[kernel] r6757 - in patch-tracking: dsa-texts

Moritz Muehlenhoff jmm-guest at costa.debian.org
Mon May 29 10:02:33 UTC 2006


Author: jmm-guest
Date: Mon May 29 10:02:23 2006
New Revision: 6757

Added:
   patch-tracking/CVE-2004-2660
   patch-tracking/CVE-2005-4798
   patch-tracking/CVE-2006-1855
   patch-tracking/CVE-2006-1856
   patch-tracking/CVE-2006-2444
   patch-tracking/CVE-2006-2629
Modified:
   patch-tracking/CVE-2006-0039
   patch-tracking/dsa-texts/dsa-XXXX-1.kernel-source-2.4.18

Log:
add more issues


Added: patch-tracking/CVE-2004-2660
==============================================================================
--- (empty file)
+++ patch-tracking/CVE-2004-2660	Mon May 29 10:02:23 2006
@@ -0,0 +1,17 @@
+Candidate: CVE-2004-2660
+References: 
+Description: 
+Notes: 
+ jmm> This was only covered by MITRE in May 2006
+Bugs: 
+upstream: 
+linux-2.6:
+2.6.8-sarge-security: 
+2.4.27-sarge-security: 
+2.4.27:
+2.4.19-woody-security: 
+2.4.18-woody-security: 
+2.4.17-woody-security: 
+2.4.16-woody-security: 
+2.4.17-woody-security-hppa: 
+2.4.17-woody-security-ia64: 

Added: patch-tracking/CVE-2005-4798
==============================================================================
--- (empty file)
+++ patch-tracking/CVE-2005-4798	Mon May 29 10:02:23 2006
@@ -0,0 +1,18 @@
+Candidate: CVE-2005-4798
+References: 
+Description: 
+Notes: 
+ jmm> Current 2.6 not affected per Ingo Molnar
+ jmm> http://www.ussg.iu.edu/hypermail/linux/kernel/0509.1/1333.html
+Bugs: 
+upstream: 
+linux-2.6:
+2.6.8-sarge-security: 
+2.4.27-sarge-security: 
+2.4.27:
+2.4.19-woody-security: 
+2.4.18-woody-security: 
+2.4.17-woody-security: 
+2.4.16-woody-security: 
+2.4.17-woody-security-hppa: 
+2.4.17-woody-security-ia64: 

Modified: patch-tracking/CVE-2006-0039
==============================================================================
--- patch-tracking/CVE-2006-0039	(original)
+++ patch-tracking/CVE-2006-0039	Mon May 29 10:02:23 2006
@@ -7,8 +7,8 @@
  jmm> exposure is leakage of sensitive information
  dannf> Submitted to Marcelo for 2.4
 Bugs: 
-upstream: 
-linux-2.6:
+upstream: released (2.6.16.17)
+linux-2.6: 
 2.6.8-sarge-security: pending (2.6.8-16sarge3)
 2.4.27-sarge-security: pending (2.4.27-10sarge3)
 2.4.27:

Added: patch-tracking/CVE-2006-1855
==============================================================================
--- (empty file)
+++ patch-tracking/CVE-2006-1855	Mon May 29 10:02:23 2006
@@ -0,0 +1,16 @@
+Candidate: CVE-2006-1855
+References: 
+Description: 
+Notes: 
+Bugs: 
+upstream: 
+linux-2.6:
+2.6.8-sarge-security: 
+2.4.27-sarge-security: 
+2.4.27:
+2.4.19-woody-security: 
+2.4.18-woody-security: 
+2.4.17-woody-security: 
+2.4.16-woody-security: 
+2.4.17-woody-security-hppa: 
+2.4.17-woody-security-ia64: 

Added: patch-tracking/CVE-2006-1856
==============================================================================
--- (empty file)
+++ patch-tracking/CVE-2006-1856	Mon May 29 10:02:23 2006
@@ -0,0 +1,16 @@
+Candidate: CVE-2006-1856
+References: 
+Description: 
+Notes: 
+Bugs: 
+upstream: 
+linux-2.6:
+2.6.8-sarge-security: 
+2.4.27-sarge-security: 
+2.4.27:
+2.4.19-woody-security: 
+2.4.18-woody-security: 
+2.4.17-woody-security: 
+2.4.16-woody-security: 
+2.4.17-woody-security-hppa: 
+2.4.17-woody-security-ia64: 

Added: patch-tracking/CVE-2006-2444
==============================================================================
--- (empty file)
+++ patch-tracking/CVE-2006-2444	Mon May 29 10:02:23 2006
@@ -0,0 +1,16 @@
+Candidate: CVE-2006-2444
+References: 
+Description: SNMP NAT remote DoS
+Notes: 
+Bugs: 
+upstream: released (2.6.16.18)
+linux-2.6:
+2.6.8-sarge-security: 
+2.4.27-sarge-security: 
+2.4.27:
+2.4.19-woody-security: 
+2.4.18-woody-security: 
+2.4.17-woody-security: 
+2.4.16-woody-security: 
+2.4.17-woody-security-hppa: 
+2.4.17-woody-security-ia64: 

Added: patch-tracking/CVE-2006-2629
==============================================================================
--- (empty file)
+++ patch-tracking/CVE-2006-2629	Mon May 29 10:02:23 2006
@@ -0,0 +1,23 @@
+Candidate: CVE-2006-2629
+References: 
+ URL:http://marc.theaimsgroup.com/?l=linux-kernel&m=114860432801543&w=2
+Description: 
+ Race condition in Linux kernel 2.6.15 to 2.6.17, when running on SMP
+ platforms, allows local users to cause a denial of service (crash) by
+ creating and exiting a large number of tasks, then accessing the /proc
+ entry of a task that is exiting, which causes memory corruption that
+ leads to a failure in the prune_dcache function or a BUG_ON error in
+ include/linux/list.h.
+Notes: 
+Bugs: 
+upstream: 
+linux-2.6:
+2.6.8-sarge-security: 
+2.4.27-sarge-security: 
+2.4.27:
+2.4.19-woody-security: 
+2.4.18-woody-security: 
+2.4.17-woody-security: 
+2.4.16-woody-security: 
+2.4.17-woody-security-hppa: 
+2.4.17-woody-security-ia64: 

Modified: patch-tracking/dsa-texts/dsa-XXXX-1.kernel-source-2.4.18
==============================================================================
--- patch-tracking/dsa-texts/dsa-XXXX-1.kernel-source-2.4.18	(original)
+++ patch-tracking/dsa-texts/dsa-XXXX-1.kernel-source-2.4.18	Mon May 29 10:02:23 2006
@@ -1,10 +1,10 @@
 --------------------------------------------------------------------------
 Debian Security Advisory DSA 10XX-1                    security at debian.org
 http://www.debian.org/security/               Martin Schulze, Dann Frazier
-April XXth, 2006                        http://www.debian.org/security/faq
+May 20th, 2006                          http://www.debian.org/security/faq
 --------------------------------------------------------------------------
 
-Package        : kernel-source-2.4.18
+Package        : kernel-source-2.4.18,kernel-image-2.4.18-1-alpha,kernel-image-2.4.18-1-i386,kernel-image-2.4.18-hppa,kernel-image-2.4.18-powerpc-xfs,kernel-patch-2.4.18-powerpc,kernel-patch-benh
 Vulnerability  : several
 Problem-Type   : local/remote
 Debian-specific: no
@@ -165,18 +165,15 @@
 The following matrix explains which kernel version for which architecture
 fix the problems mentioned above:
 
-                                     Debian 3.1 (sarge)
-     Source                          2.4.27-10sarge2
-     Alpha architecture              2.4.27-10sarge2
-     ARM architecture                2.4.27-2sarge2
-     Intel IA-32 architecture        2.4.27-10sarge2
-     Intel IA-64 architecture        2.4.27-10sarge2
-     Motorola 680x0 architecture     2.4.27-3sarge2
-     Big endian MIPS architecture    2.4.27-10.sarge1.040815-2
-     Little endian MIPS architecture 2.4.27-10.sarge1.040815-2
-     PowerPC architecture            2.4.27-10sarge2
-     IBM S/390 architecture          2.4.27-2sarge2
-     Sun Sparc architecture          2.4.27-9sarge2
+                                     Debian 3.0 (woody)
+     Source                          2.4.18-14.4
+     Alpha architecture              2.4.18-15woody1
+     Intel IA-32 architecture        2.4.18-13.2
+     HP Precision architecture       62.4 
+     PowerPC architecture            2.4.18-1woody6
+     PowerPC architecture/XFS        20020329woody1            
+     PowerPC architecture/benh       20020304woody1
+     Sun Sparc architecture          
 
 We recommend that you upgrade your kernel package immediately and reboot
 the machine.



More information about the Kernel-svn-changes mailing list