2005-4798
==============================================================================
--- (empty file)
+++ patch-tracking/CVE-2005-4798 Mon May 29 10:02:23 2006
@@ -0,0 +1,18 @@
+Candidate: CVE-2005-4798
+References:
+Description:
+Notes:
+ jmm> Current 2.6 not affected per Ingo Molnar
+ jmm> http://www.ussg.iu.edu/hypermail/linux/kernel/0509.1/1333.html
+Bugs:
+upstream:
+linux-2.6:
+2.6.8-sarge-security:
+2.4.27-sarge-security:
+2.4.27:
+2.4.19-woody-security:
+2.4.18-woody-security:
+2.4.17-woody-security:
+2.4.16-woody-security:
+2.4.17-woody-security-hppa:
+2.4.17-woody-security-ia64:
Modified: patch-tracking/CVE-2006-0039
==============================================================================
--- patch-tracking/CVE-2006-0039 (original)
+++ patch-tracking/CVE-2006-0039 Mon May 29 10:02:23 2006
@@ -7,8 +7,8 @@
jmm> exposure is leakage of sensitive information
dannf> Submitted to Marcelo for 2.4
Bugs:
-upstream:
-linux-2.6:
+upstream: released (2.6.16.17)
+linux-2.6:
2.6.8-sarge-security: pending (2.6.8-16sarge3)
2.4.27-sarge-security: pending (2.4.27-10sarge3)
2.4.27:
Added: patch-tracking/CVE-2006-1855
==============================================================================
--- (empty file)
+++ patch-tracking/CVE-2006-1855 Mon May 29 10:02:23 2006
@@ -0,0 +1,16 @@
+Candidate: CVE-2006-1855
+References:
+Description:
+Notes:
+Bugs:
+upstream:
+linux-2.6:
+2.6.8-sarge-security:
+2.4.27-sarge-security:
+2.4.27:
+2.4.19-woody-security:
+2.4.18-woody-security:
+2.4.17-woody-security:
+2.4.16-woody-security:
+2.4.17-woody-security-hppa:
+2.4.17-woody-security-ia64:
Added: patch-tracking/CVE-2006-1856
==============================================================================
--- (empty file)
+++ patch-tracking/CVE-2006-1856 Mon May 29 10:02:23 2006
@@ -0,0 +1,16 @@
+Candidate: CVE-2006-1856
+References:
+Description:
+Notes:
+Bugs:
+upstream:
+linux-2.6:
+2.6.8-sarge-security:
+2.4.27-sarge-security:
+2.4.27:
+2.4.19-woody-security:
+2.4.18-woody-security:
+2.4.17-woody-security:
+2.4.16-woody-security:
+2.4.17-woody-security-hppa:
+2.4.17-woody-security-ia64:
Added: patch-tracking/CVE-2006-2444
==============================================================================
--- (empty file)
+++ patch-tracking/CVE-2006-2444 Mon May 29 10:02:23 2006
@@ -0,0 +1,16 @@
+Candidate: CVE-2006-2444
+References:
+Description: SNMP NAT remote DoS
+Notes:
+Bugs:
+upstream: released (2.6.16.18)
+linux-2.6:
+2.6.8-sarge-security:
+2.4.27-sarge-security:
+2.4.27:
+2.4.19-woody-security:
+2.4.18-woody-security:
+2.4.17-woody-security:
+2.4.16-woody-security:
+2.4.17-woody-security-hppa:
+2.4.17-woody-security-ia64:
Added: patch-tracking/CVE-2006-2629
==============================================================================
--- (empty file)
+++ patch-tracking/CVE-2006-2629 Mon May 29 10:02:23 2006
@@ -0,0 +1,23 @@
+Candidate: CVE-2006-2629
+References:
+ URL:http://marc.theaimsgroup.com/?l=linux-kernel&m=114860432801543&w=2
+Description:
+ Race condition in Linux kernel 2.6.15 to 2.6.17, when running on SMP
+ platforms, allows local users to cause a denial of service (crash) by
+ creating and exiting a large number of tasks, then accessing the /proc
+ entry of a task that is exiting, which causes memory corruption that
+ leads to a failure in the prune_dcache function or a BUG_ON error in
+ include/linux/list.h.
+Notes:
+Bugs:
+upstream:
+linux-2.6:
+2.6.8-sarge-security:
+2.4.27-sarge-security:
+2.4.27:
+2.4.19-woody-security:
+2.4.18-woody-security:
+2.4.17-woody-security:
+2.4.16-woody-security:
+2.4.17-woody-security-hppa:
+2.4.17-woody-security-ia64:
Modified: patch-tracking/dsa-texts/dsa-XXXX-1.kernel-source-2.4.18
==============================================================================
--- patch-tracking/dsa-texts/dsa-XXXX-1.kernel-source-2.4.18 (original)
+++ patch-tracking/dsa-texts/dsa-XXXX-1.kernel-source-2.4.18 Mon May 29 10:02:23 2006
@@ -1,10 +1,10 @@
--------------------------------------------------------------------------
Debian Security Advisory DSA 10XX-1 security at debian.org
http://www.debian.org/security/ Martin Schulze, Dann Frazier
-April XXth, 2006 http://www.debian.org/security/faq
+May 20th, 2006 http://www.debian.org/security/faq
--------------------------------------------------------------------------
-Package : kernel-source-2.4.18
+Package : kernel-source-2.4.18,kernel-image-2.4.18-1-alpha,kernel-image-2.4.18-1-i386,kernel-image-2.4.18-hppa,kernel-image-2.4.18-powerpc-xfs,kernel-patch-2.4.18-powerpc,kernel-patch-benh
Vulnerability : several
Problem-Type : local/remote
Debian-specific: no
@@ -165,18 +165,15 @@
The following matrix explains which kernel version for which architecture
fix the problems mentioned above:
- Debian 3.1 (sarge)
- Source 2.4.27-10sarge2
- Alpha architecture 2.4.27-10sarge2
- ARM architecture 2.4.27-2sarge2
- Intel IA-32 architecture 2.4.27-10sarge2
- Intel IA-64 architecture 2.4.27-10sarge2
- Motorola 680x0 architecture 2.4.27-3sarge2
- Big endian MIPS architecture 2.4.27-10.sarge1.040815-2
- Little endian MIPS architecture 2.4.27-10.sarge1.040815-2
- PowerPC architecture 2.4.27-10sarge2
- IBM S/390 architecture 2.4.27-2sarge2
- Sun Sparc architecture 2.4.27-9sarge2
+ Debian 3.0 (woody)
+ Source 2.4.18-14.4
+ Alpha architecture 2.4.18-15woody1
+ Intel IA-32 architecture 2.4.18-13.2
+ HP Precision architecture 62.4
+ PowerPC architecture 2.4.18-1woody6
+ PowerPC architecture/XFS 20020329woody1
+ PowerPC architecture/benh 20020304woody1
+ Sun Sparc architecture
We recommend that you upgrade your kernel package immediately and reboot
the machine.
More information about the Kernel-svn-changes
mailing list