diff options
| author | Moritz Muehlenhoff <jmm@debian.org> | 2007-08-31 20:11:58 +0000 |
|---|---|---|
| committer | Moritz Muehlenhoff <jmm@debian.org> | 2007-08-31 20:11:58 +0000 |
| commit | 00f48ebb2b7b1262d9123ed1fd838197ab7dc5b4 (patch) | |
| tree | 142d54a51405e3f5004dfe3ab8e01c2116ba7acb | |
| parent | b8ebb0ef35d4a1636320467b58b83002e4670ed7 (diff) | |
updates
git-svn-id: svn+ssh://svn.debian.org/svn/kernel-sec@940 e094ebfe-e918-0410-adfb-c712417f3574
| -rw-r--r-- | active/CVE-2006-6128 | 4 | ||||
| -rw-r--r-- | active/CVE-2006-6535 | 2 | ||||
| -rw-r--r-- | active/CVE-2007-3380 | 8 | ||||
| -rw-r--r-- | retired/CVE-2007-3851 | 2 |
4 files changed, 10 insertions, 6 deletions
diff --git a/active/CVE-2006-6128 b/active/CVE-2006-6128 index 428248cb..c61791bb 100644 --- a/active/CVE-2006-6128 +++ b/active/CVE-2006-6128 @@ -14,9 +14,11 @@ Description: Ubuntu-Description: Notes: dannf> low impact - ignoring for sarge for now + jmm> ignored, only exploitable with manipulated fs images, for which mount + jmm> privs are needed Bugs: upstream: -linux-2.6: +linux-2.6: ignored 2.6.18-etch-security: ignored (2.6.18.dfsg.1-12etch1) 2.6.8-sarge-security: ignored (2.6.8-16sarge7) 2.4.27-sarge-security: ignored (2.4.27-10sarge6) diff --git a/active/CVE-2006-6535 b/active/CVE-2006-6535 index 8e817452..0799057c 100644 --- a/active/CVE-2006-6535 +++ b/active/CVE-2006-6535 @@ -8,7 +8,7 @@ Ubuntu-Description: Notes: Bugs: upstream: released (2.6.10) -linux-2.6: +linux-2.6: N/A 2.6.18-etch-security: N/A 2.6.8-sarge-security: released (2.6.8-16sarge7) [dev_queue_xmit-error-path.dpatch] 2.4.27-sarge-security: diff --git a/active/CVE-2007-3380 b/active/CVE-2007-3380 index 0719718a..430c2895 100644 --- a/active/CVE-2007-3380 +++ b/active/CVE-2007-3380 @@ -8,10 +8,12 @@ Ubuntu-Description: Notes: dannf> Debian's 2.6.18 isn't affected, but the redhat-cluster package may be. + jmm> redhat-cluster doesn't appear affected neither, TCP connection code + not present. Fixed in git on 2007-07-09, marking 2.6.23 as fixed Bugs: -upstream: -linux-2.6: -2.6.18-etch-security: ignored (2.6.18.dfsg.1-13etch1) "not in linux-2.6" +upstream: pending (2.6.23) +linux-2.6: pending (2.6.23-1) +2.6.18-etch-security: N/A 2.6.8-sarge-security: N/A 2.4.27-sarge-security: N/A 2.6.15-dapper-security: released (2.6.15-28.57) diff --git a/retired/CVE-2007-3851 b/retired/CVE-2007-3851 index 16642a96..24883f4b 100644 --- a/retired/CVE-2007-3851 +++ b/retired/CVE-2007-3851 @@ -14,7 +14,7 @@ Notes: jmm> Code was introduced after 2.6.18, but backported to Etch Bugs: upstream: released (2.6.22.2) -linux-2.6: +linux-2.6: released (2.6.22-4) 2.6.18-etch-security: released (2.6.18.dfsg.1-13etch1) [bugfix/i965-secure-batchbuffer.patch] 2.6.8-sarge-security: N/A 2.4.27-sarge-security: N/A |